GDPR Compliance Statement

We process personal data in alignment with GDPR and maintain clear accountability for every stage of data handling. Safeguards, policies, and training are continuously updated to reflect evolving regulations.

• Lawfulness, fairness, and transparency guide every data workflow.
• Collection is limited to explicit, legitimate purposes tied to client outcomes.
• Data sets remain adequate, relevant, and minimized.
• Accuracy is maintained via scheduled reviews and automated validation checks.
• Retention schedules ensure data is stored only as long as necessary.
• Security controls protect against unauthorized processing, loss, or disclosure.

We rely on consent, contractual necessity, or legitimate interest when processing personal data. Before processing new categories, we conduct Legitimate Interest Assessments and update records of processing activities.

EU residents can request access, correction, deletion, restriction, portability, or object to processing at any time. Verified requests receive a response within one month, subject to legally permitted extensions.

Our appointed Data Protection Officer oversees compliance strategy, vendor assessments, and incident response. Reach the DPO directly at dpo@thrivefinancial.com for GDPR inquiries or to exercise your rights.