1. Introduction
At ThriveTools, we are committed to protecting the privacy and personal data of our users. This GDPR Compliance Policy outlines how we comply with the General Data Protection Regulation (GDPR), ensuring that your personal information is collected, processed, and stored in accordance with European Union (EU) data protection laws.
2. Data Controller
CrownThrive LLC, located at P.O. Box 201, Gretna, VA 24557, is the data controller responsible for the processing of your personal data on ThriveTools. If you have any questions or concerns regarding our data processing practices, please contact us at contact@crownthrive.com.
3. Legal Basis for Data Processing
We process personal data in accordance with the GDPR, based on one or more of the following legal grounds:
- Consent: We process personal data based on your explicit consent for specific purposes, such as receiving newsletters or participating in surveys.
- Contractual Necessity: We process personal data as necessary to fulfill our contractual obligations to you, such as providing access to our services.
- Legal Obligation: We process personal data to comply with legal obligations, such as tax reporting or responding to lawful requests from public authorities.
- Legitimate Interests: We process personal data based on our legitimate interests, provided that such processing does not override your rights and freedoms. These interests include improving our services, enhancing user experience, and ensuring the security of our platform.
4. Data Subject Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right to Access: You have the right to request access to the personal data we hold about you, including information on how we process and store it.
- Right to Rectification: You have the right to request the correction of inaccurate or incomplete personal data.
- Right to Erasure: You have the right to request the deletion of your personal data, subject to certain legal exceptions.
- Right to Restrict Processing: You have the right to request that we limit the processing of your personal data under certain circumstances.
- Right to Data Portability: You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to transfer it to another data controller.
- Right to Object: You have the right to object to the processing of your personal data based on legitimate interests or direct marketing purposes.
- Right to Withdraw Consent: If we process your personal data based on your consent, you have the right to withdraw your consent at any time.
- Right to Lodge a Complaint: You have the right to file a complaint with a supervisory authority if you believe that our processing of your personal data violates the GDPR.
5. Data Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These measures include encryption, access controls, and regular security assessments.
6. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. Once the retention period expires, your data will be securely deleted or anonymized.
7. International Data Transfers
As a U.S.-based company, some of your personal data may be transferred to and processed in the United States or other countries outside the EU. We ensure that such transfers are carried out in compliance with the GDPR, using appropriate safeguards such as Standard Contractual Clauses or obtaining your explicit consent.
8. Third-Party Processors
We may engage third-party service providers to process your personal data on our behalf. These processors are contractually obligated to adhere to the same data protection standards as we do, and they are only permitted to process your data in accordance with our instructions.
9. Changes to This Policy
We may update this GDPR Compliance Policy to reflect changes in our data processing practices or legal requirements. We will notify you of any significant changes by posting the updated policy on this page. You are advised to review this policy periodically for any updates.
10. Contact Information
If you have any questions about this GDPR Compliance Policy or your rights under the GDPR, please contact us:
CrownThrive LLC
P.O. Box 201
Gretna, VA 24557
Email: contact@crownthrive.com