Privacy Policy

1. Introduction

Overview of Media Thrive

• Brief Description of Services Offered
  Media Thrive is a B2B technology company specializing in AI-driven solutions for media organizations. We transform written news into immersive audio and video formats, featuring lifelike avatars and voice cloning of trusted hosts. Our services include automatic audio generation, human-curated AI video production, and comprehensive media monitoring.

• Commitment to Privacy and Data Protection
  We are committed to protecting the privacy and personal data of our customers and their end-users. Media Thrive adheres to the principles of the General Data Protection Regulation (GDPR) and relevant EU laws, ensuring that all personal data is processed lawfully, fairly, and transparently.

Purpose of the Privacy Policy

• Explain the Policy's Objectives
  This Privacy Policy explains how Media Thrive collects, uses, stores, and protects personal data. It outlines our data processing practices and the measures we take to safeguard personal information.

• Outline Who It Applies To (Primarily B2B Customers)
  The policy applies to our customers (primarily business entities), users of our services, and any individuals whose personal data we process in the course of providing our services.

Scope of the Policy

• Types of Data Covered

  • Customer Data: Information related to our business customers, including contact details, account credentials, and billing information.
  • Media Files: Customer-provided media files for avatar and voice cloning.
  • End-User Data: Data collected via embedded JavaScript on customer websites, including usage and behavioral data.

• Applicability Across All Services and Platforms
  This policy applies to all products and services offered by Media Thrive, including our website, platform, and any integrations or embedded technologies.

Definitions

• "Customer": A business entity or individual that uses Media Thrive's services.
• "End-User": An individual who interacts with the content provided by our customers through our services.
• "Personal Data": Any information relating to an identified or identifiable natural person, as defined by GDPR.
• "Processing": Any operation performed on personal data, such as collection, storage, use, or disclosure.
• "Controller": The entity that determines the purposes and means of processing personal data.
• "Processor": The entity that processes personal data on behalf of the controller.

Policy Effective Date

The current Privacy Policy is effective as of 01/11/2024 and is subject to updates, which we will notify you about as outlined in the “Changes to This Privacy Policy” section.

Contact Information for Privacy Inquiries

If you have questions regarding this Privacy Policy or your personal data, please reach out to our team at [email protected] for assistance.

2. Information We Collect

In line with GDPR requirements, we’re committed to transparency regarding the types of data we collect and how it’s used. Below is a breakdown of each category of data and its purpose.

Customer Data

• Contact Information
  We collect information such as names, job titles, email addresses, and phone numbers of customer representatives. This information helps us communicate effectively and deliver our services.

• Account Credentials
  For secure access to our platform, we collect usernames and passwords associated with customer accounts. These credentials enable account access, personalization, and customer support.

• Billing Information
  To facilitate transactions, we collect payment details and invoicing addresses necessary for billing and payment processing.

Media Files and Content

• Customer-Provided Media Files
  Customers may provide media such as audio recordings or video footage required for avatar and voice cloning. If the files contain identifiable individuals, this media is treated as personal data under GDPR.

• Avatar and Voice Data
  Data generated from voice cloning and avatar modeling is used solely for the customer’s content production purposes. When this data can identify an individual, it is considered personal data and is processed with special care.

End-User Data Collected via Embedded JavaScript

• Usage Data
  We collect interaction metrics (e.g., play, pause, and completion rates) to enhance the user experience by helping us understand how end-users interact with the audio and video content.

• Behavioral Data
  To help our customers understand user preferences, we collect anonymized information on content viewing and listening habits.

• Anonymized Fingerprints
  Non-identifiable data is collected through cookies or similar technologies to track interactions without direct identifiers. Although anonymized, this data may be considered personal data under GDPR, so it is safeguarded appropriately.

Cookies and Tracking Technologies

Our use of cookies and similar technologies is in line with the EU ePrivacy Directive and GDPR requirements. The types of cookies we use include:

• Functional Cookies
  Necessary for the basic operation of our services, these cookies support functionalities such as user authentication and secure access.

• Analytical Cookies
  These cookies help us analyze service usage to improve performance and the user experience.

• Third-Party Cookies
  We may use third-party services that place cookies on your device. All third-party cookies are used following GDPR standards, with users being informed and given the option to consent.

3. How We Use the Information

Under GDPR, each data processing activity must have a lawful basis, and we must ensure data is only used for its stated purpose. Here’s a breakdown of how we use the information collected:

Service Provision

• AI Model Training

  • Purpose: To create customized avatars and voices for customer content.
  • Lawful Basis: Processing is necessary for the performance of a contract (Article 6(1)(b) GDPR).
  • Data Used: Customer-provided media files containing personal data are used solely for training AI models as part of the contracted service.

• Content Generation

  • Purpose: To produce audio and video content per customer specifications.
  • Lawful Basis: Performance of a contract (Article 6(1)(b) GDPR).
  • Data Used: Data generated from avatars and voice models, derived from customer media files, is used strictly for content generation.

• Media Monitoring and Content Suggestions

  • Purpose: To track relevant news, analyze trends, and suggest content aligned with user preferences.
  • Lawful Basis: Legitimate interests (Article 6(1)(f) GDPR), which allows us to enhance our services by offering relevant recommendations to our customers.
  • Data Used: Aggregated and pseudonymized data from media monitoring activities.

Service Improvement

• Machine Learning Enhancements

  • Purpose: To refine algorithms and models by analyzing usage patterns and aggregated data.
  • Lawful Basis: Legitimate interests (Article 6(1)(f) GDPR) in continually improving our services.
  • Data Used: Anonymized and aggregated end-user data used strictly for model and algorithm training.

• Usage Analysis

  • Purpose: To understand end-user interaction patterns, improve functionality, and optimize the overall user experience.
  • Lawful Basis: Legitimate interests (Article 6(1)(f) GDPR) in enhancing service performance.
  • Data Used: End-user interaction and behavioral data collected through embedded JavaScript, anonymized where possible.

Communication

• Customer Support

  • Purpose: To respond to customer inquiries and provide necessary support.
  • Lawful Basis: Performance of a contract (Article 6(1)(b) GDPR).
  • Data Used: Customer contact information is used to provide timely assistance and support.

• Updates and Notifications

  • Purpose: To notify customers about updates to our services, terms, or policies.
  • Lawful Basis: Legal obligation (Article 6(1)(c) GDPR) and performance of a contract (Article 6(1)(b) GDPR).
  • Data Used: Customer contact information is used for essential service-related communications.

• Marketing Communications

  • Purpose: To provide customers with information about new features, services, or promotional offers.
  • Lawful Basis: Consent (Article 6(1)(a) GDPR) obtained from customers before sending marketing materials.
  • Opt-Out: Customers have the right to withdraw consent and unsubscribe from marketing communications at any time.

Legal and Compliance

• Regulatory Compliance

  • Purpose: To meet legal obligations, such as those related to accounting and tax.
  • Lawful Basis: Legal obligation (Article 6(1)(c) GDPR).
  • Data Used: Customer data necessary to fulfill regulatory requirements.

• Enforcement of Terms

  • Purpose: To ensure compliance with our Terms of Service and protect our rights.
  • Lawful Basis: Legitimate interests (Article 6(1)(f) GDPR) in enforcing our terms and maintaining service integrity.
  • Data Used: Relevant account and usage data may be processed to monitor compliance and address violations.

4. Data Sharing and Disclosure

Transparency in data sharing is essential to maintain user trust and comply with GDPR requirements. Below is an outline of how we handle data disclosure and the safeguards we implement.

With Service Providers

• Third-Party Vendors
  • Description: We may share personal data with third-party service providers who support us in delivering services, such as cloud storage providers, Content Delivery Networks (CDNs), analytics platforms, and customer support tools.
  • Data Protection Agreements: All third-party processors are bound by Data Processing Agreements (DPAs) that comply with GDPR Article 28, ensuring confidentiality, security, and processing limitations.
  • Purpose Limitation: These vendors are authorized to use personal data only as necessary to provide services on our behalf. They are strictly prohibited from using this data for their purposes.

For Legal Reasons

• Compliance with Laws

  • Legal Obligations: Personal data may be disclosed when legally required to comply with court orders, legal processes, or requests from governmental authorities.
  • Lawful Basis: The lawful basis for such processing is compliance with a legal obligation (Article 6(1)(c) GDPR).

• Protection of Rights

  • Protection Measures: We may disclose personal data to protect our rights, privacy, safety, or property, as well as those of our customers and third parties, as required by law.
  • Lawful Basis: Legitimate interests (Article 6(1)(f) GDPR) in preventing harm, enforcing our policies, and addressing illegal activities.

Business Transfers

• Mergers and Acquisitions
  • Description: In the event of a merger, acquisition, reorganization, or sale of assets, personal data may be transferred as part of the transaction.
  • Safeguards: Any successor entity will be bound by privacy terms that are as protective as those in this Privacy Policy.
  • Notification: Users will be notified of changes in ownership or control of personal data, and they will be given the opportunity to exercise their rights over their data.

Aggregate and Anonymized Data

• Statistical Analysis
  • Description: Aggregated and anonymized data that cannot identify individuals may be shared for industry analysis, research, and marketing purposes.
  • Compliance: This practice complies with GDPR since personal data is not involved in these disclosures.

International Data Transfers

• Transfer Mechanisms
  • Outside EEA Transfers: If personal data is transferred outside the European Economic Area (EEA), we implement safeguards such as:
    • Standard Contractual Clauses (SCCs): EU-approved contractual clauses to ensure protection during international transfers.
    • Adequacy Decisions: Transfers to countries with EU-recognized data protection adequacy.
    • Binding Corporate Rules (BCRs): For large, multinational transfers within our organization, BCRs ensure data protection across jurisdictions.
  • Compliance with Local Laws: We comply with applicable data protection laws in all jurisdictions where data processing occurs.

5. Data Storage and Security

We implement a range of technical and organizational measures to ensure the security, integrity, and confidentiality of personal data. Below is an outline of our security practices and data retention policies.

Security Measures

• Encryption

  • Data at Rest: All personal data stored on our servers is encrypted using industry-standard algorithms, such as AES-256, to prevent unauthorized access.
  • Data in Transit: Personal data transmitted between users and our services is secured through SSL/TLS protocols to ensure data privacy during transmission.

• Access Controls

  • Restricted Access: Access to personal data is limited to authorized personnel who require it for their job responsibilities. Role-based access controls are in place to prevent unauthorized data access.
  • Authentication and Multi-Factor Authentication (MFA): We use strong authentication protocols, including MFA, to enhance account security and prevent unauthorized logins.

• Security Policies and Audits

  • Regular Audits: We conduct periodic security assessments and audits to identify potential vulnerabilities, including penetration testing by third-party security experts.
  • Incident Response Plan: A defined incident response plan ensures prompt action in the event of a security breach, with procedures for containment, investigation, and mitigation.

• Staff Training

  • Data Protection Training: Our team members receive regular training on data protection practices, security protocols, and GDPR compliance to maintain awareness of the latest security best practices.

Data Retention

• Retention Periods

  • Customer Account Data: This data is retained for the duration of the customer’s active account and for a limited period following account termination (e.g., 90 days) unless otherwise required by law.
  • Billing Information: Retained for the period necessary to meet legal obligations related to tax and accounting requirements.
  • Media Files: Retained only as necessary to deliver services, per contractual agreements with customers.

• Deletion Procedures

  • Secure Deletion: Once data is no longer needed for its original purpose, it is securely deleted or anonymized to prevent unauthorized recovery.
  • Data Minimization: We collect and retain only the minimum amount of personal data necessary to achieve the purposes outlined in this policy.

International Data Transfers

We follow GDPR-compliant mechanisms for any transfer of data outside the European Economic Area (EEA), such as:

• Standard Contractual Clauses (SCCs): EU-approved SCCs provide safeguards during international transfers.
• Binding Corporate Rules (BCRs): For transfers within our organization, BCRs ensure data protection across jurisdictions.
• Adequacy Decisions: Transfers to non-EEA countries with recognized data protection adequacy are conducted as per the European Commission’s adequacy decisions.

6. Rights and Choices

Under GDPR, data subjects have specific rights regarding their personal data. Media Thrive is committed to upholding these rights and providing clear methods for users to exercise them.

Customer Rights

• Right of Access

  • Description: Users have the right to request confirmation of whether we process their personal data and to access this data.
  • How to Exercise: Contact us at [email protected] with your request, and we will provide access in line with GDPR Article 15.

• Right to Rectification

  • Description: Users can request the correction of inaccurate or incomplete personal data.
  • How to Exercise: Submit a request to [email protected] with details of the correction needed.

• Right to Erasure (“Right to be Forgotten”)

  • Description: Users may request the deletion of personal data under certain circumstances, such as when it is no longer necessary for the purposes it was collected.
  • How to Exercise: Contact [email protected] to initiate the data erasure process. Note that some legal obligations may require us to retain certain information.

• Right to Data Portability

  • Description: Users can request to receive their personal data in a structured, commonly used, and machine-readable format, and may request to transmit this data to another controller.
  • How to Exercise: Email us at [email protected] to request a copy of your data in a portable format.

• Right to Object

  • Description: Users can object to the processing of their personal data based on legitimate interests or for direct marketing.
  • How to Exercise: To object, contact [email protected]. If you object to direct marketing, we will promptly stop sending you marketing communications.

• Right to Restriction of Processing

  • Description: Users can request the restriction of data processing under certain conditions (e.g., while accuracy disputes are resolved).
  • How to Exercise: Contact [email protected] to restrict processing, specifying the reason for your request.

• Right to Withdraw Consent

  • Description: Users may withdraw their consent for processing at any time, where processing is based on consent.
  • How to Exercise: To withdraw consent, use the unsubscribe option in marketing emails or contact us at [email protected].

Exercising Your Rights

• Contact Methods

  • You can exercise your rights by contacting us via email at [email protected] or by writing to our mailing address provided in the “Contact Information” section.

• Verification Process

  • To protect your privacy, we may need to verify your identity before fulfilling your request. Please be prepared to provide relevant information to assist with verification.

• Response Timeframe

  • We will respond to requests within one month of receipt, as required by GDPR Article 12(3). In cases where requests are complex or numerous, this period may be extended by up to two months, and we will notify you of any extension.

Fees

• Free of Charge: In most cases, there is no fee for exercising your rights. However, where requests are manifestly unfounded or excessive, we may charge a reasonable fee or decline to act on the request, as permitted by GDPR Article 12(5).

7. Cookies and Similar Technologies

Media Thrive uses cookies and similar tracking technologies to enhance user experience, analyze service usage, and support marketing efforts. We comply with the EU ePrivacy Directive and GDPR requirements for obtaining consent and managing cookie preferences.

Use of Cookies

• Purpose

  • Functional Purposes: Essential for the operation of our services, these cookies support user authentication, session management, and core functionalities.
  • Preference Storage: Cookies store user preferences, such as language and region settings, to provide a personalized experience.
  • Analytical Insights: Analytical cookies help us understand user interactions with our platform, allowing us to optimize and improve functionality and performance.

• Types of Cookies

  • Session Cookies: Temporary cookies that are deleted once the browser is closed.
  • Persistent Cookies: Remain on the user’s device for a specified period or until deleted, supporting functionalities across sessions.
  • First-Party Cookies: Set by our platform to directly support its operations.
  • Third-Party Cookies: Set by external services integrated into our platform, such as analytics and advertising providers.

Cookie Consent and Management

• Consent Banner

  • Obtaining Consent: When users visit our website, a consent banner appears, allowing them to accept or decline non-essential cookies.
  • Granular Choices: Users can select their cookie preferences by category (e.g., functional, analytical, marketing) to control the types of cookies enabled.

• Changing Cookie Settings

  • Preference Management: Users can change their cookie preferences at any time via our website settings or by adjusting their browser settings.
  • Opt-Out Links: For third-party cookies, we provide links to opt-out options where available, enabling users to further manage their tracking preferences.

Do Not Track Signals

• Response to DNT Signals
  • Policy Statement: Our platform currently does not respond to “Do Not Track” (DNT) signals from browsers. However, users can control tracking preferences through cookie settings and opt-out options.

For more details on the specific cookies used on our platform, please refer to our Cookie Policy (linked here).

8. GDPR Compliance

Media Thrive is committed to ensuring that all personal data is handled in accordance with GDPR principles and requirements. This section outlines our compliance measures and legal bases for processing personal data.

Legal Basis for Processing

• Performance of a Contract (Article 6(1)(b) GDPR)

  • Explanation: Processing is essential for fulfilling contractual obligations to customers, such as providing and supporting our services.

• Legitimate Interests (Article 6(1)(f) GDPR)

  • Explanation: Processing is necessary to pursue legitimate interests, such as improving services, ensuring security, preventing fraud, and managing business operations.
  • Balancing Test: We conduct legitimate interest assessments (LIAs) to ensure that our interests do not override the rights and freedoms of data subjects.

• Consent (Article 6(1)(a) GDPR)

  • Explanation: For activities such as sending marketing communications, we seek explicit consent. Users can withdraw consent at any time by using the unsubscribe link or contacting [email protected].

Data Protection Officer (DPO)

• Appointment (If Required)
  • If our processing activities require a Data Protection Officer under GDPR Articles 37-39, we will appoint a qualified DPO and provide their contact information here.
  • Contact Details: If applicable, users can contact the DPO directly for questions or concerns about our data protection practices.

Data Protection Impact Assessments (DPIAs)

• High-Risk Processing
  • We conduct Data Protection Impact Assessments (DPIAs) when introducing new processing activities that may pose a high risk to individuals’ rights and freedoms. DPIAs help us identify and mitigate risks before implementing data processing changes.

Data Breach Notification

• Procedures for Detecting and Responding to Data Breaches

  • Detection and Response: We have established protocols to detect, investigate, and respond to any data breaches promptly. This includes a dedicated incident response team and systematic monitoring to identify potential vulnerabilities.

• Notification to Authorities

  • If a data breach occurs that risks individual rights and freedoms, we will notify the relevant supervisory authority (e.g., the Information Commissioner’s Office) without undue delay, and within 72 hours if feasible, as mandated by GDPR Article 33.

• Notification to Affected Individuals

  • High-Risk Breaches: If a breach is likely to result in a high risk to data subjects, we will inform affected individuals promptly, providing information on the breach, its potential impact, and measures taken to mitigate harm.

• Preventive Measures

  • Continuous Improvement: We regularly review and update security practices to prevent future incidents, including employee training, security audits, and system upgrades.

9. Data Related to Avatars and Voice Cloning

Our services include unique processing of data for avatars and voice cloning, which may involve handling personal and sensitive information. We take special measures to protect this data and comply with GDPR requirements.

Use of Media Files

• Purpose Limitation

  • Exclusive Use: Media files provided by customers (e.g., audio recordings, video footage) are used solely to create avatars and voice models for the specific customer who supplied the files. This data will not be used for any other purpose without explicit consent.

• Lawful Basis

  • Contractual Necessity: The processing of media files for avatar and voice generation is conducted based on contractual necessity (Article 6(1)(b) GDPR).
  • Explicit Consent: For special categories of data, such as biometric data used for voice cloning, explicit consent is obtained under GDPR Article 9(2)(a) before processing.

• No Unauthorized Sharing

  • Confidentiality Commitment: Media Thrive strictly prohibits sharing, renting, or disclosing media files, avatars, or voice data to any third parties without customer consent.
  • Third-Party Processors: If any third-party vendors are involved in processing, they are bound by confidentiality agreements and GDPR-compliant contracts to ensure data protection.

Security Measures

• Enhanced Protections
  • Sensitive Data Handling: Data related to avatars and voice cloning is treated with the highest level of security, considering its potentially sensitive nature.
  • Technical Measures: We employ advanced encryption, secure storage solutions, and network security protocols tailored to protect avatar and voice data.
  • Access Restrictions: Access to avatar and voice data is strictly limited to authorized personnel who require it for service delivery, using role-based access controls.

Customer Responsibilities

• Consent and Legal Rights

  • Obtaining Consent: Customers are responsible for securing all necessary consents and legal rights from individuals whose data is included in the media files provided to us.
  • Compliance: We recommend customers review their data collection practices to ensure they comply with GDPR and other relevant laws, particularly when dealing with sensitive or special categories of data.

• Support from Media Thrive

  • Guidance and Templates: We provide guidance and, where appropriate, templates for consent forms to assist customers in meeting their obligations.
  • Due Diligence: As part of our due diligence, we may require confirmation or documentation that necessary consents have been obtained before proceeding with data processing.

Right to Erasure and Data Management

• Right to Erasure
  • Deletion Requests: Customers may request the deletion of avatar and voice data at any time by contacting [email protected]. We will promptly erase or anonymize such data unless retention is required by law.

10. Anonymized End-User Data

Our services may involve collecting anonymized or pseudonymized data from end-users to enhance service functionality, provide usage insights, and support service optimization. Here’s how we handle this data and ensure GDPR compliance.

Data Collection

• Anonymity Assurance

  • No Personally Identifiable Information (PII): Data collected via embedded JavaScript on customer websites does not include direct personal identifiers (such as names or email addresses).
  • Anonymization vs. Pseudonymization: While data is often fully anonymized, some pseudonymized data may still qualify as personal data under GDPR. We apply safeguards to protect against re-identification.

• Types of Data Collected

  • Interaction Metrics: We collect general metrics such as play counts, pause rates, completion percentages, and repeat interactions with audio or video content. This helps in analyzing content engagement and improving service delivery.
  • Behavioral Patterns: Aggregated data on content preferences, usage trends, and interaction patterns is used to offer insights and recommend improvements for user experience.

Use of Anonymized Data

• Service Improvement
  • Enhancing Algorithms: Collected data supports ongoing machine learning and algorithm enhancements, enabling Media Thrive to improve content delivery and personalization.
  • Statistical Analysis: Anonymized data is also used to perform statistical analysis and assess general trends to optimize our services.

Safeguards and Compliance

• Technical Measures for Anonymization

  • Data Minimization and Aggregation: We employ techniques such as data aggregation and attribute masking to ensure that individual users cannot be identified from interaction data.
  • Preventing Re-Identification: Anonymized data is processed with technical measures that prevent re-identification, in compliance with GDPR’s standards for anonymization and pseudonymization.

• GDPR Compliance

  • Commitment to Privacy: Even though this data is anonymized or pseudonymized, we adhere to GDPR and other relevant privacy laws to protect all user interactions and ensure transparency.

11. Third-Party Links and Services

Our platform may contain links to third-party websites or embed services from external providers to enhance functionality and user experience. This section outlines how we handle these integrations and what users should consider regarding their privacy.

External Websites

• Disclaimer
  • No Responsibility for External Content: Our website or services may include links to third-party websites that are not operated or controlled by Media Thrive. We are not responsible for the content, privacy practices, or policies of these external sites.
  • Recommendation: We encourage users to review the privacy policies of any external websites they visit, as their data protection practices may differ from ours.

Third-Party Integrations

• Integrated Services

  • Description: We may integrate third-party services (e.g., analytics tools, social media plugins, or media players) into our platform to enhance user experience and support analytical insights.
  • Data Sharing and Consent: If any personal data is shared with these third parties or processed on their behalf, we ensure that users are informed and given the option to provide consent where required.

• Third-Party Policies

  • Encouragement to Review: We advise users to review the privacy policies of third-party services embedded on our platform to understand their data handling practices.
  • Limited Liability: Media Thrive is not responsible for the data processing activities of third parties, except to the extent required by GDPR. However, we carefully vet all third-party integrations to ensure they adhere to privacy standards.

Third-Party Data Sharing Controls

• Opt-Out Options
  • Managing Preferences: Users can manage their preferences regarding data sharing with third-party services through their account settings or the cookie consent banner provided on our platform.
  • Third-Party Opt-Out Links: Where applicable, we provide links to third-party opt-out pages, allowing users to control data shared with external service providers directly.

12. Children’s Privacy

Media Thrive’s services are designed for use by businesses and individuals who are at least 18 years old. We are committed to protecting the privacy of minors and do not knowingly collect or process data from children under the age of 18.

Age Restrictions

• Intended Audience

  • Age Requirement: Our services are intended for business professionals and other individuals over 18 years of age. We do not knowingly provide services to or collect personal data from individuals under this age.

• Prohibition on Underage Use

  • Preventive Measures: We take steps to prevent the collection of data from minors, including age verification procedures where appropriate.

No Collection of Children’s Data

• Policy on Minors
  • Preventive Approach: If we become aware that we have inadvertently collected personal data from an individual under 18, we will promptly delete this information from our records.
  • Parental Notification: If a parent or guardian becomes aware that their child has provided us with personal information, they may contact us at [email protected] to request data deletion.

Data Deletion

• Prompt Erasure of Collected Data
  • Erasure Procedures: Upon discovering any collected data from minors, we ensure immediate and secure deletion of such data, following GDPR and relevant legal requirements.
  • Reporting Mechanism: Parents or guardians can notify us of any concerns regarding data collection from minors, and we will take appropriate action to address and resolve these concerns.

13. Changes to This Privacy Policy

Media Thrive may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. We are committed to keeping our users informed about how we protect their data.

Notification of Changes

• Update Procedures

  • Advance Notice: When we make significant changes to this Privacy Policy, we will provide advance notice to users where feasible. Notification may be given via email, website notices, or in-app alerts.
  • Effective Date: The “Effective Date” at the beginning of this Privacy Policy indicates when the current version became applicable.

• Review and Acceptance

  • User Review Encouraged: We encourage users to review this Privacy Policy periodically to stay informed about our data protection practices. Continued use of our services after any updates to this policy constitutes acceptance of the revised terms.

Historic Versions

• Access to Previous Versions
  • Archived Copies: For transparency, we retain previous versions of this Privacy Policy. Users can contact us at [email protected] if they wish to review past versions of the policy.

Completing with Section 14:

---

14. Contact Information

Media Thrive is committed to transparency and open communication. If you have any questions about this Privacy Policy, your rights, or how we handle personal data, please don’t hesitate to reach out.

Privacy Inquiries and Data Requests

• Email Contact

  • Dedicated Email: For privacy-related inquiries or to exercise your data rights, please email us at [email protected].

• Mailing Address

  • Physical Address: You may also send written inquiries to our mailing address:

    Media Thrive
    Attn: Privacy Department
    [email protected]

Data Protection Officer (If Applicable)

• Contact Details for DPO
  • If Media Thrive is required to appoint a Data Protection Officer (DPO) based on our data processing activities, we will provide their contact information here.
  • DPO Availability: The DPO will be available to answer any questions or address concerns about our data protection practices.

Complaint Resolution

• Internal Resolution

  • We encourage users to contact us directly with any concerns about personal data processing. Our team is committed to addressing and resolving privacy-related issues.

• Supervisory Authority

  • Escalation Option: If you feel your concern has not been adequately addressed, you have the right to file a complaint with the relevant data protection authority in your country of residence or where the alleged infringement occurred. For more information on filing complaints, you can refer to the European Data Protection Board website or contact your local supervisory authority.