Privacy Policy

1.2 Information Collected Automatically

When you visit our website, certain technical data is collected automatically through cookies and similar
technologies:

• IP address, browser type and version, operating system, and device identifiers
• Pages visited, time spent on each page, referral source, and click patterns
• Cookies and pixel tags for analytics and remarketing (see Section 6 below)

1.3 Information from Third Parties

We may receive limited information from social media platforms (e.g., Instagram, LinkedIn, Facebook) if you
interact with our accounts or use social login features, as well as from referral partners who recommend you
for an experience with your prior consent.

2. How We Use Your Information

• To process and evaluate your application for invite-only experiences
• To curate cohorts by matching participants with complementary profiles and interests
• To communicate trip logistics, itineraries, pre-departure information, and post-experience follow-ups
• To process payments and send invoices, receipts, and financial notices
• To personalise your experience, including dietary, medical, and accessibility accommodations
• To send newsletters, edition announcements, and marketing communications (only with your
  consent; you may opt out at any time)
• To improve our website, programmes, and services through analytics and feedback
• To respond to your inquiries, support requests, and feedback
• To comply with applicable laws, regulations, and legal obligations
• To detect and prevent fraud, unauthorised access, or other illegal activities

3. Legal Basis for Processing

We process your personal data on the following grounds: (a) your explicit consent, which you may withdraw
at any time; (b) contractual necessity, where processing is required to fulfil our agreement with you; (c)
legitimate interests, such as improving our services and preventing fraud; and (d) legal compliance, where
processing is required by applicable Indian law.

4. Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share limited data with:

• Service providers and partners: Venue hosts, accommodation providers, transport operators,
  activity facilitators, and catering partners receive only the information strictly necessary to deliver the
  experience (e.g., name, dietary requirements, medical needs)
• Payment gateways: Razorpay, Stripe, or similar PCI-DSS-compliant processors handle all financial
  transactions. We do not access or store full card details
• Analytics and marketing tools: Google Analytics, Meta Pixel, and similar platforms receive
  anonymised or pseudonymised usage data
• Legal authorities: We may disclose information if required by a court order, government request, or
  to protect the rights, property, or safety of our company, participants, or the public
• Corporate transactions: In the event of a merger, acquisition, or sale of assets, your data may be
  transferred as part of the transaction, subject to equivalent privacy protections

5. Data Security

We implement reasonable security practices and procedures consistent with the SPDI Rules, including
encrypted data transmission (SSL/TLS), access controls, regular security audits, and secure storage.
However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee
absolute security. If you become aware of any security breach, please notify us immediately at
letsthriv3@gmail.com.

6. Cookies and Tracking Technologies

Our website uses cookies and similar technologies for essential functionality (session management, security),
analytics (Google Analytics to understand site usage patterns), and marketing (Meta Pixel for retargeting on
Instagram and Facebook). You can control cookie preferences through your browser settings. Disabling
certain cookies may limit website functionality. We honour Do Not Track browser signals where technically
feasible.

7. Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy: application
data for up to 24 months after your last interaction; participant data for 36 months after your most recent
experience (for alumni community and follow-up purposes); financial records for the period required by Indian
tax and accounting laws (typically 8 years under the Income Tax Act); and marketing consent records for the
duration of your subscription. After the applicable retention period, data is securely deleted or anonymised.

8. Your Rights

Under the DPDPA 2023 and applicable law, you have the right to:

• Access: Request confirmation of whether we hold your personal data and obtain a copy
• Correction: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your data, subject to our legal retention obligations
• Withdraw consent: Withdraw previously given consent at any time, without affecting the lawfulness
  of processing prior to withdrawal
• Grievance redressal: Lodge a complaint with us or with the Data Protection Board of India
• Nomination: Nominate another individual to exercise your rights in case of death or incapacity

To exercise any of these rights, please email us at letsthriv3@gmail.com with the subject line “Data Privacy
Request.” We will respond within 30 days.

9. Third-Party Links

Our website and communications may contain links to third-party websites, social media platforms, or
services. We are not responsible for the privacy practices of these external sites. We encourage you to
review their privacy policies before sharing any personal information.

10. Children’s Privacy

Our services are designed for individuals aged 18 and above. We do not knowingly collect personal data from
anyone under 18. If we become aware that we have inadvertently collected such data, we will delete it
promptly. If you believe a minor’s data has been submitted to us, please contact us at letsthriv3@gmail.com.

11. International Data Transfers

Your data is primarily stored and processed within India. If any data is transferred outside India (for example,
to cloud service providers with international infrastructure), we ensure that adequate data protection
safeguards are in place as required under applicable Indian law.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws.
The updated version will be posted on our website with a revised “Last Updated” date. For material changes,
we will notify you via email or a prominent notice on our website. Continued use of our services after such
changes constitutes acceptance of the revised policy.

13. Grievance Officer

In accordance with the IT Act 2000 and DPDPA 2023, the details of our Grievance Officer are:
Name: The Grievance Officer, Let’s Thrive
Email: letsthriv3@gmail.com
Phone: +91 9820998042
The Grievance Officer shall acknowledge your complaint within 48 hours and resolve it within 30 days of
receipt.

Contact Us

Let’s Thrive

Website: https://letsthrive.in
Email: letsthriv3@gmail.com
Phone: +91 9820998042