Menu
Effective: 22 October 2024 | Last revised: 23 May 2025
We never sell or rent personal data.
No cross-service tracking or behavioural ads.
Minimal collection, maximum transparency.
Category | Example | Purpose | Identifiable? |
|---|---|---|---|
Account data | Name, e-mail (parent only), child display-name | Sign-in, family linking, support | Yes (limited to parent) |
App-usage analytics | Screen taps, time spent, crash logs | Product improvement via Amplitude | No – aggregated & pseudonymised |
Attribution metrics | SKAdNetwork conversion values; Branch deep-link IDs | Measure marketing effectiveness | No – Apple SKAN & Branch both report without personal IDs |
Screen-time metrics | Total minutes per category, weekly averages | Generate wellbeing insights for you | No – stored with a random internal ID |
Derived real-world data | Points/minutes earned from physical or growth activities | Stays inside Thrive to power rewards | Never leaves our servers |
Operate the service – authenticate you, sync family members, display progress.
Improve the product – aggregated Amplitude events help us prioritise fixes and features; they cannot be traced back to a person.
Measure campaigns – Apple SKAdNetwork and Branch give us anonymous install / link attribution. No user-level profiles are built.
Comply with law – prevent fraud, satisfy legal obligations, and enforce our Terms of Service.
We do not use any data for third-party advertising or profiling.
Parental consent is required before a child account (< 16 yrs, or the local age of digital consent) is created.
No ads, external links, or trackers are shown in child mode.
Data minimisation: child analytics are pseudonymised and aggregated.
Deletion on request: parents can erase a child’s data at any time (see §7).
Recipient | Reason | Safeguard |
|---|---|---|
Amplitude Inc. | App-usage analytics | Aggregated events; IP masked; EU SCCs in place |
Apple Inc. | SKAdNetwork attribution | Apple processes conversions with no personal ID |
Branch Metrics Inc. | Deep-link routing | Only hashed device signals; no personal data |
Service providers (e.g. cloud hosting) | Secure operation of Thrive services | Bound by strict Data-Processing Agreements |
Data is stored in encrypted form on AWS (Sydney region).
We keep account data while your account is active.
When you delete your account, all personal data is erased within 30 days; only a non-identifiable hash is retained for fraud-prevention for a further 30 days, then removed.
Under GDPR, CCPA and similar laws you may:
Access the data we hold about you.
Rectify inaccurate or incomplete data.
Delete your account and all personal data (“right to be forgotten”).
Restrict or object to certain processing.
Receive your data in portable form.
Use the in-app controls (Settings › Privacy) or e-mail us to exercise any of these rights. We will respond within 30 days.
We apply industry-standard safeguards: TLS in transit, AES-256 at rest, least-privilege access, periodic penetration tests, and employee confidentiality agreements.
If we materially change this Policy we will notify you in-app or by e-mail at least 14 days before the new terms take effect.
Privacy Office — Thrive Digital Wellbeing Pty Ltd
E-mail: [email protected]
Postal: Level 8, 805/220 Collins St, Melbourne, VIC 3000, Australia
Version 1.2 — supersedes all prior versions.