Effective September 18, 2023

1. Purpose of this Privacy Policy

Please read the following policy to understand how your personal information will be treated as you make full use of our Website. When we talk about our Website or our Service, we are referring collectively to www.freetothrive.com (“Free to Thrive”), the Free to Thrive Forum, any related website(s), any corresponding mobile application(s) and any services provided by us through such websites and/or application(s). When we talk about Thrive, “we”, “our” or “us” in this policy, we are referring to Clear Compass Media, LLC, the company that provides the Free to Thrive Website and Service. If you have any questions, concerns or complaints related to this Privacy Policy or our processing of your personal information, please email us here: [email protected]. This email address is monitored on a regular basis and we aim to respond to your query as soon as possible.

The Privacy Policy has three main purposes:

1. Explain the way we use information that you share with us in order give you a great experience with our Website;
2. Ensure that you understand what information we collect with your permission, what we do with it and with whom we share it; and
3. Explain your rights under applicable law.

All the information we collect is related to providing our Website or Service. By agreeing to our Privacy Policy, you give us the right to collect your information as detailed in this Privacy Policy and use it for the purposes described in this Privacy Policy. IF YOU DON’T AGREE WITH THE TERMS OF THIS PRIVACY POLICY, THEN PLEASE DON’T USE THE WEBSITE OR SERVICE.

2. Information we collect

The information we collect includes personal identifiers, commercial information, electronic network activity and geolocation data, and can be divided into the following broad categories:

• Technical Data includes internet protocol (IP) address, your login data, device type, device version, browser type and version, browser plug-ins types, time zone setting and location, traffic data, search criteria, weblogs and other communications data, operating system and platform and other technology on the devices you use to access the Website, and mobile service provider’s information.
• Usage Data includes information about how you use our Website or Service, such as the particular pages you interact with, how often you visit, how long you’re on the Website, surveys, the service you’re looking at and the emails and text messages you interact with or send.
• Verification Data includes proof of identity and proof of address as further detailed in our Subject Access Request Form.
• Financial Data includes details about your payment history and services or products you have purchased from us.
• Identity Data includes full name, address, telephone number, email address, username, password.
• Image Data includes photographs and videos of you that you provide.
• Voluntary Mobile Data includes photos, mobile device location, voice data and contacts that you expressly grant us to via your mobile device.

More specifically, we may collect and store the following information relating to you:

2.1 Anonymous data

When you visit our Website, we collect some basic information that does not identify individual users. This includes which pages are visited and any feedback from our visitors. We then aggregate this information with other pieces of information to improve our Website and make your experience on the Website as valuable and efficient as possible. We may also collect and accumulate anonymous data that will help us understand and analyze the online experience of our Website users. For instance, we may accumulate visitor data relating to referring domain names, the type of browsers used, operating system software, screen resolutions, color capabilities, browser plug-ins, language settings, cookie preferences, search engine keywords and JavaScript enablement.

2.2 Direct Interactions

We collect information from you when you voluntarily submit information directly to us or via our Website. For subscribers, this refers to personal data you provide when, for example, you create or join a group, complete a profile, or by corresponding with us via phone, email or live chat. This personal information may include name, age, address, phone and email, as necessary to set up your account or process an order. If you connect to the Website using credentials from a third-party application (e.g., Facebook), you authorize us to collect your authentication information, such as your username and encrypted access credentials. We may also collect other information available on or through your third-party application account, including, for example, your name, profile picture, country, hometown, email address, date of birth, gender, friends’ names and profile pictures, and networks.

In addition to the information we may collect upon your initial registration, we may ask you for personal information at other times. We will not share that information in a manner that identifies you as an individual with any other entity unless we have your permission.

2.3 Information submitted by you for inclusion on the Website

Information, pictures and media files you may upload to the Website will be posted on the Website, subject to our Section 7 and accessible by all visitors to the Website; we have no control over how such visitors will use such submissions. Please remember that if you post any of your personal information in public areas of the Website, such as in online forums or chat rooms, such information may be collected and used by others over whom we have no control. We are not responsible for the use made by third parties of information you post or otherwise make available in public areas of the Website. You should take care to not use personal information in your screen name or other information that might be publicly available to other users.

2.4 Tracking technologies

We use “cookies” and similar tracking technologies (as described in Section 5 below and in our Cookie Policy to track your activities on our Website, and may also receive data about you if you visit other websites employing our cookies. When we send you emails that include a link to the Website, that link may contain an alphanumeric identifier that allows us to identify the person to whom we sent the message so that we can personalize our content for that individual.

2.5 Automated technologies or interactions

As you interact with our Website, we may automatically collect technical and usage data about your device, browsing actions and patterns. For example, we collect information which may include your IP address, browser type, your location, language preferences, device information and access times. While an IP address does not identify an individual by name, it may, with the cooperation of the ISP, be used to locate and identify an individual. Your IP address can reveal what geographic area you are connecting from, or which ISP you are using. Finally, other websites you visit have IP addresses, and we may collect the IP addresses of those websites and their pages. We also collect IP addresses for system administration and to report aggregate information to any sponsors. We may also receive information from our web logs, which automatically record anything a web server sees, which may include email addresses you enter into a form or pages viewed by a user at a particular IP address. We collect this personal data by using cookies, pixel tags and other similar tracking technologies. The sole purpose of passively collecting your information is to improve your experience when using our Website.

2.6 Promotions & surveys

From time to time, we may offer you the opportunity to participate in promotions such as sweepstakes, contests, offers, and/or surveys (“Special Promotions”) through the Service. A Special Promotion may be governed by a privacy policy and/or terms and conditions that are additional to, or separate from, this Privacy Policy and our Terms of Use. If the provisions of the Special Promotion’s privacy policy or terms and conditions conflict with this Privacy Policy or our Terms of Use, those additional or separate provisions shall prevail. If you participate in a Special Promotion, we may ask you for certain information in addition to what is stated in this Privacy Policy, including personal information. That additional information may be combined with other account information and may be used and shared as described in this Privacy Policy or in the Special Promotion.

2.7 Information received from our service providers and partners

We may also receive information about you from our service providers and partners, which we use to personalize our Service, to measure ad quality and responses to ads, to display ads that are more likely to be relevant to you, and to offer you opportunities to purchase products or services that we believe may be of interest to you.

3. How we use the information we collect

We have set out below, in a table format, a description of all the ways we process your personal data, and the legal basis we rely on to do so.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason, and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please email us at [email protected].

Please note that we may process your personal data without your knowledge or further consent, in compliance with the above rules, where this is required or permitted by law.

4. How we share the information we collect

This section describes how the information collected or generated through your use of the Website may be shared by us with third parties. The information we may disclose for a business purpose includes personal identifiers, commercial information, electronic network activity and geolocation data. We have never sold our users’ personal information and in no event will we ever sell your personal information.

4.1 Marketing and advertising

We may send you promotional communications about our Website, our business partners or our advertising partners, including relevant advertising for third-party products and services that may be of interest to you. We may share aggregate user information in a non-personally identifiable manner with advertisers and other third parties in order to present to users more targeted advertising, products and services. We do not provide any personally identifiable information to third-party advertising companies.

4.2 Service providers

We may from time to time share your information with third-party service providers to perform functions and process user data and help provide our Website or Service, consistent with this Privacy Policy. For example, we work with analytics providers to help us understand the use of our Website. Where a third party processes user data on our behalf, it is subject to security and confidentiality obligations consistent with this Privacy Policy and applicable law; we only permit them to process your personal data for specified purposes and in accordance with our instructions and this Privacy Policy. Where a third party processes user data on its own behalf, its processing is subject to its own Privacy Policy and applicable law.

To provide you with the best experience on our Website, we may use third parties who automatically process your Usage Data on our behalf. Where possible, we will make sure this data is anonymized.

We may make available a service through which you can receive messages on your wireless device via short message service. If fees are charged to your wireless account invoice, we may provide your carrier with your applicable information in connection therewith. Your wireless carrier and other service providers may also collect data about your wireless device usage, and their practices are governed by their own policies.

For your information, click here to view some examples of how third parties process your personal data.

4.3 Promotions and surveys

When one or more of our business partners co-sponsor a service, promotion, contest/sweepstakes, or survey, we may share some or all of the information collected in connection with such service, promotion, contest/sweepstakes, or survey with the co-sponsor(s). If we intend to share such information, you will be notified prior to the collection of that information. If you do not want your information to be shared, you will be able to choose not to allow the transfer by not using or signing up for that particular service, promotion, contest/sweepstakes, or survey.

5. Cookies and other tracking technologies

A cookie is a small text file that is placed on your computer, mobile phone, or other device when you visit a website. The cookie will help website providers to recognize your device the next time you visit their website. There are other similar technologies such as pixel tags (transparent graphic images placed on a web page or in an email, which indicate that a page or email has been viewed), web bugs (similar to pixel tags), and web storage, which are used in desktop software or mobile devices.

There are also technologies such as mobile device identifiers and SDK integrations to help companies recognize your device when you return to an app or otherwise use a service.

Our policy regarding cookies can be found here.

6. Information collected by third parties

Some entities that have links on our Website, such as advertisers, may collect personally identifying information about you when you access or utilize those links. We do not control the collection or use of such information, and the practices of those entities are not covered by this Privacy Policy. For instance, if you click on an advertisement on our Website, you may be taken away to an entirely different site. Links can be from advertisers, content providers and/or partners who may use our logo and/or style as a result of a co-branding agreement yet they may still not follow the same policies as this Privacy Policy with respect to collection of your personal information. In addition, our Website includes social media features, such as the Facebook Like button. These features may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. Social media features and related widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy policy of the company providing them.

Please read these third parties’ privacy policies to find out how they collect and process your personal information.

7. Opt-out

Users who no longer wish to receive email updates, text messages or other notifications may opt out of receiving these communications by following the instructions contained in the applicable communication. Please know that such a decision will not stop advertising or content that is generated prior to the time when we can accomplish the removal of your information.

8. Credit card processing

Credit card transactions are handled by a third-party processor that receives credit card numbers and other personally identifying information only to verify credit card accounts and process transactions.

9. Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, altered or disclosed, used or accessed in an unauthorized way. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know it. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. However, the transmission of data via the Internet is not completely secure and we cannot guarantee that unauthorized parties will not be able to defeat those measures: unauthorized entry or use, hardware or software failure, and other factors may compromise the security of our user information at any time.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. Children and COPPA compliance

Our site is not directed to children under the age of 13 and we do not knowingly collect data relating to anyone under the age of 18. We have designed this privacy policy in order to comply with the Children’s Online Privacy Protection Act (“COPPA”). We will never knowingly collect any personal information about children under the age of 13. If we obtain actual knowledge that we have collected personal information about a child under the age of 13, that information will be immediately deleted from our database. Because we do not collect such information, we have no such information to use or to disclose to third parties. If a parent believes that his or her child has submitted personal information to us, he or she can contact us via e-mail or postal mail as listed below. We will promptly delete the information upon learning that it relates to a child under the age of 13. Please note that it is possible some of this information may remain archived in web logs and back-up archives after we delete the information from our active database.

We believe that parents should supervise their children’s online activities and consider using parental control tools available from online services and software manufacturers that help provide a child-friendly online environment. These tools can also prevent children from otherwise disclosing online their name, address and other personal information without parental permission.

11. Business transitions

In the event we go through a business transition, such as a merger, acquisition by another company, or sale of a portion of our assets, users’ personal information will, in most instances, be part of the assets transferred. In such instances, the new owners may use your personal data in the same way as set out in this Privacy Policy.

12. Your consumer rights

Certain state laws grant their residents the rights set forth in this Section. It is our policy to allow our users to exercise these rights regardless of their residency. Please see the “Exercising Your Rights” paragraph below for instructions regarding how to exercise these rights.

Subject to certain limitations, you have the following rights with respect to the personal information that we collect about you:

1. Right to Know. You can ask us to give you information about our collection and use of your personal information. Specifically, you can request that we provide you one or more of the following:
   • The categories of personal information we collected about you.
   • The categories of sources from which we collected your personal information.
   • Our business and commercial purposes for collecting, selling, or sharing your personal information.
   • The categories of third parties to whom we disclose your personal information.
   • The specific pieces of personal information we collected about you.
2. Right to Delete. You can ask us to delete your personal information. This right is subject to certain exceptions: for example, we may need to retain your personal data to provide you with the Service or complete a transaction or other action you have requested. If your deletion request is subject to one of these exceptions, we may deny your deletion request.
3. Right to Correct. You can ask us to correct inaccurate personal information that we have about you.

If we have disclosed your personal data to any third parties for a business purpose over the past 12 months, we will identify the categories of personal data shared with each category of third party recipient. If we have sold your personal data over the past 12 months, we will identify the categories of personal data sold to each category of third party recipient.

Exercising Your Rights

To exercise the rights described above, you or your Authorized Agent (defined below) must send us a request that (1) provides sufficient information to allow us to verify that you are the person about whom we have collected personal data, and (2) describes your request in sufficient detail to allow us to understand, evaluate and respond to it. Each request that meets both of these criteria will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria. We will only use personal data provided in a Valid Request to verify your identity and complete your request. You do not need an account to submit a Valid Request. If you do not receive a confirmation of our receipt of your request within 10 days, we may not have received your request and you should re-submit it.

We will work to respond to your Valid Request within 45 days of receipt. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request. Once we receive your request, we will attempt to verify your identity. We may ask you for additional information to help us verify your identity, including by asking you to confirm other personal information you have provided to us. We may deny your request for reasons permitted by law, including our inability to verify your identity. If we deny your request, we will tell you why we did so.

You may submit a Valid Request by emailing us at: [email protected].

You may also authorize an agent (an “Authorized Agent”) to exercise your rights on your behalf. To do this, you must provide your Authorized Agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your Authorized Agent when they make a request on your behalf. We reserve the right to deny the agent’s request if we are not reasonably able to confirm proper authorization and/or verify your identity as the requestor.

We Will Not Discriminate Against You for Exercising Your Rights

We will not discriminate against you for exercising your rights under this Section. We will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services. However, we may offer different tiers of our Service as allowed by applicable data privacy laws with varying prices, rates or levels of quality of the goods or services you receive related to the value of personal data that we receive from you.

13. California users consumer rights

If you are a California resident, you have the right to opt out of the selling or sharing of your personal data to/with third parties (subject to certain exceptions). It is important to note that sharing personal information with service providers who provide goods and services or perform other business functions on our behalf is not subject to this Section. For purposes of this Section, a service provider is not a “third party.” This Section does not apply either to cases where a consumer directs us to share personal information with a third party or otherwise intentionally interacts with a third party via our Website. Accordingly, for purposes of this Section, we do not sell or share the personal data of visitors to our Website.

Annual Records

This chart provides statistics about our responses to requests from California residents under Section 12 above over the past calendar year.

In accordance with California Civil Code Sec. 1789.3, California resident users are entitled to know that they may file grievances and complaints regarding our Service with the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs, in writing at 1625 North Market Blvd., Sacramento, CA 95834, by telephone at (916) 445-1254 or (800) 952-5210, or by email to [email protected]. We would, however, appreciate the chance to deal with your concerns before you approach the DCA, so please email us at [email protected] in the first instance.

In addition, under California law you are entitled to be advised how we handle “Do Not Track” browser signals. We do keep track of your browsing activities when we serve you content, which enables us to tailor what advertisements we present to you. We do not currently take actions to respond to Do Not Track signals because a uniform technological standard has not yet been developed. We continue to review new technologies and may adopt a standard once one is created.

14. Users located outside of the United States

We make an effort to protect the personal information of all users of our Website. If you are unsure whether this privacy policy is in conflict with the rules applicable where you are located, you should not submit your personal information. IN ADDITION, IF YOU ARE LOCATED WITHIN THE EUROPEAN UNION, YOU SHOULD NOTE THAT YOUR INFORMATION WILL BE TRANSFERRED TO THE UNITED STATES, THE LAWS OF WHICH MAY BE DEEMED BY THE EUROPEAN UNION TO HAVE INADEQUATE DATA PROTECTION. Users of our Website located in countries outside of the United States who submit personal information do thereby consent to the transfer of that information to and/or storage of the information in the United States.

15. EEA and UK users’ rights under the GDPR; Swiss users’ rights under the revFDPA; Brazilian users’ rights under the LGPD

If you are located in the European Economic Area or the UK, or Switzerland, or if the EEA’s or UK’s General Data Protection Regulation (“GDPR”), or the Swiss revised Federal Data Protection Act (“revFDPA”) otherwise applies to your data as processed by us, you have the right to (to the extent required by the Lei Geral de Protecao de Dados (“LGPD”), some of these rights may also apply to users located in Brazil):

1. request access to your personal data. This enables you to receive a copy of the personal data we hold about you and our full list of third parties who process your data, and to check that we are lawfully processing it.
2. request confirmation as to whether or not your personal data is being processed.
3. request the correction of your personal data that you consider to be inaccurate. This enables you to have any incomplete or inaccurate data we hold about you corrected. However, we may need to verify your identity and the accuracy of the new data you provide to us.
4. request erasure of your personal data. This enables you to ask us to delete or remove personal data, for example: i) where there is no good reason for us continuing to process it; ii) where you have successfully exercised your right to object to processing (see below); iii) where we may have processed your information unlawfully; iv) where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your erasure request for specific legal reasons and our need to keep appropriate archives for our business operations. These reasons will be notified to you at the time of your request. In addition, as explained in Section 2.3, certain information may always be publicly available to others and other information is made publicly available to others by default.
5. object to processing of your personal data. This enables you to object to the processing of your personal data if you feel it impacts on your fundamental rights and freedoms. For example, this can be where we are processing your personal data for direct marketing purposes. In some cases, we may have compelling legitimate grounds to process your information which can override your right to object.
6. request restriction of processing of your personal data. This gives you the option to ask us to suspend the processing of your personal data in the following scenarios: i) if you want us to establish the data’s accuracy; ii) where our use of the data is unlawful but you do not want us to erase it; iii) where you need us to hold the data, even if we no longer require it e.g. to establish or defend legal claims; or iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate ground to use it.
7. request transfer of your personal data. If you request us to do so, we will provide to you, or a third party of your choice, your personal data in a commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use, or where we have used the information to perform a contract with you.
8. withdraw consent to the processing of your data. If you request us to do so, we will no longer process your data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide our Service for you. Also, we will advise you of this at the time you withdraw your consent.
9. not have a decision made about you based solely on automated processing.

If you wish to exercise any of the rights set out above or request details about the specific legal basis we are relying on to process your personal data, please email us at [email protected] using the Subject Access Request Form.

We will respond to you within 30 days of receipt of your request. Occasionally it may take us longer than 30 days if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise your other legal rights). This is a security measure to ensure that your personal data is not disclosed to any person who does not have the right to receive it. We may also contact you to ask you for further information, in relation to your request, to speed up our response.

You will not have to pay a fee to access your personal data (or to exercise any of your other legal rights). However, we may charge a reasonable fee (or refuse to comply) if your request is clearly unfounded, repetitive or excessive.

You have the right to make a complaint under the GDPR at any time to your local data protection supervisory authority. You can find their contact details here. You may make a complaint under the revFDPA here.

We would, however, appreciate the chance to deal with your concerns before you approach supervisory authorities, so please email us at [email protected] in the first instance.

16. Data retention

If you are located in the European Union or Brazil, or if the GDPR or LGDP otherwise applies to your data as processed by us, we will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or internal reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for compliance, governance, legal and/or regulatory purposes in which case we may use this information indefinitely without further notice to you.

17. Cooperation with law enforcement

We fully cooperate with law enforcement agencies in identifying those who use our Website or Service for illegal activities. We reserve the right to disclose information about users who we believe are in violation of applicable laws or regulations, or as required to respond to a subpoena, court orders or other legal process requiring such disclosure. We also reserve the right to report to law enforcement agencies any activities that we reasonably believe to be unlawful and to exchange information with other companies and organizations for fraud protection.

18. Changes to this Privacy Policy

Occasionally we may, in our discretion, make changes to this Privacy Policy. When we make material changes to this Privacy Policy, we’ll provide you with prominent notice as appropriate under the circumstances, e.g. by displaying a prominent notice within the Website or by sending you an email. In some cases, we will notify you in advance, and your continued use of the Website after the changes have been made will constitute your acceptance of the changes. Please therefore make sure you read any such notice carefully. If you object to any of the changes, you have the opportunity to delete your account and any associated information. Once deleted your details will be non-recoverable.

Please note that if you opt out of receiving notices from us, change notices will still govern your use of the Website, and you are responsible for reviewing such legal notices for changes, as posted on the Website.

19. Who we are

For the purposes of the GDPR, Clear Compass Media, LLC located at P.O. Box 214, Capitola, CA 95010, USA, is the Data Controller and is responsible for your personal data. This means that we determine the purposes and ways of the processing of your personal data.

Our European, UK and Swiss representative for GDPR purposes is the Prighter Group with its local partners. If you want to exercise your European, UK or Swiss data subject rights, please visit this website.

Third-Party Data Processors