Last updated: January 2026 · Effective: January 2026
Thriving Wolves Ltd. ("Thriving Wolves", "we", "us", "our") operates the affiliate marketing network available at thrivingwolves.com (the "Platform"). This Privacy Policy explains what personal information we collect, why we collect it, how we use and share it, and the rights you have over your data under the GDPR, UK GDPR, CCPA / CPRA and other applicable laws.
1. Who we are
The data controller is Thriving Wolves Ltd., with offices at H no. 453, Shivpuram, Koyala Nagar, Kanpur 208011, India; Building A1, Dubai Digital Park, Dubai Silicon Oasis, UAE; and #6665, 1021 E Lincolnway, Cheyenne, WY 82001, United States.
For any privacy enquiry you can reach our Data Protection Officer at [email protected].
2. Information we collect
2.1 Information you give us
- Account information — name, email, password, country, phone, messenger handle.
- Business information — company name, website / traffic source URLs, vertical interests, traffic channels, experience level, expected volumes.
- Payment information — payment method, payout details (PayPal, Payoneer, Wise, wire information, USDT wallet), tax information where required.
- Communications — messages you send to your account manager, support tickets, contact form submissions.
2.2 Information we collect automatically
- Tracking data — clicks, conversions, scroll, revenue events, geo, device, source/referrer, IP address (hashed where required) and User-Agent.
- Platform usage — pages visited, dashboards accessed, login times, feature interactions.
- Cookies and similar technologies — see Section 9 and our Cookie Policy.
2.3 Information from third parties
- Advertiser postbacks — conversion data from advertiser systems that feeds our attribution.
- Identity / KYC providers — where required for higher-payout offers or regulated verticals.
- Payment processors — confirmations of disbursements.
3. How we use your information
- Operate the affiliate platform — match offers, attribute conversions, calculate and issue commission payouts.
- Maintain your account, authenticate logins and prevent unauthorised access.
- Detect, prevent and investigate fraud, click fraud, bot traffic and policy violations.
- Communicate with you about your account, performance, offer updates, payouts and service notices.
- Improve the platform — analytics, A/B testing of our own product surfaces, dashboard performance.
- Comply with legal, tax, accounting and regulatory obligations.
4. Legal bases for processing (GDPR / UK GDPR)
- Contract — we process your account, traffic and payout data to deliver the Platform you've signed up for.
- Legitimate interests — fraud prevention, network security, traffic-quality enforcement, internal analytics, direct B2B marketing of related services.
- Consent — optional marketing emails, cookies that are not strictly necessary, and any other processing where consent is required. You can withdraw consent at any time.
- Legal obligation — accounting, tax records, anti-money-laundering and responses to lawful requests.
5. How we share information
We share personal information only as needed and only with the categories of recipients below:
- Advertisers — aggregated, hashed and/or de-identified conversion data so they can verify performance. Personal contact information of publishers is never shared with advertisers without your consent.
- Service providers — hosting (cloud infrastructure), email delivery, analytics, payment processing, customer support tools — all bound by confidentiality and data-processing agreements.
- Payment partners — to issue your payouts (wire networks, PayPal, Payoneer, Wise, crypto on-ramps).
- Legal & safety — law enforcement and courts where legally required, and to defend our rights and investigate fraud.
- Corporate transactions — in the event of a merger, acquisition or asset sale, subject to standard confidentiality protections.
We do not sell personal information for advertising as defined under CCPA / CPRA.
6. International transfers
Our operations span India, the UAE and the United States. Where personal data is transferred outside your jurisdiction, we rely on Standard Contractual Clauses (EU/UK SCCs), adequacy decisions where applicable, and supplementary measures to safeguard your data. A copy of the SCCs we use is available from [email protected].
7. Data retention
- Account data — for as long as your account is active and for a reasonable period afterwards for dispute resolution.
- Conversion & payout records — at least 7 years to satisfy tax and accounting obligations.
- Marketing data — until you unsubscribe or object.
- Log files — typically 90–180 days, longer where investigation or legal hold requires.
8. Your rights
Depending on your location, you have the right to: access your data, correct inaccurate data, request deletion, restrict or object to processing, port your data to another service, withdraw consent, and lodge a complaint with a supervisory authority. To exercise these rights, email [email protected]. We will respond within statutory timeframes (30 days under GDPR; 45 days under CCPA, extendable).
California residents additionally have the rights described in our supplementary CCPA / CPRA notice on request.
9. Cookies and tracking
We use first-party cookies and tracking pixels for authentication, conversion attribution and product analytics. Affiliate tracking cookies are explained at the point of click. For full details and your choices, see our Cookie Policy.
10. Security
We apply industry-standard administrative, technical and physical safeguards to protect your data — including TLS in transit, encryption at rest, role-based access, audit logging, multi-factor authentication for staff, and regular security reviews. No system is 100% secure, but we maintain an incident response process and will notify affected parties of personal data breaches within statutory timeframes.
11. Children's privacy
The Platform is not directed to anyone under 18 and we do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, contact us and we will delete it.
12. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be notified by email or via a prominent notice on the Platform at least 14 days before the change takes effect. The "Last updated" date at the top of this page always reflects the current version.
13. Contact & complaints
Email: [email protected]
General contact: [email protected]
Postal: H no. 453, Shivpuram, Koyala Nagar, Kanpur 208011, India.
EU/UK residents have the right to complain to their local data-protection authority. UAE residents may contact the Telecommunications and Digital Government Regulatory Authority (TDRA). US residents may contact their state Attorney General's office.
