Last update: August 6th, 2020
PLEASE READ THIS AGREEMENT CAREFULLY BEFORE ENROLLING IN THE THRIVEON AFFILIATE PROGRAM. BY SUBMITTING YOUR APPLICATION TO BECOME AN AFFILIATE OR BY USING THE PROGRAM (AS DEFINED BELOW), YOU AGREE TO BECOME BOUND BY THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS OF THIS AGREEMENT, DO NOT SUBMIT AN AFFILIATE APPLICATION AND YOU WILL NOT BE ENROLLED IN THE THRIVEON AFFILIATE PROGRAM. THRIVE’S ACCEPTANCE IS EXPRESSLY CONDITIONED UPON YOUR ASSENT TO ALL THE TERMS AND CONDITIONS OF THIS AGREEMENT, TO THE EXCLUSION OF ALL OTHER TERMS; IF THESE TERMS AND CONDITIONS ARE CONSIDERED AN OFFER BY THRIVE, ACCEPTANCE IS EXPRESSLY LIMITED TO THESE TERMS.
The ThriveOn Affiliate Program, as may be modified by Thrive from time to time (the “Program”), available through www.thriveon.com (the “ThriveOn Site”), is owned by THRIVE II, LLC. (“Thrive”) and powered by Ontraport (“Ontraport”). The Program is offered to you (“You”) under the following terms and conditions:
You may solicit prospective Thrive customers via email, provided in doing so You do not use deceptive practices and You comply with all applicable laws and regulations, including, without limitation, privacy laws and the CAN-SPAM Act of 2003. Without limiting the generality of the foregoing, You may only use double opt-in e-mail lists.
All email transmissions must include (i) a working unsubscribe mechanism that is clear and conspicuous, (ii) a “from line” that accurately identifies the entity sending the email, (iii) a subject line that accurately reflects the content of the email, (iv) a clear and conspicuous identification that the email is an advertisement or solicitation, and (v) a valid physical postal address.
To the extent that information that identifies or relates to an identifiable individual (“Personal Information”) received by You pursuant to the ThriveOn Affiliate Program Agreement (the “Agreement”) between You and THRIVE II, LLC (“Thrive”) is covered by the European General Data Protection Regulation (EU) 2016/679 (“GDPR”), You agree to Process (as defined below) such Personal Information subject to the terms and conditions of this Data Processing Agreement (“DPA”).
DATA PROCESSING AND PROTECTION
1.1. Limitations on Use. You will Process Personal Information received by You or on Your behalf in connection with the ThriveOn Affiliate Program (the “Program”) only (i) for the purpose of the Program and in accordance with the Agreement, or (ii) as needed to comply with law. The scope of Processing of Personal Information is as specified in the Agreement. “Process” or “Processing” means the collection, recording, organization, structuring, alteration, use, access, disclosure, copying, transfer, storage, deletion, combination, restriction, adaptation, retrieval, consultation, destruction, disposal, or other use of Personal Information.
1.2. Confidentiality. You will ensure that persons authorized to Process Personal Information have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
1.3. Security. You will implement, maintain, monitor and, where necessary, update appropriate administrative, technical, and physical safeguards to protect Personal Information against anticipated threats or hazards to its security, confidentiality or integrity.
1.4. Data Breaches. You will notify Thrive without undue delay via agreed upon channels, whenever You learn that there has been a personal data breach (as defined in the GDPR). Taking into account the nature of Processing and the information available to You, You will assist Thrive at Thrive’s request in complying with Thrive’s notification obligations regarding personal data breaches as required by the GDPR.
1.5. Cross-Border Transfers. You may not transfer Personal Information to any country that is not recognized by the European Commission as providing an adequate level of data protection according to EEA standards or otherwise covered by EU-US or Swiss-US Privacy Shield frameworks.
1.6. Subprocessing. You are not authorized to transfer Personal Information to any third party for any purpose.
1.7. Requests or Complaints from Individuals. You will assist Thrive, at Thrive’s request, by appropriate technical and organizational measures with Thrive’s obligation to respond to data subjects’ requests to exercise their rights under the GDPR. Taking into account the nature of the Processing and the information available to You, You also will assist Thrive at Thrive’s request in meeting Thrive’s compliance obligations regarding carrying out privacy and data protection impact assessments and related consultations of data protection authorities.
1.8. Audit. Thrive may provide to You a security assessment questionnaire related to Your Processing of Personal Information, which You will accurately and promptly complete. Such a questionnaire may include questions seeking verification of compliance with the terms and conditions of this DPA. If, after the original security questionnaire assessment, Thrive determines that further assessment is warranted, Thrive may request, no more than annually and with 30 days prior written notice, at Thrive’s cost, an assessment with a scope to be mutually agreed. During such an assessment, Thrive may examine policies, procedures and other materials related to Your Processing of Personal Information. When responding to Thrive’s information or audit requests, You will inform Thrive if You believe that any of Thrive’s instructions regarding Processing would violate the GDPR or European Union Member State law.
1.9. Regulatory Investigations. Upon notice to You, You will assist and support Thrive in the event of an investigation by any regulator, including a data protection authority, or similar authority, if and to the extent that such investigation relates to Personal Information handled by You in connection with the Program. Such assistance will be at Thrive’s sole expense, except where investigation was required due to Your acts or omissions, in which case such assistance will be at Your sole expense.
1.10. Return or Disposal. At Thrive’s discretion, You will destroy or return all Personal Information to Thrive, unless applicable law requires storage of the Personal Information.
1.11. Adverse Changes. You will notify Thrive without undue delay if You: (i) have reason to believe that You are unable to comply with any of Your obligations under this DPA and You cannot cure this inability to comply within a reasonable timeframe; or (ii) become aware of any circumstances or change in applicable law that is likely to prevent You from fulfilling Your obligations under this DPA. In the event that this DPA, or any actions to be taken or contemplated to be taken in performance of this DPA, do not or would not satisfy either party’s obligations under the laws applicable to each party, the parties will negotiate in good faith an appropriate amendment to this DPA.
SEVERABILITY AND CONFLICTS. In the event any provision of this DPA is held to be invalid or unenforceable by any court of competent jurisdiction, such holding will not invalidate or render unenforceable any other provision herein. This DPA is expressly incorporated into the Agreement. In the event of any conflict or inconsistency between the terms of this DPA and the Agreement or the Program terms and conditions, the terms of this DPA prevail.