Thrive is committed to protecting data subjects’ personal data and is working hard on updating
its data protection policies and procedures to ensure compliance with the Law.
As you may have heard, the new Regulation (EU) 2016/679 of the European Parliament and of
the Council of April 27, 2016, effective May 25, 2018 ("EU General Data Protection Regulation"
or "GDPR") is being launched in Europe. To keep up to date with these new laws, Thrive has
Thrive is not subject to the requirements of the California Consumer Privacy Act (CCPA).
We look forward to continuing to be a part of your team. If you have any questions about our
discloses information collected from users ("Users") accessing its site
offered by Thrive ("Services"). This page informs Users of the Site about Thrive’s policies
regarding the collection, use and disclosure of personal information ("Personal Data") it
receives from them.
Thrive uses Users’ Personal Data only for providing them with Services they have requested and
improving the Site. By using the Site, Users agree to the collection and use of their Personal
GDPR, and aims to provide data subjects with a clearer understanding of how Thrive manages
deletion, rectification, restriction, transfer, and withdraw consent (where applicable) as well as
make a complaint.
Personal Data, or personally identifiable information, is being used online. Personal Data, as
described in EU data protection legislation, is all data that relates to an identifiable person,
which can be used on its own or with other information to directly or indirectly, identify a single
person, or to identify an individual in context.
uses, protects or otherwise handles Users’ Personal Data in accordance with the Site.
retained in Canada. As a result, Personal Data will be transferred outside the European
Economic Area ("EEA"). Thrive has taken all necessary steps to ensure that all Personal Data is
provided with adequate protection and that all transfers done outside the EEA are done lawfully.
Thrive’s Services or any other third party products, services or business.
Personal Data Collected and Received
Thrive may collect Personal Data from Users in a variety of ways, including, but not limited to,
when Users (i) visit the Site, (ii) submit forms on the Site, and (iii) in connection with other
activities, Services, features or resources Thrive makes available on the Site. Users may be
asked for, as appropriate and in particular, their name, email address, telephone number and
curriculum vitae (CV). Thrive will collect Personal Data from Users only if they voluntarily submit
such information. Users can always refuse to supply Personal Data, except that it may prevent
them from engaging in certain Site related activities. Thrive will never sell Users’ Personal Data
to third parties and will not use their name or company name in any marketing statements
without obtaining their consent in writing which may be withdrawn at any time.
Thrive may collect non-Personal Data about Users whenever they interact with the Site and
where that data does not allow the identification of Users. Non-Personal Data may include the
browser name, the type of computer and technical information about Users, means of
connection to the Site, such as the operating system and the internet service providers utilized
and other similar information.
HubSpot – Thrive uses this software to perform its inbound marketing strategies. When Users
submit a form on the Site, this data is logged and stored in files within HubSpot.
Log Data – When Users access or use the Site, Thrive records this data in log files. Log Data
may include IP address, previously visited web page addresses, browser type and settings,
browser configurations and plugins, language and cookie data.
Device Information – Thrive collects information about Users’ computer, phone, tablet, or other
devices they use to access the Site.
Location information – Thrive will receive this information from Users during the Site account
registration as well as from its vendor partners to approximate Users’ location.
All the above data that relates to an identifiable person who can be directly or indirectly
identified from that data, will be considered as Personal Data and Thrive will ask for the Users’
consent before collecting such data.
Web Browser Cookies
computer's hard drive through their Web browser (if they allow it) that enables the site's or
service provider's systems to recognize their browser and capture and remember certain
information (“Cookies”) to enhance Users’ experience. Users’ web browser places Cookies on
their hard drive for record-keeping purposes and sometimes to track information about them.
and Services better for Users.
Please see below for Thrive’s list of Cookies:
By using the Site, Users may also receive certain third party Cookies on the computer or device.
Third party Cookies are those placed by sites, services and/or parties other than Thrive. These
Cookies are not related to the functioning of the Site and the Users’ use and experiences of the
Site will not be impaired by refusing consent to them.
Compile aggregate data about Site traffic and Site interactions in order to offer better Site
experiences and tools in the future. Thrive may also use trusted third-party services that track
this information on its behalf.
Before Cookies are placed on the Users’ computers or devices, a pop-up prompt requesting their
consent to set those Cookies will be shown to them. By giving their consent to Cookies, Users
will enable Thrive to provide the best possible experience and service to them.
Types of Cookies:Strictly necessary cookies: These cookies are needed for the Site to function properly. Users
may still block these Cookies by changing the internet browser’s settings. However, the Site
may not work properly.
Performance Cookies and analytics Cookies: Website analytics refers to a set of tools used to
collect and analyze anonymous use of information, enabling Thrive to better understand how
the Site is used. It also enables Thrive to improve the Site and Services offered through it.
Thrive’s use of them does not include any risks to the Users’ privacy or safe use of the Site and
it enables it to continually improve the Site.
Functionality Cookies: These Cookies allow the Site to remember choices made by Users and
their personal features.
Targeting and advertising Cookies: These Cookies are used to deliver adverts more relevant to
the Users’ interests.
How to disable Cookies?
Users may choose to have their computers warn them each time Cookies are being sent, or they
can choose to turn off all Cookies through their browser settings. If they do so, some parts of
the Site may not function properly. By default, most internet browsers accept Cookies but this
can be changed. For further details, Users should consult the help menu in their internet
browsers or documentation that came with their devices.
How Thrive Uses Collected Personal Data?
Thrive will only collect the minimum amount of data it needs to supply Users with Services. All
Users’ Personal Data is processed and stored securely, for no longer than is necessary in light
of the reasons for which it was first collected. Thrive’s use of Personal Data will always have a
lawful basis, either because (i) it is necessary for Thrive’s performance of a contract entered
into with the User, (ii) the User consented to Thrive’s collection and use of Personal Data (e.g. by
subscribing to emails), (iii) it is Thrive’s legitimate interest to collect such Personal Data,
provided that Users interests do not override Thrive’s interests (Users may notify Thrive if they
believe it has not assessed this correctly in relation to their own Personal Data), or (iv) when
Thrive needs to comply with a legal or regulatory obligation.
Thrive collects and uses Users’ Personal Data for the following purposes:
- To personalize Users’ experience.
Thrive may use information in the aggregate to understand how Users as a group use the
Services and resources provided on the Site.
- To improve the Site.
Thrive continually strives to improve the Site offerings based on the information and
feedback it receives from Users.
- To improve customer service.
Users’ Personal Data helps us to more effectively respond to Thrive’s customer service
requests and support needs.
Users’ email addresses will only be used to respond to their inquiries, and/or other
requests or questions.
- As required by applicable law, legal process or regulation.
- For Billing, account management and other administrative matters.
- For investigative and preventive measures against Site abuse.
Thrive uses information about Users when granted consent for a specific purpose not
listed above. For example, Thrive may publish testimonials or feature customer stories to
promote its Services. Thrive will always ask for consent prior to posting any information
for promotional purposes.
Sharing and Disclosure of Personal Data
Thrive will only share Users’ Personal Data with third parties when it is legally permitted to do
so. When Thrive shares Personal Data with them, it puts contractual arrangements and security
mechanisms in place to protect Personal Data and to comply with Thrive’s data protection,
Thrive will only disclose or share Users’ Personal Data for the following purposes:
Specifically, Personal Data held by Thrive may be transferred to:
- User’s Request: Thrive will share all Personal Data based on User’s request and
- Legal Compliance: If requested by the legal Authority, Thrive may disclose Users’ Personal
Data that it determines to be in accordance or required by any applicable law.
- Enforcement: Thrive also reserves the right to disclose Users’ Personal Data to
investigate, prevent, or take action against illegal activities, suspected fraud, or situations
involving a physical threat to any such persons in accordance with any applicable law or
- Consent: Thrive may share Users’ Personal Data with other third parties after receiving
- Third party service providers and partners: Thrive works with third-party service providers
and partners to provide website and application development, hosting, maintenance,
backup, storage, virtual infrastructure, payment processing, analysis and other services for
Thrive, which may require them to access or use Users’ Personal Data. If a service provider
needs to access information about Users to perform Services on Thrive’s behalf, they do
so under instruction from Thrive, including abiding by policies and procedures designed to
protect Users’ Personal Data. To Thrive’s knowledge, its third party service providers and
partners are in compliance with the GDPR. Thrive will take all reasonable steps to ensure
that the Personal Data will be handled safely, securely and in accordance with the Users’
rights. Please email Thrive for additional information.
Thrive uses third parties located in other countries to help it run its business. As a result,
Personal Data may be transferred in other countries outside the EEA and in countries that
do not have laws that provide specific protection for Personal Data. Thrive has taken steps
to ensure that all Personal Data is provided with adequate protection and that all other
transfers of Personal Data outside the EEA are done lawfully. Where Thrive transfers
Personal Data to another country outside the EEA and not determined by the European
Commission as providing an adequate level of protection for Personal Data, the transfers
will be under an agreement which covers the requirements for the transfer of Personal
Data outside the EEA, such as the European Commission approved Standard Contractual
- Operational Partners: Thrive works with third parties who provide in particular, billing,
support technical services to deliver and implement solutions to its Users. Thrive may
share Users’ Personal Data with these third parties in connection with their services,
such as to assist with billing cycles, to provide localized support, and to provide
customizations work. Thrive may also share information with these third parties where
Users have granted consent to share any information, for example, technical support
- Data hosting service provider: Thrive uses data hosting service providers in the United
States to host the collected Personal Data.
- Links to third party sites: Thrive’s Services may include links that direct Users to other
sites or services whose privacy practices may differ. What you submit to these third
party sites are governed under their privacy policies and are not covered by Thrive’s
providing data to them.
Personal Data Deletion
Personal Data is not kept any longer than is required for the purposes of the processing or to
comply with the law. When Personal Data is no longer required, it is securely removed from
Users, at any time, may request a deletion of their Personal Data. If such a request is made
relating to Personal Data remaining in backups and life-cycle, Thrive maintains to ensure not to
store such data inside backups for more than thirty (30) days. Users may email
firstname.lastname@example.org to request data deletion.
All Personal Data shall be deleted or erased in a secure and confidential manner.
Personal Data Retention
Storage and security
Thrive uses technical measures to secure all Personal Data. Despite the thorough security
measures and safeguards that Thrive implements to protect Personal Data from theft, misuse
or accidental destruction and to keep it confidential, no security system is impenetrable and due
to the inherent nature of the internet, Thrive cannot guarantee that Personal Data, during
transmission through the internet or while stored on its systems or otherwise in its care, is
absolutely safe from intrusion by others. Thrive has policies in place in case of such a situation
and will respond to requests about this within a reasonable timeframe.
The operations of Thrive does not require its employees to have access to systems which store
and process Users’ Personal Data. All employees are prohibited from viewing Users’ Personal
Data for any reasons unless absolutely necessary to do so.
In addition, Thrive limits the access of agents, contractors and other third parties to Users’
All employees and third parties who process Personal Data on Thrive’s behalf, who access the
Users’ Personal Data are obliged to keep the information confidential and secure and not to use
it for any other purpose other than that they are deemed to carry out for Thrive.
How long do we keep information?
Personal Data is not kept any longer than is required for the purposes of the processing or to
comply with the law. The retention period depends on the type of data collected.
After such time, Thrive will make every effort to delete Users’ Personal Data or, if this is not
possible (for example, because the Personal Data has been stored in backup archives), then
Thrive will securely store the Personal Data and isolate it from any further use until deletion is
Marketing and Promotional information: If Users have elected and provided consent to receive
marketing and promotional emails from Thrive, Thrive retains information about Users'
marketing preferences and contact details unless asked specifically to delete such Personal
Data, provided that it does not exceed the default retention period as set out below. If Users
wish to exercise their right, they may do so by sending Thrive an email to
Thrive retains information derived from Cookies and other tracking technologies for a
reasonable period of time from the date such information was created.
Sensitive Personal Data and Personal Data relating to children
Thrive will not actively collect any Sensitive Personal Data or special categories of Personal
Data about Users (this includes details about race or ethnicity, religious or philosophical beliefs,
sex life, sexual orientation, political opinions, trade union membership, information about health
and genetics and biometric data).
Thrive does not allow the use of its Services or Site to anyone younger than 16 years old unless
consent is provided in writing by a legal guardian. Thrive will make the utmost effort to prohibit
the use of the Site by anyone not over the legal age. Should Thrive learn that anyone under 16
has unlawfully provided Personal Data, Thrive will take the necessary steps to delete such
Users of Services may choose to transmit Sensitive Personal Data or Personal Data relating to
children over our service. If they do so: (i) they must have the appropriate authority to do so; (ii)
acknowledge that Thrive does not monitor or review consent transmitted over its Services; and
(iii) acknowledge that such Personal Data should be treated in accordance with this Privacy
Thrive will post a notification on the main page of the Site and send Users an email. Thrive
encourages Users to frequently check this page for any changes to stay informed about how
Thrive is helping to protect the Personal Data that it collects. Users acknowledge and agree that
Data Protection Officer
Users have certain statutory rights in relation to their Personal Data:
- The right to be informed about Thrive’s collection and use of Personal Data.
- The right to access their Personal Data and to receive a copy.
The right to rectification if any Personal Data Thrive holds about them is inaccurate or
incomplete. Users may contact Thrive at email@example.com.
- The right to withdraw their consent.
The right to be forgotten (the right to ask Thrive to delete any Personal Data it holds about
a User. Thrive only holds this Personal Data for a limited time, but if the User would like
Thrive to delete it sooner, Users may contact Thrive at firstname.lastname@example.org.
- The right to restrict or prevent the processing of their Personal Data.
The right to data portability (obtaining a copy of Users’ Personal Data to be used again by
another service or organization).
- The right to object to Thrive using Users’ Personal Data for particular purposes.
- Rights with respect to automated decision making and profiling.
The right to file a complaint.
Requests will be dealt with and responded to within a reasonable period, and no longer than
thirty (30) days. If the User is not satisfied with the way his request was handled, he has the
right to lodge a complaint with the relevant supervisory authority.
Please contact Thrive's Data Protection Officer for assistance at email@example.com.
Withdrawal of consent
Where Thrive is processing Users’ Personal Data based on their consent or pursuant to a
legitimate interest, Users have the right to withdraw such consent or object to the use of this
legitimate interest as a ground for processing their Personal Data at any time. To do so: (i)
Users may opt-out; or (ii) contact Thrive at firstname.lastname@example.org.
Thrive's Terms of Service
This document was last updated on August 28th, 2020.