Last Updated: May 30, 2020
Welcome to Thrive Global Holdings Inc. (“Thrive”, “we”, “us” and/or “our”). Our mobile application (“App”) helps users (“Users,” “you,” or “your”) achieve behavior change through “too small to fail” microsteps, personal assessments, video micro-learning, inspiring stories and other content and resources. Our website (“Site”) also allows you to easily access and use content, including features, resources and other information intended to help you change the way you live and work. Collectively, the services we provide through the Site and the App from time to time are defined as the “Service(s)”.
INFORMATION WE COLLECT
When you interact with our Site or App, we collect information that, alone or in combination with other information, could be used to identify you (“Personal Data”), described below.
I. App Users
Automatically Collected Data. When you download and use our App we will automatically collect certain information, described under the Automatically Collected Data section below.
Location Information. When enabled by you, we collect location information provided by your device. We may also obtain location information you provide in your profile or from your Internet Protocol (IP) address. With your consent where required by the applicable law, we may also determine location by using other data from your device, such as precise location information from GPS, information about wireless networks or cell towers near your mobile device.
II. Site Users
Personal Data You Provide Us. We collect information that visitors to the Site enter when you sign up on the Site (e.g., email and password) or send to us electronically, for example when completing any “free text” boxes in our forms (such as on our “Contact Us” page, support request or survey submission), requesting information, registering for an event, or subscribing to email lists. While the type of data we collect depends on the nature of the inquiry, it typically includes name and contact details, company information, and phone number.
Automatically Collected Data. We automatically collect certain information relating to your use of our Site, described under the Automatically Collected Data section below.
Location Information. When enabled by you, we collect location information provided by your device. We may also obtain location information you provide in your profile or from your Internet Protocol (IP) address. With your consent where required by the applicable law, we may also determine location by using other data from your device, such as precise location information from GPS, information about wireless networks or cell towers near your device.
III. Automatically Collected Data
When you use the Site or the App, the following information is created and automatically logged in our systems:
HOW WE USE INFORMATION
We use your Personal Data collected for the following purposes:
To authenticate Users and provide the Services. This processing is necessary to provide you with access to and use of the Services.
As necessary for certain legitimate business interests, which include the following:
For individuals in the European Union (“EU”) and Switzerland, please see the “European Union (EU) Users” section below for information on what we mean by legitimate interests and your rights.
Marketing. We may contact you to tell you about content, services or products we believe will be of interest to you. If we do, where required by law, for example if you are a User in the EU, we will only send you marketing information if you consent to us doing so at the time you provide us with your Personal Data. You may opt out of receiving such emails by following the instructions contained in each promotional email we send you or by updating your user settings. In addition, if at any time you do not wish to receive future marketing communications, please contact us at [email protected] We will continue to contact you via email regarding the provision of our Services and to respond to your requests.
Usage Data. We glean valuable insights from your use of and interactions with the Services, including the aggregated and/or anonymized data that is derived from your and others’ use of the Services. We may create such aggregated and/or anonymized data from or using your interactions and contributions to the Services (including your content) and other metrics related to your usage of the Services. We use such aggregated and/or anonymized data in connection with our internal operations and functions, including, but not limited to, operational analytics and reporting, internal financial reporting and analysis, audit functions and archival purposes, as well as in connection with our other business purposes.
SHARING AND DISCLOSURE OF INFORMATION
We may share or disclose your information at your direction, such as when you authorize a third-party service to access your account or when you voluntarily share information or content via the Services.
There are certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, unless required by the law, as set forth below:
If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving these communications and in accordance with our policies.
To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.
UPDATE YOUR INFORMATION
If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us as described in the “Contact Us” section below. We will address your request as required by applicable law.
Scope. This section applies if you are a User in the EU (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and, to the extent applicable, Switzerland).
Data Controller. Thrive Global Holdings Inc. is the data controller for processing Personal Data provided to us through the Services. To find out our contact details, please see the “Contact Us” section below.
You can also contact DPR Group, who has been appointed as Thrive’s Data Protection Representative in the EU pursuant to Article 27 of the General Data Protection Regulation on matters related to the processing of your Personal Data. If you want to raise a question to Thrive, or otherwise exercise your rights in respect of your personal data (described below), please contact DPR Group as follows:
|Austria||DPR Group, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria|
|Belgium||DPR Group, Place de L’Université 16, Louvain-La-Neuve, Waals Brabant, 1348, Belgium|
|Bulgaria||DPR Group, 132 Mimi Balkanska Str., Sofia, 1540, Bulgaria|
|Croatia||DPR Group, Ground & 9th Floor, Hoto Tower, Savska cesta 32, Zagreb, 10000, Croatia|
|Cyprus||DPR Group, Victory House, 205 Archbishop Makarios Avenue, Limassol, 3030, Cyprus|
|Czech Republic||DPR Group, IQ Ostrava Ground floor, 28. rijna 3346/91, Ostrava-mesto, Moravska, Ostrava, Czech Republic|
|Denmark||DPR Group, Lautruphøj 1-3, Ballerup, 2750, Denmark|
|Estonia||DPR Group, 2nd Floor, Tornimae 5, Tallinn, 10145, Estonia|
|Finland||DPR Group, Luna House, 5.krs, Mannerheimintie 12 B, Helsinki, 00100, Finland|
|France||DPR Group, 72 rue de Lessard, Rouen, 76100, France|
|Germany||DPR Group, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany|
|Greece||DPR Group, 24 Lagoumitzi str, Athens, 17671, Greece|
|Hungary||DPR Group, EMKE Building, Rákóczi Út 42, Budapest, 1072, Hungary|
|Ireland||DPR Group, Phoenix House, Monahan Road, Cork, T12 H1XY, Republic of Ireland|
|Italy||DPR Group, BPM 335368, Via Roma 12, 10073 , Turin, Italy|
|Latvia||DPR Group, 4th & 5th floors, 14 Terbatas Street, Riga, LV-1011, Latvia|
|Lithuania||DPR Group, Vilniaus g.31, Vilnius, LT- 01402, Lithuania|
|Luxembourg||DPR Group, BPM 335368, Banzelt 4 A, 6921, Roodt-sur-Syre, Luxembourg|
|Malta||DPR Group, Tower Business Centre, 2nd floor, Tower Street, Swatar, BKR4013, Malta|
|Netherlands||DPR Group, Cuserstraat 93, Floor 2 and 3, Amsterdam, 1081 CN, Netherlands|
|Poland||DPR Group, Budynek Fronton ul Kamienna 21, Krakow, 31-403, Poland|
|Portugal||DPR Group, Torre de Monsanto, Rua Afonso Praça 30, 7th floor, Algès, Lisbon, 1495-061, Portugal|
|Romania||DPR Group, World Trade Centre, Piata Montreal no 10, Entrance F, 1st Floor, Sector 1, Bucharest, 11469, Romania|
|Slovakia||DPR Group, Apollo Business Centre II, Block E / 9th floor, 4D Prievozska, Bratislava, 821 09, Slovakia|
|Slovenia||DPR Group, Trg. Republike 3, Floor 3, Ljubljana, 1000, Slovenia|
|Spain||DPR Group, Puerta de las Naciones, Ribera del Loira 46, Madrid, 28042, Spain|
|Sweden||DPR Group, S:t Johannesgatan 2, 4th floor, Malmo, SE – 211 46, Sweden|
|United Kingdom||DPR Group, BPM 335368, 372 Old Street, EC1V 9AU, London, United Kingdom|
Your Rights. Subject to applicable EU law, you have the following rights in relation to your Personal Data that we hold about you:
Children. The Services are not directed to EU data subjects who are children who are under the age of 16. Thrive does not knowingly collect Personal Data from children who are under 16. If you have reason to believe that a child under the age of 16 has provided Personal Data to Thrive through the Services please contact us and we will endeavor to delete that information from our databases.
The Services are not directed to children who are under the age of 13. Thrive does not knowingly collect Personal Data from children who are under 13. If you have reason to believe that a child under the age of 13 has provided Personal Data to Thrive through the Services please contact us and we will endeavor to delete that information from our databases.
Some cookies expire after a certain amount of time, or upon logging out (session cookies); others remain on your computer or terminal device for a longer period (persistent cookies). Our Site uses first party cookies (cookies set directly by Thrive) as well as third party cookies, as described below. For more details on cookies please visit All About Cookies.
Type of Cookies Used. The Site uses the technologies described below.
|Analytics/performance||We use “analytics” cookies that allow us to recognize and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our Site works, for example by making sure users are finding what they need easily. The collected data provides us only with anonymous traffic statistics (like number of page views, number of visitors, and time spent on each page). These cookies also may allow us to track how often posts on third party websites, such as social media sites, are clicked on.||FacebookGoogle AnalyticsKeyweeParselyQuantcastQuora||Facebook Work PrivacyGoogle AnalyticsGA Cookie ExpirationKeyweeParselyQuantcastQuoraFacebook||Google Analytics: Opt-out Browser Add-onKeywee: Users can opt out by disabling cookies for keywee.co.Parsely: Auto Opt-outQuantcast: Opt outQuora: Opt out|
Technologies used on the App. We use Mixpanel on the App to track how Users interact with our App to make better informed product decisions. The information collected includes event-based data to determine the value of individual features and demographic information on Users, which may include a User’s locations and device configurations, age and gender. For more information on Mixpanel’s privacy practices, visit https://mixpanel.com/legal/privacy-policy/. We also use Google Analytics, a web analytics service provided by Google Inc., to gather statistics on your use of the App. For more information on Google Analytics privacy practices, read here.
Your Choices. On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive a notification when you are receiving a new cookie and how to turn cookies off. Please see the links below for guidance on how to modify your web browser’s settings on the most popular browsers:
Please note that if you limit the ability of websites to set cookies, you may be unable to access certain parts of the Site and you may not be able to benefit from the full functionality of the Site.
If you access the Site on your mobile device, you may not be able to control tracking technologies through the settings.
You use Services at your own risk. Thrive takes steps to protect the Personal Data provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from the Services may not be secure. Therefore, you should keep this in mind when disclosing Personal Data to us and take special care in deciding what information you disclose to us over the Internet or send to us via e-mail. We cannot control the actions of other Users with whom you may choose to share information. Therefore, we cannot, and do not, guarantee that information or content posted by a User on or through the Services will not be viewed by unauthorized persons. We are not responsible for circumvention of any privacy settings or security measures contained on the Services.
Your access to and use of the Services is subject to any additional terms applicable to such Services that may be posted on the Services from time to time, including without limitation, Thrive’s Terms and Conditions Agreement at https://www.thriveglobal.com/thrive/terms.
Data Transfers. We rely on the EU-U.S. and Swiss-U.S. Privacy Shield certification to transfer Personal Data that we receive from the EU and Switzerland to Thrive in the U.S. (for more information, please read the “Privacy Shield” section below).
General. We rely on our Privacy Shield certification to transfer Personal Data that we receive from the EU and Switzerland to Thrive in the U.S. and we process such in accordance with the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability (“Privacy Shield Principles”), as described below.
Accountability for Onward Transfers. We may be accountable for the Personal Data we receive under the Privacy Shield that we may transfer to third-party service providers (as described in the “Sharing and Disclosure of Information” section above) if they process Personal Data in a manner inconsistent with the Privacy Shield Principles and we are responsible if they do so and for the harm caused.
Access. You have certain rights to access, correct, amend, or delete Personal Data where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. Please see the “European Union (EU) Users” section above for more information on the rights of Users in the EU (and, to the extent applicable, Users in Switzerland). When we process Personal Data on behalf of our Customers, we will process such requests pursuant to our contract with the applicable Customer.
Recourse, Enforcement, Liability. In compliance with the Privacy Shield Principles, Thrive commits to resolve complaints about our processing of your Personal Data. European Union and Swiss individuals with inquiries or complaints regarding this Private Shield Policy should first contact Thrive as follows:
We have further committed to refer unresolved Privacy Shield complaints to an alternative dispute resolution provider. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider JAMS (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield. Thrive will cooperate with JAMS pursuant to the JAMS International Mediation Rules, available on the JAMS website at www.jamsadr.com/international-mediation-rules.
If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
We are subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to Personal Data received or transferred pursuant to the Frameworks.
Thrive Global Holdings, Inc.
New York, NY 10012
If you are an individual in the EU, you can also contact DPR Group, who has been appointed as Thrive’s Data Protection Representative in the EU pursuant to Article 27 of the General Data Protection Regulation. Please read the European Union (EU) Users section above to learn how to contact DPR Group.