PRIVACY

Privacy Policy


Disclaimer:
Thrive is committed to protecting data subjects’ personal data and is working hard on updating its data protection policies and procedures to ensure compliance with the Law.
As you may have heard, the new Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, effective May 25, 2018 ("EU General Data Protection Regulation" or "GDPR") is being launched in Europe. To keep up to date with these new laws, Thrive has updated its privacy policy and terms of services effective August 28, 2020 ("Privacy Policy").
Thrive is not subject to the requirements of the California Consumer Privacy Act (CCPA).
We look forward to continuing to be a part of your team. If you have any questions about our Privacy Policy, terms of services or general security questions, please reach out to our support team privacy@thrivedigital.com.
---

PRIVACY POLICY

This Privacy Policy describes the manner in which Thrive collects, uses, maintains and discloses information collected from users ("Users") accessing its site https://www.thrivedigital.com ("Site"). This Privacy Policy applies to the Site and all services offered by Thrive ("Services"). This page informs Users of the Site about Thrive’s policies regarding the collection, use and disclosure of personal information ("Personal Data") it receives from them.
Thrive uses Users’ Personal Data only for providing them with Services they have requested and improving the Site. By using the Site, Users agree to the collection and use of their Personal Data in accordance with this Privacy Policy.
Updates in this Privacy Policy reflect recent changes in data protection law, in particular the GDPR, and aims to provide data subjects with a clearer understanding of how Thrive manages all Users’ Personal Data. This Privacy Policy also tells Users how they can request access, deletion, rectification, restriction, transfer, and withdraw consent (where applicable) as well as make a complaint.
This Privacy Policy has been compiled to better serve those who are concerned with how their Personal Data, or personally identifiable information, is being used online. Personal Data, as described in EU data protection legislation, is all data that relates to an identifiable person, which can be used on its own or with other information to directly or indirectly, identify a single person, or to identify an individual in context.
Please read Thrive’s Privacy Policy carefully to get a clear understanding of how Thrive collects, uses, protects or otherwise handles Users’ Personal Data in accordance with the Site.
Applicability
This Privacy Policy applies to Personal Data from the European Union that is collected and retained in Canada. As a result, Personal Data will be transferred outside the European Economic Area ("EEA"). Thrive has taken all necessary steps to ensure that all Personal Data is provided with adequate protection and that all transfers done outside the EEA are done lawfully.
This Privacy Policy does not apply to any third party applications or software that integrate with Thrive’s Services or any other third party products, services or business.

Personal Data Collected and Received

Personal Data
Thrive may collect Personal Data from Users in a variety of ways, including, but not limited to, when Users (i) visit the Site, (ii) submit forms on the Site, and (iii) in connection with other activities, Services, features or resources Thrive makes available on the Site. Users may be asked for, as appropriate and in particular, their name, email address, telephone number and curriculum vitae (CV). Thrive will collect Personal Data from Users only if they voluntarily submit such information. Users can always refuse to supply Personal Data, except that it may prevent them from engaging in certain Site related activities. Thrive will never sell Users’ Personal Data to third parties and will not use their name or company name in any marketing statements without obtaining their consent in writing which may be withdrawn at any time.
Non-Personal Data
Thrive may collect non-Personal Data about Users whenever they interact with the Site and where that data does not allow the identification of Users. Non-Personal Data may include the browser name, the type of computer and technical information about Users, means of connection to the Site, such as the operating system and the internet service providers utilized and other similar information.
Other data
HubSpot – Thrive uses this software to perform its inbound marketing strategies. When Users submit a form on the Site, this data is logged and stored in files within HubSpot.
Log Data – When Users access or use the Site, Thrive records this data in log files. Log Data may include IP address, previously visited web page addresses, browser type and settings, browser configurations and plugins, language and cookie data.
Device Information – Thrive collects information about Users’ computer, phone, tablet, or other devices they use to access the Site.
Location information – Thrive will receive this information from Users during the Site account registration as well as from its vendor partners to approximate Users’ location.
All the above data that relates to an identifiable person who can be directly or indirectly identified from that data, will be considered as Personal Data and Thrive will ask for the Users’ consent before collecting such data.

Cookies

Web Browser Cookies
The Site may use cookies, small files that a site or its service provider transfers to Users’ computer's hard drive through their Web browser (if they allow it) that enables the site's or service provider's systems to recognize their browser and capture and remember certain information (“Cookies”) to enhance Users’ experience. Users’ web browser places Cookies on their hard drive for record-keeping purposes and sometimes to track information about them. Thrive uses Cookies to help provide Users with personalized Services and to help make the Site and Services better for Users.
Does Thrive use Cookies?
Yes.
Please see below for Thrive’s list of Cookies:

By using the Site, Users may also receive certain third party Cookies on the computer or device. Third party Cookies are those placed by sites, services and/or parties other than Thrive. These Cookies are not related to the functioning of the Site and the Users’ use and experiences of the Site will not be impaired by refusing consent to them.
Thrive uses cookies to:
Compile aggregate data about Site traffic and Site interactions in order to offer better Site experiences and tools in the future. Thrive may also use trusted third-party services that track this information on its behalf.
Consent:
Before Cookies are placed on the Users’ computers or devices, a pop-up prompt requesting their consent to set those Cookies will be shown to them. By giving their consent to Cookies, Users will enable Thrive to provide the best possible experience and service to them.
Types of Cookies:
Strictly necessary cookies: These cookies are needed for the Site to function properly. Users may still block these Cookies by changing the internet browser’s settings. However, the Site may not work properly.
Performance Cookies and analytics Cookies: Website analytics refers to a set of tools used to collect and analyze anonymous use of information, enabling Thrive to better understand how the Site is used. It also enables Thrive to improve the Site and Services offered through it. Thrive’s use of them does not include any risks to the Users’ privacy or safe use of the Site and it enables it to continually improve the Site.
Functionality Cookies: These Cookies allow the Site to remember choices made by Users and their personal features.
Targeting and advertising Cookies: These Cookies are used to deliver adverts more relevant to the Users’ interests.
How to disable Cookies?
Users may choose to have their computers warn them each time Cookies are being sent, or they can choose to turn off all Cookies through their browser settings. If they do so, some parts of the Site may not function properly. By default, most internet browsers accept Cookies but this can be changed. For further details, Users should consult the help menu in their internet browsers or documentation that came with their devices.
How Thrive Uses Collected Personal Data?
Thrive will only collect the minimum amount of data it needs to supply Users with Services. All Users’ Personal Data is processed and stored securely, for no longer than is necessary in light of the reasons for which it was first collected. Thrive’s use of Personal Data will always have a lawful basis, either because (i) it is necessary for Thrive’s performance of a contract entered into with the User, (ii) the User consented to Thrive’s collection and use of Personal Data (e.g. by subscribing to emails), (iii) it is Thrive’s legitimate interest to collect such Personal Data, provided that Users interests do not override Thrive’s interests (Users may notify Thrive if they believe it has not assessed this correctly in relation to their own Personal Data), or (iv) when Thrive needs to comply with a legal or regulatory obligation. Thrive collects and uses Users’ Personal Data for the following purposes:
  1. To personalize Users’ experience.
  2. Thrive may use information in the aggregate to understand how Users as a group use the Services and resources provided on the Site.
  3. To improve the Site.
  4. Thrive continually strives to improve the Site offerings based on the information and feedback it receives from Users.
  5. To improve customer service.
  6. Users’ Personal Data helps us to more effectively respond to Thrive’s customer service requests and support needs.
  7. Users’ email addresses will only be used to respond to their inquiries, and/or other requests or questions.
  8. As required by applicable law, legal process or regulation.
  9. For Billing, account management and other administrative matters.
  10. For investigative and preventive measures against Site abuse.
  11. Thrive uses information about Users when granted consent for a specific purpose not listed above. For example, Thrive may publish testimonials or feature customer stories to promote its Services. Thrive will always ask for consent prior to posting any information for promotional purposes.
Sharing and Disclosure of Personal Data
Thrive will only share Users’ Personal Data with third parties when it is legally permitted to do so. When Thrive shares Personal Data with them, it puts contractual arrangements and security mechanisms in place to protect Personal Data and to comply with Thrive’s data protection, security standards and present Privacy Policy. Thrive will only disclose or share Users’ Personal Data for the following purposes:
  1. User’s Request: Thrive will share all Personal Data based on User’s request and instructions.
  2. Legal Compliance: If requested by the legal Authority, Thrive may disclose Users’ Personal Data that it determines to be in accordance or required by any applicable law.
  3. Enforcement: Thrive also reserves the right to disclose Users’ Personal Data to investigate, prevent, or take action against illegal activities, suspected fraud, or situations involving a physical threat to any such persons in accordance with any applicable law or regulation.
  4. Consent: Thrive may share Users’ Personal Data with other third parties after receiving their consent.
  5. Third party service providers and partners: Thrive works with third-party service providers and partners to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for Thrive, which may require them to access or use Users’ Personal Data. If a service provider needs to access information about Users to perform Services on Thrive’s behalf, they do so under instruction from Thrive, including abiding by policies and procedures designed to protect Users’ Personal Data. To Thrive’s knowledge, its third party service providers and partners are in compliance with the GDPR. Thrive will take all reasonable steps to ensure that the Personal Data will be handled safely, securely and in accordance with the Users’ rights. Please email Thrive for additional information. Thrive uses third parties located in other countries to help it run its business. As a result, Personal Data may be transferred in other countries outside the EEA and in countries that do not have laws that provide specific protection for Personal Data. Thrive has taken steps to ensure that all Personal Data is provided with adequate protection and that all other transfers of Personal Data outside the EEA are done lawfully. Where Thrive transfers Personal Data to another country outside the EEA and not determined by the European Commission as providing an adequate level of protection for Personal Data, the transfers will be under an agreement which covers the requirements for the transfer of Personal Data outside the EEA, such as the European Commission approved Standard Contractual Clauses.
Specifically, Personal Data held by Thrive may be transferred to:
  • Operational Partners: Thrive works with third parties who provide in particular, billing, support technical services to deliver and implement solutions to its Users. Thrive may share Users’ Personal Data with these third parties in connection with their services, such as to assist with billing cycles, to provide localized support, and to provide customizations work. Thrive may also share information with these third parties where Users have granted consent to share any information, for example, technical support services.
  • Data hosting service provider: Thrive uses data hosting service providers in the United States to host the collected Personal Data.
  • Links to third party sites: Thrive’s Services may include links that direct Users to other sites or services whose privacy practices may differ. What you submit to these third party sites are governed under their privacy policies and are not covered by Thrive’s Privacy Policy. Thrive advises Users to check the privacy policy of such sites before providing data to them.

Personal Data Deletion

Personal Data is not kept any longer than is required for the purposes of the processing or to comply with the law. When Personal Data is no longer required, it is securely removed from Thrive’s systems.
Users, at any time, may request a deletion of their Personal Data. If such a request is made relating to Personal Data remaining in backups and life-cycle, Thrive maintains to ensure not to store such data inside backups for more than thirty (30) days. Users may email privacy@thrivedigital.com to request data deletion.
All Personal Data shall be deleted or erased in a secure and confidential manner.

Personal Data Retention

Storage and security
Thrive uses technical measures to secure all Personal Data. Despite the thorough security measures and safeguards that Thrive implements to protect Personal Data from theft, misuse or accidental destruction and to keep it confidential, no security system is impenetrable and due to the inherent nature of the internet, Thrive cannot guarantee that Personal Data, during transmission through the internet or while stored on its systems or otherwise in its care, is absolutely safe from intrusion by others. Thrive has policies in place in case of such a situation and will respond to requests about this within a reasonable timeframe.
The operations of Thrive does not require its employees to have access to systems which store and process Users’ Personal Data. All employees are prohibited from viewing Users’ Personal Data for any reasons unless absolutely necessary to do so.
In addition, Thrive limits the access of agents, contractors and other third parties to Users’ Personal Data.
All employees and third parties who process Personal Data on Thrive’s behalf, who access the Users’ Personal Data are obliged to keep the information confidential and secure and not to use it for any other purpose other than that they are deemed to carry out for Thrive.
How long do we keep information?
Personal Data is not kept any longer than is required for the purposes of the processing or to comply with the law. The retention period depends on the type of data collected.
After such time, Thrive will make every effort to delete Users’ Personal Data or, if this is not possible (for example, because the Personal Data has been stored in backup archives), then Thrive will securely store the Personal Data and isolate it from any further use until deletion is possible.
Marketing and Promotional information: If Users have elected and provided consent to receive marketing and promotional emails from Thrive, Thrive retains information about Users' marketing preferences and contact details unless asked specifically to delete such Personal Data, provided that it does not exceed the default retention period as set out below. If Users wish to exercise their right, they may do so by sending Thrive an email to privacy@thrivedigital.com.
Thrive retains information derived from Cookies and other tracking technologies for a reasonable period of time from the date such information was created.

Sensitive Personal Data and Personal Data relating to children

Thrive will not actively collect any Sensitive Personal Data or special categories of Personal Data about Users (this includes details about race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about health and genetics and biometric data).
Thrive does not allow the use of its Services or Site to anyone younger than 16 years old unless consent is provided in writing by a legal guardian. Thrive will make the utmost effort to prohibit
the use of the Site by anyone not over the legal age. Should Thrive learn that anyone under 16 has unlawfully provided Personal Data, Thrive will take the necessary steps to delete such information.
Users of Services may choose to transmit Sensitive Personal Data or Personal Data relating to children over our service. If they do so: (i) they must have the appropriate authority to do so; (ii) acknowledge that Thrive does not monitor or review consent transmitted over its Services; and (iii) acknowledge that such Personal Data should be treated in accordance with this Privacy Policy.
Changes to Privacy Policy
Thrive has the discretion to update this Privacy Policy at any time. When it does make changes, Thrive will post a notification on the main page of the Site and send Users an email. Thrive encourages Users to frequently check this page for any changes to stay informed about how Thrive is helping to protect the Personal Data that it collects. Users acknowledge and agree that it is their responsibility to review this Privacy Policy periodically and become aware of modifications.
Data Protection Officer
Please contact Thrive's Data Protection Officer for any questions related to the Privacy Policy at privacy@thrivedigital.com.

User Rights

Users have certain statutory rights in relation to their Personal Data:
  1. The right to be informed about Thrive’s collection and use of Personal Data.
  2. The right to access their Personal Data and to receive a copy.
  3. The right to rectification if any Personal Data Thrive holds about them is inaccurate or incomplete. Users may contact Thrive at privacy@thrivedigital.com.
  4. The right to withdraw their consent.
  5. The right to be forgotten (the right to ask Thrive to delete any Personal Data it holds about a User. Thrive only holds this Personal Data for a limited time, but if the User would like Thrive to delete it sooner, Users may contact Thrive at privacy@thrivedigital.com.
  6. The right to restrict or prevent the processing of their Personal Data.
  7. The right to data portability (obtaining a copy of Users’ Personal Data to be used again by another service or organization).
  8. The right to object to Thrive using Users’ Personal Data for particular purposes.
  9. Rights with respect to automated decision making and profiling.
  10. The right to file a complaint. Requests will be dealt with and responded to within a reasonable period, and no longer than thirty (30) days. If the User is not satisfied with the way his request was handled, he has the right to lodge a complaint with the relevant supervisory authority. Please contact Thrive's Data Protection Officer for assistance at privacy@thrivedigital.com.

Withdrawal of consent

Where Thrive is processing Users’ Personal Data based on their consent or pursuant to a legitimate interest, Users have the right to withdraw such consent or object to the use of this legitimate interest as a ground for processing their Personal Data at any time. To do so: (i) Users may opt-out; or (ii) contact Thrive at privacy@thrivedigital.com.

References

Thrive's Terms of Service
This document was last updated on August 28th, 2020.