Privacy statement (Website Users – EU)

This privacy statement was last updated on 16/05 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.

In this privacy statement, we explain what we do with the data we obtain about you via We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose, data and retention period

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

2. Sharing with other parties

We only share this data with processors and with other third parties for which consent must be obtained.

Name: Podio / Citrix
Country: United States and international
Purpose: Remote collaboration and communication, client record management, practice management, agreed services
Name: Zoom
Country: United States
Purpose: Client video calls and live collaboration, webinars, workshops, group programmes, other agreed services
Name: Miro
Country: United States
Purpose: Communication and collaboration, agreed services
Name: Microsoft
Country: United States
Purpose: For the creation and provision of agreed services, including document creation, administration and sharing, and for cloud storage, and for communication including email and VOIP telephony, and for the administration and growth of my business
Name: Boxcryptor (including Whisply)
Country: Germany
Purpose: End-to-end encrypted file storage and transfer in connection with the provision of agreed services
Name: Dropbox
Country: United States
Purpose: Storage and transfer of files and data used for the provision of services and the administration and growth of my business
Name: Calendly
Country: United States
Purpose: Appointment scheduling
Name: Zapier
Country: United States
Purpose: Functional processes concerned with the integration of separate business-related services
Name: Mailchimp
Country: United States
Purpose: Communication and business administration and growth, principally but not exclusively email marketing
Name: Zoho
Country: Netherlands and India
Purpose: Processing form data in connection with communications, information supply and any agreed services
Name: JotForm
Country: United States
Purpose: Processing form data in connection with communications, information supply and any agreed services
Name: Google
Country: United States
Purpose: Web analytics and demographic and behaviour reporting, in relation to Google Analytics, Signals and Tags, and file storage and transfer, in relation to Google Workspace services and advertising
Country: Australia
Purpose: Remote signing of contracts and other agreements in relation to the provision of agreed or proposed services
Name: ActiveCampaign
Country: United States
Purpose: Communication and business administration and growth, principally but not exclusively email marketing, automation and funnels
Name: Freshsales
Country: India
Purpose: CRM
Name: Square
Country: USA
Purpose: Payment processing
Name: Stripe
Country: USA
Purpose: Payment processing
Name: GoCardless
Country: UK
Purpose: Payment processing
Name: Acuity Scheduling
Country: USA
Purpose: Taking bookings
Name: Quickfile
Country: UK
Purpose: Invoicing and accounting
Name: Xero
Country: New Zealand
Purpose: Invoicing and accounting
Name: [name]
Country: [country]
Purpose: [purpose]
Name: [name]
Country: [country]
Purpose: [purpose]

Name: We Grow Businesses Ltd
Country: UK
Purpose: Business development
Data: All where relevant

3. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy

4. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

We have concluded a data Processing Agreement with Google.

5. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorised access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

The security measures we use consist of:

  • Username and Password
  • TLS / SSL
  • X-Content-Type-Options
  • X-XSS-Protection

6. Third-party websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

7. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

8. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:

  • You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
  • Right of access: You have the right to access your personal data that is known to us.
  • Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
  • If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
  • Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
  • Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.

9. Automated decision-making

We make decisions on the basis of automated processing with respect to matters that may have (significant) consequences for individuals. These are decisions taken by computer programs or systems without human intervention.

Tracking of site access and browsing factors and behaviour with a view to making sales and marketing decisions on the basis of that tracking.

10. Submitting a complaint

If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Data Protection Authority.

11. Contact details

Thriveherd Limited
160 Kemp House, City Road, London EC1V 2NX
United Kingdom
Email: moc.drehevirht@ycavirp
Phone number: 02080588853


EWWW Image Optimizer

By default, the EWWW Image Optimizer does not store any personal data nor share it with anyone.

If you accept user-submitted images and use the API or Easy IO, those images may be transmitted to third-party servers in foreign countries. If Backup Originals is enabled, images are stored for 30 days. Otherwise, no images are stored on the API for longer than 30 minutes. Suggested API Text: User-submitted images may be transmitted to image compression servers in the United States and stored there for up to 30 days. Suggested Easy IO Text: User-submitted images that are displayed on this site will be transmitted and stored on a global network of third-party servers (a CDN).

Nelio A/B Testing

We use Nelio A/B Testing to split test our website. Split Testing (or A/B Testing) is a marketing technique used to test different variants of a website with the aim of identifying which variant is better at converting visitors. Nelio A/B Testing uses cookies to run split tests and track the actions you take while visiting our website. These cookies do not store any personal information about you and can not be used to identify you in any way. Whenever you perform an action that is relevant to a running test, such as visiting a certain page, clicking on an element, or submitting a form, this event is stored in Nelio’s cloud in compliance to Nelio A/B Testing’s Terms and Conditions. Please notice Nelio does not store any personal data that can be related to you, as all collected data is completely anonymous.

iThemes Security

What personal data we collect and why we collect it


Suggested text: Visiting the login page sets a temporary cookie that aids compatibility with some alternate login methods. This cookie contains no personal data and expires after 1 hour.

Security Logs

Suggested text: The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 60 days.

Who we share your data with

When running Security Check, will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to as part of this process. Requests to include the site’s URL. For privacy policy details, please see the iThemes Privacy Policy.

Suggested text: A QR code image is generated for users that set up two-factor authentication for this site. This image is generated using an iThemes hosted API. As part of generating this image, your username is sent to the API. This data is not logged. For privacy policy details, please see the iThemes Privacy Policy. Suggested text: This site is scanned for potential malware and vulnerabilities by the iThemes Site Scanner. We do not send personal information to the scanner; however, the scanner could find personal information posted publicly (such as in comments) during the scan.

How long we retain your data

Suggested text: Security logs are retained for 60 days.

Complianz | The Privacy Suite for WordPress

This website uses the Privacy Suite for WordPress from Complianz to collect records of consent. For this functionality your IP address is anonymised and stored in our database. For more information, see the Complianz Privacy Statement.