Privacy Policy

This Privacy Policy explains what personal data msgbrd.tv collects, how we use it, who we share it with, and what rights you have over it. We operate msgbrd.tv, a digital signage SaaS platform ("the Service"). This policy applies to everyone who visits our website, creates an account, or uses the platform.

We do not sell your data. We do not use your data for advertising. Read this fully — it is written to be understood, not to bury things.

Last updated: May 2026

1. Who We Are

msgbrd.tv is a digital signage platform operated as a SaaS product under the brand msgbrd.tv. For questions about this policy, contact us at [email protected].

2. Data We Collect

We collect data in three ways: data you give us directly, data generated by your use of the platform, and data from connected devices (screens).

2.1 Account and Organisation Data

When you register, we collect:

• Organisation name and slug
• Contact email address
• Contact phone number and WhatsApp number (if provided)
• Timezone
• Organisation logo (if uploaded)
• Subscription status and trial end date

2.2 User Account Data

For individual user accounts within an Organisation:

• Full name
• Email address
• Password (stored as a one-way hash — we cannot read it)
• Role and permissions within the Organisation
• Login timestamps and IP addresses

2.3 Content You Create

We store the content you create and manage through the platform, including:

• Playlists, slides, and media files (images, videos, HTML)
• Screen configurations and area groupings
• Emergency broadcast messages and history
• Scheduling rules and display settings

This content is yours. We store it solely to deliver the service.

2.4 Screen and Device Data

Connected screens send technical data to the platform, including:

• Device IP address at time of connection
• Device information (browser, OS, screen resolution) sent during pairing
• Last seen timestamp
• Connection and disconnection events
• Error events and playback status
• Polling activity logs

Screens do not capture or transmit any data about viewers or the physical environment.

2.5 Usage and Technical Data

We automatically collect technical data when you use the platform:

• Browser type and version
• Operating system
• Pages visited and features used within the admin panel
• Session duration and timestamps
• Referring URL
• Error logs

2.6 Payment Data

Payments are processed by a third-party payment gateway. We do not store your card number, CVV, or full payment details on our servers. We retain records of transaction amounts, dates, plan details, and payment status for billing and legal compliance purposes.

3. How We Use Your Data

We use the data we collect for the following purposes:

• Service delivery: Creating and managing your account, delivering playlists to screens, processing emergency broadcasts, and maintaining screen connectivity.
• Billing and account management: Processing payments, managing subscriptions, sending invoices, and handling renewals or cancellations.
• Platform security: Detecting and preventing fraudulent activity, unauthorised access, and abuse.
• Support: Responding to your queries and troubleshooting issues.
• Service improvement: Analysing usage patterns in aggregate to improve features and performance. We do not profile individual users for this purpose.
• Legal compliance: Meeting obligations under applicable laws, including data retention, tax, and regulatory requirements.
• Communications: Sending transactional emails (account alerts, billing notices, service updates). We do not send marketing emails without your explicit opt-in.

4. Legal Basis for Processing

Where applicable law requires a legal basis for processing personal data, we rely on:

• Contract performance: Processing necessary to provide the service you have contracted for.
• Legitimate interests: Security monitoring, fraud prevention, and service improvement, where these interests are not overridden by your rights.
• Legal obligation: Compliance with applicable laws and regulations.
• Consent: Where you have given explicit consent, such as opting into marketing communications.

5. Data Sharing and Third Parties

We do not sell your personal data to anyone, ever.

We share data only in the following limited circumstances:

5.1 Service Providers

We use third-party service providers to operate the platform. These providers process data only on our behalf and under strict data processing agreements:

• Cloud hosting and infrastructure: Servers, databases, and storage
• Email delivery: Transactional and alert emails
• Payment processing: Subscription billing and invoicing
• Error monitoring: Crash and error reporting

5.2 WhatsApp Notifications

If your Organisation has enabled WhatsApp notifications for emergency broadcasts, the message content and recipient phone number are transmitted via the WhatsApp Business API (Meta). This transmission is subject to Meta's data policies. You control whether this feature is enabled.

5.3 Legal Disclosure

We may disclose your data if required by law, court order, or a lawful request from a government authority. Where legally permitted, we will notify you before disclosing.

5.4 Business Transfer

In the event of a merger, acquisition, or sale of all or substantially all of our assets, your data may be transferred as part of that transaction. You will be notified via email and given the option to delete your account before the transfer takes effect.

6. Data Storage and Security

Your data is stored on servers located in secure data centres. We implement appropriate technical and organisational security measures including:

• Encryption of data in transit (HTTPS/TLS)
• Password hashing using industry-standard algorithms
• Access controls limiting who within our team can access production data
• Regular security reviews
• Screen authentication tokens that are unique, randomly generated, and never reused

No system is 100% secure. If we become aware of a data breach that affects your personal data, we will notify you promptly in accordance with applicable law.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the service. Specific retention periods:

• Account and Organisation data: Retained for the duration of your subscription and for 30 days after account termination, after which it is permanently deleted.
• Screen logs: Retained for 90 days on a rolling basis, then automatically purged.
• Billing records: Retained for 7 years to comply with financial and tax regulations.
• Deleted content: Content you delete (slides, media, playlists) is removed from active storage immediately and purged from backups within 30 days.
• Emergency broadcast history: Retained for audit purposes for 1 year, then deleted.

8. Cookies and Tracking

We use cookies and similar technologies on the msgbrd.tv website and admin panel for the following purposes:

• Essential cookies: Required for login sessions, authentication, and basic platform functionality. These cannot be disabled without breaking the service.
• Analytics cookies: Used to understand how the platform is used in aggregate. We use privacy-respecting analytics and do not use Google Analytics on the admin panel without your consent.

We do not use advertising or cross-site tracking cookies. The player software running on screens does not use cookies or track viewer behaviour.

9. Children's Privacy

msgbrd.tv is a business-to-business platform not intended for use by children under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has registered an account, contact us at [email protected] and we will delete the account promptly.

10. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention obligations.
• Portability: Request your data in a structured, machine-readable format.
• Restriction: Request that we limit processing of your data in certain circumstances.
• Objection: Object to processing based on legitimate interests.
• Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, email [email protected] with your request. We will respond within 30 days. We may ask you to verify your identity before processing the request.

11. Data of Viewers and End Audiences

msgbrd.tv screens display content to audiences in physical spaces (offices, clinics, salons, etc.). The platform does not collect, process, or store any personal data about viewers who see content on a connected screen. We do not use cameras, facial recognition, sensors, or any form of audience analytics. Screen telemetry is limited to device-level technical data only.

12. International Data Transfers

Our servers are operated in India. If you access the platform from outside India, your data may be transferred to and processed in India. By using the platform, you consent to this transfer. We take reasonable steps to ensure your data is handled securely regardless of where it is processed.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and update the "Last updated" date at the top of this page at least 14 days before changes take effect. Your continued use of the platform after the effective date constitutes acceptance of the updated policy.

We will not retroactively change how we use data you have already provided without obtaining fresh consent.

14. Contact and Complaints

For any privacy-related questions, requests, or concerns, contact us at:

If you are unsatisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.