1. Introduction
Welcome to Thrad. Your privacy is important to us. This Privacy Policy explains how we handle data when you use our website and services.
2. Information We Collect
We collect user signal from the displayed ad, specifically clicks.
We might collect some anonymized user conversations submitted through our APIs upon explicit agreement with the publisher. These snippets are stored with timestamps and non-identifiable metadata.
No directly personally identifiable information (PII) such as names, email addresses, or IP addresses is collected.
3. Legal Basis for Data Processing
We process conversation data under the legal basis of legitimate interest (Article 6(1)(f) GDPR) and strict necessity for the purpose of improving ad relevance and effectiveness.
As a B2B service provider, our clients are responsible for informing their users and updating their own privacy policies accordingly.
4. Cookies & Tracking
We do not use cookies, device fingerprinting, or tracking pixels. Tracking is limited to voluntary UTM parameters passed by publishers.
5. How We Use Collected Data
We collect click signals from users to improve targeting.
We collect snippets of anonymized and PII-masked user conversation to:
Evaluate the effectiveness and quality of advertisements displayed.
Provide performance metrics and reporting to publishers.
Important: Conversation snippets are not used for profiling or ad targeting by default. Profiling may occur only where explicitly agreed with the publisher in advance, and solely for the purpose of improving the relevance and experience of ads.
5. Profiling
Any profiling is limited to anonymized behavioral segments and does not have legal or similarly significant effects on individuals.
Conversation snippets are excluded from profiling unless a publisher expressly authorizes such use in writing. In the absence of such agreement, snippets are used exclusively for aggregated reporting and metrics.
6. Data Security & Retention
We implement strict access controls and store all data securely on AWS servers located in North Virginia, USA. Security measures include:
Encryption of stored data to prevent unauthorized access.
Access control mechanisms that limit data access to authorized personnel only.
Regular security audits to ensure compliance with industry best practices.
Retention: We retain anonymized conversation snippets and click data for a maximum of 12 months unless otherwise required by law.
7. International Data Transfers
Since our servers are located in the United States, data transfers involving EU users are governed by Standard Contractual Clauses (SCCs) in compliance with GDPR requirements. We rely on AWS's GDPR-compliant framework to ensure appropriate safeguards for such transfers.
8. User Rights
While we do not collect personal data, users may still have rights under GDPR, including:
Right to Access: Users can request to know what data has been collected.
Right to Object: Users may request that their data not be processed for specific purposes.
Right to Erasure (Deletion): We currently do not provide direct deletion options, but users with concerns can contact us for review.
For any privacy-related inquiries, users may contact us at: contact@thrads.ai.
9. User Rights
Thrad acts as a data processor. Publishers act as data controllers and are responsible for end-user notices. For U.S. users, Thrad acts as a Service Provider as defined under the California Consumer Privacy Act (CCPA/CPRA).
10. Data Breach Notification
In the event of a data breach, we will follow industry-standard protocols to mitigate risks and notify relevant authorities and affected parties, as required by GDPR and applicable US regulations.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date.
12. Contact Information
For any privacy-related questions or concerns, you can contact us at: contact@thrads.ai
By using Thrad, you acknowledge and agree to this Privacy Policy.
