Home About Us Realty Consulting Capital Contact Get in Touch

Privacy Policy

How MSA Group collects, uses, and protects your personal information.

Last updated: May 2026

1. About this policy

This privacy policy explains how MSA Group Ltd ("MSA Group", "we", "us", "our") collects and processes personal data when you visit msagrp.co.uk or get in touch with us. We operate within the UK and are committed to handling your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who we are (the data controller)

The data controller responsible for your personal data is:

  • MSA Group Ltd · Company No. 16277238
  • Registered in England & Wales
  • Registered office: 3rd Floor, 86–90 Paul Street, London EC2A 4NE
  • Email: enquiries@msagrp.co.uk

3. What we collect

We only collect data you give us directly. Specifically:

  • Contact form submissions — name, email address, organisation (optional), enquiry type, and message content
  • Email and WhatsApp correspondence — any information you choose to share when you message us
  • Server logs — your IP address, browser type, referring page, and timestamp (kept for security and abuse prevention; typically deleted after 30 days)

We do not use analytics cookies, tracking pixels, advertising trackers, or third-party data brokers. We do not buy contact lists. We do not sell your data.

4. Why we collect it (lawful basis)

We process your data on the following lawful bases under UK GDPR:

  • Legitimate interest — to respond to enquiries and provide the services you've asked about
  • Contract — where we're in commercial discussion or have agreed an engagement
  • Legal obligation — where required (e.g. anti-money-laundering checks before engaging with co-investors)
  • Consent — where you've explicitly opted in

5. How long we keep it

We keep personal data only as long as we need it. Indicatively:

  • Enquiries that don't progress: deleted within 12 months
  • Engaged clients or co-investors: retained for the duration of the relationship plus 7 years (for legal and tax record-keeping)
  • Server logs: ~30 days

6. Sharing your data

We do not sell or rent your personal data to anyone. We may share it only with:

  • Our hosting and email service providers (currently Hostinger) — strictly to enable the technical operation of the site and email
  • Professional advisers (legal, accounting) where required for our engagement with you
  • Authorities — only where legally required

7. Your rights

Under UK GDPR you have the right to:

  • Ask what data we hold about you (subject access request)
  • Ask us to correct or update inaccurate data
  • Ask us to delete your data (right to erasure)
  • Ask us to restrict or stop processing your data
  • Ask for a copy of your data in a portable format
  • Object to processing where we rely on legitimate interest
  • Withdraw consent at any time, where consent is our lawful basis

To exercise any of these rights, email enquiries@msagrp.co.uk. We will respond within one month.

8. Cookies

This site does not currently use tracking cookies. Functional preferences (such as dismissing the WhatsApp button) may be stored using your browser's local storage — this stays on your device and is not transmitted to us.

9. Complaints

If you believe we have mishandled your data and we haven't resolved your concern, you can complain to the UK's Information Commissioner's Office (ICO):

10. Updates to this policy

We may update this policy from time to time. The "Last updated" date at the top of this page tells you when the policy was most recently changed.

Need to get in touch about your data? Email enquiries@msagrp.co.uk with "Data request" in the subject line.