Privacy Policy

The Masuri Group Limited

Version: 6.1
Last Data Audit: 10 June 2025
Responsibility: Katie Lightowler, Data Protection Manager

This Privacy Policy explains how The Masuri Group Limited (“Masuri”, “we”, “us”, “our”) collects, uses, and protects personal data. The law that applies depends on your location, primarily:

  • United Kingdom: UK GDPR & Data Protection Act 2018

  • Australia: Privacy Act 1988 & Australian Privacy Principles (APPs)

  • India: Digital Personal Data Protection Act 2023 (DPDP Act) – applicable to incidental interactions only, as we do not sell directly to India.

1. Company and Contact Details

The Masuri Group Limited
Unit F, Wykeham Industrial Estate
Moorside Road, Winnall
Hampshire SO23 7RX, United Kingdom

Email: katie.lightowler@masuri.com
Phone: +44 (0)1962 715818

We act as the Data Controller for personal data that we collect and process.

2. Scope of This Policy

This Policy applies to personal data collected:

  • From visitors to our websites and digital platforms

  • When you contact us by email, phone, social media, or in person

  • From customers, suppliers, and business partners

  • Through CCTV or video communications at our premises

  • From interactions with individuals located in the UK, Australia, or India

Personal data may be collected even if no purchase is made.

3. Information We Collect

Category Examples
Identity Name, title, job role
Contact Email address, phone number, postal address
Technical IP address, browser type, device data, cookies
Profile Account details, preferences
Usage Website interaction and service use
Marketing Communication preferences
Visual CCTV footage, video call recordings where used for business purposes


Payment Information: Payments are processed by PCI-DSS compliant third-party providers. We retain only transaction references required for accounting, refunds, and dispute management.

4. How We Use Your Data

We process personal data to:

  • Respond to inquiries and provide support

  • Supply product and service information

  • Manage customer and supplier relationships

  • Improve our website, products, and security

  • Send marketing communications where you have consented

  • Meet legal and regulatory obligations

  • Protect staff, visitors, and property (including CCTV)

India – Limited Processing Notice

For individuals located in India, data is processed only for the specific purposes for which it was provided (e.g., responding to an inquiry). We do not market or sell directly to India. You may withdraw consent at any time by contacting us.

5. Lawful Basis (UK)

For UK users we rely on:

  • Contract: to provide products or services

  • Legal obligation: accounting, safety, regulatory duties

  • Consent: marketing communications and optional cookies

  • Legitimate interests, including:

    • responding to inquiries

    • improving products and security

    • preventing fraud and misuse

    • managing business relationships

We conduct a Legitimate Interests Assessment to ensure your rights are not overridden. You may object to this processing at any time.

Australia

Processing is carried out in accordance with the Australian Privacy Principles, including APP 6 (use and disclosure) and APP 8 (cross-border disclosure).

India

Where Indian law applies, processing is based on consent or legal obligation in line with the DPDP Act.

6. Children

We do not intentionally target or market to children.

  • India: verifiable parental consent is required for individuals under 18.

  • UK & Australia: where interactions involve children, we will seek parental involvement in line with risk-based guidance.

If you believe a child has provided data without appropriate consent, please contact us.

7. Data Retention

We keep personal data only for as long as necessary, considering:

  • Legal limitation periods

  • Warranty and contractual obligations

  • Ongoing relationship with you

  • Regulatory requirements

Typical periods:

  • General inquiries: up to 12 months

  • Contracts and orders: duration plus up to 7 years

  • CCTV: up to 30 days unless required for investigation

Data is deleted or anonymised when no longer required.

8. Data Sharing

We may share data with:

  • Approved service providers (IT, hosting, finance, logistics)

  • Professional advisers (legal, audit, insurance)

  • Authorities where legally required

International Transfers

  • UK: transfers occur only with adequacy regulations or approved safeguards (e.g., Standard Contractual Clauses).

  • Australia: transfers comply with APP 8 or with your consent.

  • India: any transfer will follow requirements permitted under the DPDP Act.

Key processing locations include the UK, EU, and Australia.

9. Cookies

  • Necessary cookies operate essential website functions

  • Analytics and marketing cookies require consent

  • Preferences can be managed via the cookie banner or browser settings

10. Your Rights

UK

  • Access, correction, erasure

  • Restriction and portability

  • Object to processing

  • Rights relating to automated decisions

  • Complain to the ICO (www.ico.org.uk)

Australia

  • Access and correction

  • Make a complaint to us or to the OAIC (www.oaic.gov.au)

  • Where lawful, interact anonymously or by pseudonym

India

  • Access, correction, erasure

  • Withdraw consent

  • Complaint to our Grievance Officer

India Grievance Contact:
Email: katie.lightowler@masuri.com
Response time: within 30 days

11. Automated Decision-Making and AI

We do not make solely automated decisions that produce legal or similarly significant effects without human involvement.
Where AI tools assist our operations, you may request:

  • information about the logic used

  • human review

  • to opt out where applicable

12. CCTV and Security Recording

CCTV and video systems are used for:

  • health and safety

  • crime prevention

  • protection of assets

Footage is retained in line with Section 7 and accessed only by authorised personnel.

13. Business Transfers

If the business is sold or reorganised, personal data may be transferred to the new owner under appropriate confidentiality and security obligations.

14. Third-Party Websites

Our website may link to external sites. We are not responsible for their privacy practices and encourage you to review their policies.

15. Changes

This Policy may be updated to reflect legal or operational changes. The latest version will be available on our website.

16. Contact

Katie Lightowler – Data Protection Manager
Email: katie.lightowler@masuri.com
Phone: +44 (0)1962 715818