Privacy Statement

1. Roles and Scope

Thri5 acts as a data controller with respect to personal data collected for our website, marketing, sales, and account administration purposes.

Thri5 acts as a data processor when processing personal data on behalf of customers in connection with the Services, in accordance with customer instructions and applicable agreements.

2. Personal Data We Collect

We collect limited personal data, which may include:

• Name
• Job title or role
• Employer or organization
• Business contact information (email, phone number, address)
• Account data (such as usernames and password hashes)
• Limited technical data, such as IP address and log information, when you interact with our website or Services

We may also receive business contact information from third-party sources, such as professional networking platforms, where permitted by law.

3. How We Use Personal Data

We use personal data to:

• Provide, operate, and secure the Services
• Manage accounts and authenticate users
• Communicate with prospects and customers
• Improve our website and Services
• Comply with legal and regulatory obligations

4. Legal Bases for Processing

Where required by applicable law (including GDPR), Thri5 processes personal data based on:

• Performance of a contract (to provide the Services)
• Legitimate interests (including operating, securing, and improving our website and Services, and B2B communications)
• Compliance with legal obligations
• Consent, where required (for example, certain cookies)

5. Analytics and Cookies

We use analytics technologies to understand how our website and Services are used and to improve performance and functionality. These technologies may collect limited technical information such as IP address, browser type, device information, and pages viewed.

Where required by law, we provide appropriate notice and choice regarding the use of analytics cookies.

Additional information is available in our Cookie Notice.

6. Sharing Personal Data

Thri5 does not sell personal data.

We may share personal data with:

• Service providers and subprocessors acting on our behalf (such as hosting, security, and communications providers)
• Your organization, as applicable
• Legal or regulatory authorities when required by law

Aggregated or de-identified information may be used for business or operational purposes.

7. International Data Transfers

Personal data may be processed in the United States and other jurisdictions. Where required, Thri5 relies on Standard Contractual Clauses or other approved safeguards to support international data transfers.

8. Data Security

Thri5 implements reasonable technical, administrative, and organizational measures designed to protect personal data, including access controls, encryption in transit, secure development practices, and vendor security reviews.

9. Data Retention

We retain personal data for the duration of the customer relationship and thereafter only as long as necessary for legitimate business purposes, legal compliance, dispute resolution, or archival requirements. Retention periods vary based on the nature and purpose of the data. Data may be deleted upon verified request, subject to legal and contractual obligations.

10. Your Privacy Rights

Depending on your location, you may have rights to:

• Access your personal data
• Correct inaccuracies
• Request deletion
• Restrict or object to processing
• Request data portability
• Withdraw consent, where applicable
• Lodge a complaint with a data protection authority

Requests may be submitted to privacy@thri5.ai.

11. Automated Decision-Making

Thri5 does not use automated decision-making or profiling that produces legal or similarly significant effects.

12. Children's Privacy

Thri5 does not knowingly collect personal data from children under the age of 16.

13. Changes to This Privacy Statement

We may update this Privacy Statement from time to time. The Effective Date will be revised to reflect material changes.

14. Contact Information