1) Who This Policy Applies To
This policy applies to visitors to our website, customers who create an account, and anyone whose personal data is processed through the Message Wizard service (for example, if your details appear in an email order sent to a customer using Message Wizard).
2) What Data We Collect
Depending on how you interact with Message Wizard, we may collect:
Account data
Name, email address, company name, login details and billing details.
Customer Data in the service
Inbound emails, attachments (PDF/Excel/Word/etc.), order content, metadata, and structured outputs generated by Message Wizard.
Usage data
Feature usage, timestamps, processing activity, and credit consumption.
Technical data
IP address, device information, browser type, and diagnostic logs.
3) How We Use Your Data
We use personal data to operate, secure and support Message Wizard, including to:
- Parse emailed purchase orders into structured order data.
- Provide dashboards, review queues and approvals.
- Generate exports (e.g., CSV) and deliver data via webhooks/API.
- Provide customer support and communicate service updates.
- Detect abuse, prevent fraud and maintain security.
4) Our Lawful Bases for Processing (UK GDPR)
We process personal data under one or more of these lawful bases:
- Contract
- To provide the service you signed up for.
- Legitimate interests
- To secure and improve the service, prevent misuse, and operate our business.
- Legal obligation
- Where required (e.g., tax/financial record keeping).
- Consent
- Where required (e.g., certain cookies or marketing communications).
5) No AI Training on Customer Data
We do not use Customer Data to train AI models. Emails, attachments and generated orders processed by Message Wizard are treated as operational data only.
We do not train, fine-tune or improve public or shared AI models using your emails, attachments or order outputs.
6) Security & Data Isolation
Message Wizard is built with a multi-tenant architecture. Each customer is assigned a unique tenant identifier, and data is logically isolated to prevent access by other customers.
- Encryption in transit and at rest.
- Tenant-isolated storage and access controls (partitioning by tenant ID).
- Security monitoring and audit logging.
- Hosted on Microsoft Azure (UK region where configured).
8) Data Retention & Deletion
We retain data only for as long as necessary for the purposes described in this policy, including to provide the service, resolve issues, and meet legal obligations.
Default retention: 90 days for source emails and logs (unless configured otherwise). You may request earlier deletion or set custom retention (including zero-retention modes where available). Backups are purged on a rolling basis per our policy.
9) Your Rights
Depending on your circumstances, you may have rights under UK GDPR, including:
Access
Request a copy of your personal data.
Rectification
Ask us to correct inaccurate or incomplete data.
Erasure
Request deletion in certain cases.
Objection & restriction
Object to processing or request restriction where applicable.
To exercise your rights, contact us at contact@msg-wiz.com.
11) Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will post an updated version on this page and update the effective date.
12) Contact
If you have any questions about this policy or our data practices, contact:
Message Wizard Limited
Office 2 Yorkshire House, Nostell, Wakefield, United Kingdom, WF4 1AB
Email: contact@msg-wiz.com
Want to see Message Wizard?
Start with 200 free credits — no credit card required.