Privacy Policy

1. Introduction

This Privacy Policy describes how Thrivevivrenew ("we," "us," or "our") collects, uses, stores, and protects personal data when you visit our website at thrivevivrenew.world, use our contact form, purchase educational products, or participate in our screen-free evening programs and consulting services.

We are committed to protecting your privacy and processing your personal data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) where applicable, and other relevant data protection legislation. This policy applies to all visitors and users of our services regardless of geographic location.

By using our website or submitting personal information through any of our channels, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please refrain from using our website and services.

2. Data Controller Information

The data controller responsible for your personal data is:

Thrivevivrenew
452 Broadway, New York, NY 10013, USA
Phone: +1 212-431-4770
Email: touch@thrivevivrenew.world

For any questions regarding this Privacy Policy or the processing of your personal data, you may contact us using the information above. We will respond to privacy-related inquiries within 30 days of receipt.

3. Personal Data We Collect

We collect personal data in several categories depending on how you interact with our website and services:

3.1 Information You Provide Directly

• Contact form submissions: Name, email address, message content, and GDPR consent confirmation when you use our contact form.
• Program inquiries: Information you share when requesting details about screen-free programs, consulting sessions, or educational products.
• Purchase information: Name, email address, billing address, and payment details when you purchase educational products or program access.
• Consulting sessions: Information you voluntarily share during one-on-one guidance sessions, including details about your evening routines and preferences.

3.2 Information Collected Automatically

• Device and browser data: IP address, browser type and version, operating system, device type, and screen resolution.
• Usage data: Pages visited, time spent on pages, referral source, click patterns, and navigation paths within our website.
• Cookie data: Information stored through cookies and similar technologies as described in our Cookie Policy.

3.3 Information from Third Parties

We may receive limited information from payment processors to confirm transaction completion and from analytics providers when you have consented to analytics cookies. We do not purchase personal data from data brokers.

4. Purposes of Data Processing

We process your personal data for the following specific purposes:

• Service delivery: To respond to your inquiries, provide educational program materials, conduct consulting sessions, and fulfill product purchases.
• Communication: To send transactional emails such as order confirmations, program access details, and responses to contact form submissions.
• Website improvement: To analyze usage patterns and improve the functionality, content, and user experience of our website.
• Legal compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests.
• Security: To detect, prevent, and address fraud, unauthorized access, and other security incidents.
• Marketing: With your explicit consent, to send informational updates about new programs, educational content, and relevant offerings.

5. Legal Basis for Processing

Under the GDPR, we process personal data based on the following legal grounds:

• Consent (Article 6(1)(a)): When you submit our contact form, accept cookies, or opt in to marketing communications.
• Contract performance (Article 6(1)(b)): When processing is necessary to fulfill a contract with you, such as delivering purchased educational products or scheduled consulting sessions.
• Legitimate interests (Article 6(1)(f)): For website analytics (with consent), security monitoring, and improving our services, balanced against your privacy rights.
• Legal obligation (Article 6(1)(c)): When processing is required to comply with tax, accounting, or other legal requirements.

6. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Contact form data: Retained for 24 months from the date of submission, unless a business relationship is established.
• Customer and purchase records: Retained for 7 years to comply with tax and accounting obligations.
• Consulting session notes: Retained for 12 months after the final session, then anonymized or deleted.
• Analytics data: Retained in aggregated form for up to 26 months.
• Cookie consent records: Retained for 12 months from the date of consent.
• Marketing preferences: Retained until you withdraw consent or request deletion.

When retention periods expire, personal data is securely deleted or anonymized so that it can no longer be associated with you.

7. Data Sharing and Third Parties

We do not sell your personal data. We may share data with the following categories of recipients when necessary:

• Service providers: Hosting providers, email delivery services, payment processors, and analytics platforms that process data on our behalf under strict data processing agreements.
• Professional advisors: Legal, accounting, or consulting professionals bound by confidentiality obligations.
• Legal authorities: When required by law, court order, or governmental regulation.

All third-party processors are required to implement appropriate technical and organizational measures to protect your data and process it only according to our instructions.

8. International Data Transfers

Thrivevivrenew is based in the United States. If you access our website from the European Economic Area (EEA), United Kingdom, or other regions with data protection laws, your personal data may be transferred to and processed in the United States.

Where international transfers occur, we implement appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the European Commission, and we ensure that recipient organizations maintain adequate data protection standards.

9. Security Measures

We implement technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

• HTTPS encryption for all data transmitted between your browser and our servers.
• Encrypted storage of sensitive data at rest using industry-standard encryption protocols.
• Access controls limiting personal data access to authorized personnel on a need-to-know basis.
• Regular security assessments and vulnerability monitoring of our systems.
• Secure payment processing through PCI-compliant payment providers — we do not store full credit card numbers on our servers.
• Employee training on data protection practices and confidentiality requirements.
• Incident response procedures for detecting, reporting, and addressing data breaches within 72 hours as required by GDPR.

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security but commit to notifying affected individuals and relevant authorities in the event of a data breach as required by law.

10. Your Rights Under GDPR

If you are located in the EEA, UK, or other jurisdictions granting similar rights, you have the following rights regarding your personal data:

• Right of access: Request a copy of the personal data we hold about you.
• Right to rectification: Request correction of inaccurate or incomplete personal data.
• Right to erasure: Request deletion of your personal data when it is no longer necessary for the purposes collected, or when you withdraw consent.
• Right to restrict processing: Request limitation of processing under certain circumstances.
• Right to data portability: Receive your personal data in a structured, commonly used, machine-readable format.
• Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent: Withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
• Right to lodge a complaint: File a complaint with your local data protection authority if you believe your rights have been violated.

To exercise any of these rights, contact us at touch@thrivevivrenew.world. We will verify your identity before processing requests and respond within 30 days.

11. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance functionality and analyze usage. For detailed information about the cookies we use, their purposes, and how to manage your preferences, please refer to our Cookie Policy.

12. Children's Privacy

Our website and services are intended for adults aged 18 and older. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we have collected personal data from a minor, we will take steps to delete that information promptly. Parents or guardians who believe their child has provided personal data to us should contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via email or a prominent notice on our website.

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your data.

14. Contact Information

For privacy-related questions, data subject requests, or concerns about our data processing practices, please contact:

Thrivevivrenew — Privacy Team
452 Broadway, New York, NY 10013, USA
Phone: +1 212-431-4770
Email: touch@thrivevivrenew.world