Privacy Policy
How Thrive Hub collects, uses and protects your personal data.
Last updated: [DATE AT LAUNCH] · Draft — subject to final review
1. Who we are
This website is operated by Olga Apryshkina, trading as Thrive Hub [FULL LEGAL NAME / ENTITY AND ADDRESS, Switzerland] ("we", "us"). We are the data controller for the personal data described in this policy.
Contact for anything privacy-related: [OLGA'S EMAIL].
Technical operation of the website is provided by an independent contractor acting as our data processor under a data-processing agreement.
2. What we collect and why
2.1 The self-assessment
Our optional self-assessment asks 15 questions about your sleep, stress, focus and daily habits. Because these answers relate to your wellbeing, we treat them as sensitive (health-related) data under the Swiss Federal Act on Data Protection (nFADP) and Article 9 of the GDPR.
- We only process your answers with your explicit consent, which you give by ticking the consent box before starting. You can stop at any point before submitting.
- What we receive: your name, email address, and your aggregated scores per category (not your individual answers — those are processed in your browser and are not stored by us).
- Why: to show you your personal snapshot and to prepare your free discovery call.
- The assessment is a self-reflection tool. It is not medical advice, diagnosis or treatment.
2.2 The chat assistant
Our website assistant ("Mira") answers general questions about Thrive Hub. Conversations are anonymous — we do not ask for your name or contact details in chat, and we ask you not to share sensitive personal information there. Messages are processed by Anthropic (Claude API) to generate replies and are subject to a usage rate limit per visitor.
2.3 Booking a discovery call
Discovery calls are scheduled through Calendly. When you book, Calendly collects your name, email and chosen time under its own privacy policy.
2.4 Website basics
Our hosting provider (Netlify) processes technical data such as IP addresses in server logs for security and delivery. We use only essential cookies; we do not run advertising or cross-site tracking. See the cookie notice on your first visit.
3. Who helps us process data (sub-processors)
- Netlify — website hosting and serverless functions
- Anthropic — AI chat replies (Claude API)
- Resend — transactional email delivery (your assessment summary to us)
- Calendly — call scheduling
Some of these providers process data outside Switzerland/the EEA (notably in the United States). Where they do, transfers rely on recognised safeguards such as the EU–US / Swiss–US Data Privacy Framework or standard contractual clauses.
4. How long we keep your data
- Assessment emails (name, email, scores): up to 24 months, then deleted.
- If you become a member, your data is kept as part of the membership relationship and its legal retention duties.
- Chat conversations: not linked to your identity; session history lives in your own browser.
5. Your rights
Under the nFADP and, where applicable, the GDPR you can at any time:
- ask what data we hold about you (access);
- ask us to correct or delete it;
- withdraw your consent (this doesn't affect processing before withdrawal);
- object to processing or ask for it to be restricted;
- receive your data in a portable format;
- complain to a supervisory authority — in Switzerland, the FDPIC (Federal Data Protection and Information Commissioner).
To exercise any of these, email [OLGA'S EMAIL] — deletion requests are honoured within 30 days.
6. Security
Data is transmitted over encrypted connections (HTTPS). Access credentials and API keys are stored server-side only. We collect the minimum we need — the assessment deliberately sends aggregated scores rather than your raw answers.
7. Changes
We may update this policy as the service evolves; the current version always lives on this page with its date above.