GDPR/Privacy Policy

PRIVACY, GDPR AND COOKIE POLICY – Last updated August 2023

At Thrive CSR Ltd, we always take data security and data privacy extremely seriously. Our aim has always been to provide our customers and their staff and applicants with the highest levels of data security and be accountable for the information held on our application. As such we regularly review and expand our security practices.

This document covers how we deal with your privacy and GDPR rights and then how cookies are used on your website and platform.

 

Data Controller or Processor

We act as a data controller in respect of any information which we collect about our customers. We will never share this or any customer data in our possession with anyone else save as required at law or if we were to sell our business. Thrive CSR adheres to strict data security, access, integrity policies.

We act as a data processor in respect of any information which applicants upload onto the Thrive CSR platform. In providing our service, we do not own or make decisions about the use of the information stored or processed on Thrive CSR. We do not use this data for our own purposes. In fact, to the extent we do access it, it is only as reasonably necessary to provide you with our services (which may include responding to support requests) or as required by law.

In accordance with the GDPR, we have updated our terms of business so that it is clear that we will only ever use personal data which we process on our customers’ behalf in accordance with our customers’ instructions (to the extent consistent with the functionality of Thrive CSR). We will also promise to implement industry standard security, technical, physical and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, personal information.

How Does Thrive CSR Facilitate the Rights of Individuals Under GDPR?

The right to be informed.

Thrive CSR enables our customer to define their own privacy statements. Using this privacy statement, a customer is able to notify applicants of the details of personal data being collecting and why purpose. Within Thrive CSR a customer can make it mandatory for an applicant to accept before proceeding with registration to the system and then again for any application they ‘start’ in the system. We also allow a customer to define granular options for communication.

The right of access.

All applicants and staff whose data is stored by Thrive CSR can request to see and update their details at any time by contact support@thrive-csr.com, who will provide the appropriate contact for the customer and assist with the process to provide access.

The right to rectification.

All applicants and staff whose data is stored by Thrive CSR can request rectification to their details or data at any time by contact support@thrive-csr.com, who will provide the appropriate contact for the customer and assist with the process to provide rectification.

The right to erasure.

Thrive CSR enables our customers to comply with an individual’s request for the deletion or removal of personal data from the platform.

If our customers are satisfied that there is no compelling reason for continued processing, they can delete the personal data from the Thrive CSR Platform. For more information contact support@thrive-csr.com, who will provide the appropriate contact for the customer and assist with the process to provide erasure.

The right to restrict processing.

Should an applicant wish to object to the processing of their personal data, the individual’s platform record can be suspended. Up to the point of award, the ‘withdrawal’ feature can be used to suspend an application, and after an award the ‘on hold’ feature can be used to suspend processing.  For more information contact support@thrive-csr.com, who will provide the appropriate contact for the customer and assist with the process required to restrict processing.

The right to object.

Should an applicant wish to object to any aspect of their data or its processing through Thrive CSR, the individual’s platform record can be suspended and any in progress applications ‘withdrawn’ and awards put ‘on hold’. For more information contact support@thrive-csr.com, who will provide the appropriate contact for the customer and assist with the process required to put processing on hold.

Rights related to automated decision making and profiling.

In Thrive CSR no decisions are made without human intervention.

 

Further questions

If you have any further questions or queries with any of the details above, please feel free to contact Thrive CSR at support@thrive-csr.com

COOKIES

Our site uses cookies (tiny files that are downloaded to your computer while you browse) to improve your experience.

We use cookies for a variety of reasons detailed below. Unfortunately, in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that you leave on all cookies if you are not sure whether you need them or not, in case they are used to provide a service that you use.

You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore, it is recommended that you do not disable cookies.

Our marketing website (www.thrive-platform.com) uses the following cookies, all cookies are optional:

  • Security_Check – Thrive cookie used to check for unusual site access – Set for 365 days
  • Hubspotuk – Hubspot cookie used for marketing tracking – Set for 6 months
  • _* Google Cookies – Google cookies used for marketing tracking – Set for up to 6 months. You can see the google privacy policy here
  • Mf_user – Mouseflow cookie used for marketing tracking – Set for 3 months

Our software platform uses the following cookies, all cookies are mandatory:

  • Admin_Module – Thrive cookie used to secure access to the platform – Set for 7 days
  • Admin_Cookie – Thrive cookie used to secure access to the platform – Set for 365 days
  • 2FA_Temp_Cookie – Thrive cookie used to secure access to the platform – Set only for the current session
  • Thrive_CSRF* – Thrive cookies used to secure access to the platform – Set for 1 day

 

Website Disclaimer

The information contained in this website is for general information purposes only. The information is provided by Thrive CSR and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.

In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.

Through this website you are able to link to other websites which are not under the control of Thrive CSR. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.

Every effort is made to keep the website up and running smoothly. However, Thrive CSR takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.