Product privacy policy

We collect, process and retain certain information about our customers and the users they add to their systems for the purpose of supporting functionality, communication and reporting.

Last Updated: December 17, 2024

Overview

This Product Privacy Policy applies to your use of the Thrive and Skills Platform (the Service) as a customer of Thrive Learning Limited (Thrive), including the use of our associated mobile applications (Mobile Apps). 

This Product Privacy Policy applies to data Thrive processes on behalf of our customers (Customer Data) in our capacity as a processor. This Product Privacy Policy does not apply to any information or data collected by Thrive as a controller for other purposes, such as information collected on our websites or through other channels for marketing purposes. 

Thrive processes Customer Data under the direction of our Customers, and has no direct control or ownership of the personal data we process. Customers are responsible for complying with any regulations or laws that require providing notice, disclosure, and/or obtaining consent prior to transferring the data to Thrive for processing purposes.

We periodically update this Product Privacy Policy. We will post any changes on this page and, if the changes are significant, we will provide an update through the “Thrive Tribe” portal. While we will notify you of any material changes to this Product Privacy Policy prior to the changes becoming effective, we encourage you to review this policy periodically. We will also keep prior versions of this Product Privacy Policy in an archive for your review.

Use of service

Thrive Learning and Skills Platform

Our Learning Experience Platform allows users (typically medium to large size organisations) to create and share training materials with their workforce. The Platform can also be used by customers to organise training and learning materials into campaigns to be shared with users on the system, or to assign mandatory training to large groups of users on the system. Users are also able to create and share content with others on the system for the purpose of knowledge sharing.

Use by Thrive

Data within these Platforms is processed on an automated basis to help generate suggestions for content users may be interested in, and streamlining user experiences as they create content. Insights from data may be used to offer tag suggestions or content recommendations to other sites, but no personally identifiable data or customer-owned content shall be made visible as part of this processing. 

We utilise sub-processors to send system notifications to end users based upon their own activity or the activity of other users on the site. 

We do not share any information about customers or end users with any third parties except for the purposes outlined above.

Use by Customers

Customer organisations use the Service to share content, track compliance and monitor the engagement of users with content across the system. Thrive does not control the content shared on these Systems or the types of information that our customers may choose to collect or manage using the Service. That information belongs to them and is used, disclosed and protected by them according to their privacy policies. Thrive processes our customers’ information as they direct and in accordance with our agreements with our customers, and we store it on our service providers’ servers. 

Our agreements with our customers prohibit us from using that information, except as necessary to provide and improve the Subscription Service, as permitted by this Product Privacy Policy, and as required by law. 

We use the information collected through our Service by our customers for the following purposes: to provide the Service (which may include the detection, prevention and resolution of security and technical issues); to respond to customer support requests, and otherwise to fulfil obligations under the Customer Terms of Service.

We have no direct relationship with individuals who provide Personal Information to our customers. Our customer's control and are responsible for correcting, deleting or updating information they have collected from using the Subscription Service. We may work with our customers to help them provide notice to their visitors about their data collection, processing and usage.

Product-specific disclosures

Single Sign On

Customers can choose to configure their Systems so that users can log in to our site using a Single Sign-on (SSO) service such as Google GSuite or Microsoft ADFS. This service will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form.

Mobile Applications

We use mobile analytics software to allow us to better understand the functionality of our Mobile Apps on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. In addition to information we collect on our Websites, when you use our Mobile Apps we may also collect your city location, device model and version, device identifier (or “UDID”), OS version, and your Service credentials. 

We send push notifications from time to time in order to update you about content and events within your organisation. If you no longer wish to receive such communications, you may turn them off at the device level. 

We may link information we store within the analytics software to Personal Information you submit within the Mobile App. We do this to improve services we offer you and improve our marketing, analytics and site functionality.

Logging

When you use the Subscription Service, we automatically collect information about your computer hardware and software. This information can include your IP address, browser type, domain names, internet service provider (ISP), the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, access times and referring website addresses. This information is used by Thrive for the operation of the Service and to maintain quality of the Subscription Service. For these purposes, we may link this automatically-collected data to Personal Information such as name, email address, address, and phone number.

Data subject requests

If you are a customer, prospect, or otherwise interact with one of our Customers and would no longer like to be contacted by one of our customers that use our Service, please contact the customer that you interact with directly. If you want to access, correct, amend, or delete data controlled by a Thrive customer, you should direct your query to the Customer (the data controller). 

Customers may request the deletion of a Thrive account or LXP Service by sending a request to privacy@thrivelearning.com or contacting the Customer Success team. 

If you are seeking to exercise your data subject access rights for the data Thrive processes as a controller, please refer to our Customer’s Privacy Policy.

Cookies

All Cookies used by Thrive on the Thrive Site are used in accordance with current Cookie Law. We may use some or all of the following types of Cookie:

Strictly Necessary Cookies

A Cookie falls into this category if it is essential to the operation of the Service, supporting functions such as logging in.

Functionality Cookies

Enable us to provide additional functions to you on the Thrive Site such as personalisation and remembering your saved preferences. Some functionality Cookies may also be strictly necessary Cookies, but not all necessarily fall into that category.

Before Cookies are placed on your computer or device you will be shown a cookie compliance statement, requesting your consent to set those Cookies. By giving your consent to the placing of Cookies you are enabling us to provide you with the best possible experiences and services to you. You may wish to deny consent to the placing of the Cookies at which point we request you cease using the Service.

Transfer

Although the data we collect from you is stored in the United Kingdom ("UK") or European Economic Area (“EEA”), data transferred to third parties to provide services to you or to perform our contract you may be transferred to third parties outside the UK or EEA.

By submitting Personal Data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. 

We take all reasonable technical, organisation and security steps to ensure that the information you supply to us over the internet is secure.

Data retention

The data you collect as part of your use of the Service is retained according to the relevant agreements between you and Thrive. Customer Data is retained for as long as you remain an active customer. Your data is deleted upon your written request or after an established period following the termination of all customer agreements. In general, Customer Data is deleted after your paid Subscription ends and your portal becomes inactive.

Contact

We are contactable by email at privacy@thrivelearning.com. 

Thrive Learning Limited is incorporated and registered in England with company number 10988277 and whose registered office is at: 27 Market Place, Bingham, Nottingham, Nottinghamshire, England, NG13 8JY