← Back to Thriv-Ly

Effective: 24 March 2026

Privacy Policy

This Privacy Policy explains how THRIVLY LTD collects, uses, stores, and protects personal data when you use Thriv-Ly, request a demo, sign up for an account, contact us, or interact with business bots powered by the platform.

Privacy, legal, and data protection requests can be sent to hello@thriv-ly.com.

Who we are

THRIVLY LTD is a company registered in England and Wales with company number 17111377.

Registered address: 57 Stanborough Avenue, WD6 5LX, United Kingdom.

If you have questions about this policy or want to exercise your privacy rights, contact us at hello@thriv-ly.com.

What data we collect

Depending on how you use Thriv-Ly, we may collect:

  • identity and contact details, such as name, email address, phone number, and business details;
  • account and access data, such as owner email, staff email, login requests, and session information;
  • business configuration data, such as services, opening hours, FAQs, branding, uploaded documents, and notification preferences;
  • conversation and operational data, such as customer messages, bot replies, leads, bookings, cases, tasks, and related notes;
  • demo request information, such as the name, email address, and company details you submit to start a demo;
  • technical and usage data, such as IP-related request metadata, request IDs, logs, delivery attempts, and security events.

How we use personal data

We use personal data to:

  • provide and operate the Thriv-Ly platform;
  • authenticate users and secure accounts;
  • process and display conversations, leads, bookings, and related business workflows;
  • send operational emails and notifications where enabled;
  • support knowledge-base features and grounded bot responses;
  • monitor reliability, prevent abuse, troubleshoot problems, and improve the service;
  • communicate with you about your account, demos, support requests, and service updates;
  • comply with legal obligations and enforce our terms.

Our legal bases

We generally process personal data on one or more of the following bases:

  • performance of a contract or steps taken at your request before entering into a contract;
  • our legitimate interests in operating, securing, supporting, and improving Thriv-Ly;
  • compliance with legal obligations;
  • consent, where consent is required by law.

How Thriv-Ly handles customer and business data

Thriv-Ly is a B2B platform for SMEs. For personal data relating to our own business relationship with a customer, such as account, billing, support, and direct commercial contact data, THRIVLY LTD generally acts as controller.

When our customers use Thriv-Ly to collect or process data about their own leads, bookings, contacts, conversations, and end users through the platform, THRIVLY LTD generally acts as processor or service provider on that customer's behalf. Our customer remains responsible for the data they input into the platform and for their own privacy obligations to their end users.

Service providers and subprocessors

We use third-party service providers and subprocessors to help run Thriv-Ly. Depending on our deployment and the features enabled, these may include infrastructure, storage, AI, email, and SMS providers such as Vercel, Railway, Supabase, OpenAI, Postmark, and Twilio.

These providers process data on our behalf for hosting, storage, authentication, AI processing, email delivery, SMS delivery, and related operational support.

Our current provider list is maintained on the Subprocessors page.

International transfers

Some of our service providers may process personal data outside the UK. When we use providers that transfer personal data internationally, we aim to use appropriate safeguards required by applicable data protection law.

Retention

We keep personal data only for as long as needed for the purposes described in this policy, including to provide the service, maintain records, resolve disputes, comply with legal obligations, and enforce our agreements.

Retention periods may vary depending on the type of data and the customer account status.

Security

We use reasonable technical and organisational measures to protect personal data. These include authenticated access controls, hashed magic-link tokens, HTTP-only session cookies, and operational logging and audit controls.

No system is completely secure, and we cannot guarantee absolute security.

Your rights

Depending on applicable law, you may have rights to access, correct, delete, restrict, object to, or port your personal data, and to withdraw consent where processing relies on consent.

To make a request, contact us at hello@thriv-ly.com. You may also have the right to complain to the UK Information Commissioner's Office.

Changes to this policy

We may update this Privacy Policy from time to time. We will publish the updated version on this page and update the effective date above.