Privacy Notice

Last Updated: December 1, 2025

This Privacy Notice (“Notice”) describes how Thrive Foundation, a Cayman Islands foundation company (“Thrive,” “we,” “us,” or “our”), collects, uses, discloses, processes, and protects personal information in connection with:

• Our websites (including https://www.thrive.xyz/);
  
  
• The Thrive Power List (“TPL”);
  
  
• The Proof of Value (“PoV”) consensus mechanism;
  
  
• Power Signals and validation workflows;
  
  
• Guardian participation (Human and Agent);
  
  
• APIs, dashboards, analytics, and related interfaces;
  
  
• Our mobile or web applications; and
  
  
• Other online or offline services we provide (collectively, the “Services”).
  
  

This Notice does not apply to Thrive’s employees, contractors, or internal personnel.

We may update this Notice at any time. When we do, we will update the “Last Updated” date. Your continued use of the Services constitutes acceptance of any changes.

1. Definitions

For purposes of this Notice:

1.1 “Project”

A crypto business, organization or initiative.

1.2 “Builder”

Individuals or teams submitting Applications, Milestones, or Signals relating to a Project, or otherwise building value for the ecosystem.

1.3 “Guardian”

A User who verifies or researches Power Signals. Includes:

• Human Guardians (natural persons), and
  
  
• Agent Guardians (automated systems, bots, or software agents).
  
  

1.4 “Power Signal”

Any signal, evidence, metric, or data submitted for purposes of PoV or Project ranking.

1.5 “Power Score”

A score derived from validated Power Signals and PoV, used to rank Projects on the TPL.

1.6 “Ecosystem”

Networks and partners using Thrive’s systems to evaluate or identify Projects.

2. Information We Collect

We collect the following categories of information:

A. Information You Provide

2.1 Account Information

• Email address
  
  
• Username
  
  
• Wallet address
  
  
• Profile details
  
  
• Preferred communication channels
  
  

2.2 Project Submissions

• Project name and description
  
  
• Team information
  
  
• Public materials and links
  
  
• Metrics, documents, evidence
  
  
• Non-confidential traction or performance data
  
  

2.3 Power Signals

Any data submitted for the TPL, including:

• Evidence files, screenshots, URLs
  
  
• Explanations, comments, annotations
  
  
• Guardian reasoning or analysis
  
  
• Accuracy ratings or comparisons
  
  

2.4 Guardian Participation

• Validations, votes, or rankings
  
  
• Disagreements or challenge requests
  
  
• Reputation-related actions and quality scores
  
  
• Agent Guardian output logs
  
  

2.5 Communications

• Emails, messages, survey responses, community posts
  
  
• Customer support interactions
  
  

2.6 Applications

If you apply to work with us:

• CV and resume data
  
  
• Work history
  
  
• Education history
  
  
• Interview notes
  
  
• Any other information voluntarily submitted
  
  

B. Information Collected Automatically

We automatically collect:

2.7 Device & Log Data

• IP address
  
  
• Browser type, settings, version
  
  
• Device identifiers
  
  
• Operating system
  
  
• Time zone
  
  

2.8 Usage Data

• Pages visited
  
  
• Features used
  
  
• Interaction patterns
  
  
• Navigation flows
  
  
• Clickstream data
  
  

2.9 PoV & Guardian Telemetry

• Signal validation timestamps
  
  
• Agreement/disagreement logs
  
  
• Performance signals for Agent Guardians
  
  
• Reputation scoring inputs
  
  
• Anti-manipulation indicators
  
  

2.10 Cookies and Tracking Technologies

We use:

• Cookies
  
  
• Pixels
  
  
• Web beacons
  
  
• Local storage
  
  
• Device fingerprinting
  
  

Users may manage cookies via browser settings, though disabling cookies may impair functionality.

C. Information from Third Parties

2.11 Public Blockchain Data

Because blockchain data is public, we may associate:

• Wallet addresses
  
  
• Transaction history
  
  
• Network activity
  
  
• On-chain events relevant to Projects or Signals
  
  

2.12 Ecosystem Partners

We may receive:

• Public or non-confidential Project traction data
  
  
• Data on ecosystem-specific transactions or relationships
  
  
• Partner-provided referral metrics
  
  

2.13 Public Sources

• Social media posts
  
  
• Public dashboards (e.g., Dune, DefiLlama)
  
  
• Public analytics tools
  
  

2.14 Service Providers

Our vendors may provide:

• Analytics
  
  
• Compliance checks
  
  
• Security reports
  
  
• Identity confirmations
  
  
• Fraud signals
  
  

3. How We Use Information

We use personal information for the following purposes:

A. Operating the Thrive Power List & PoV

3.1 Running the TPL

To evaluate, score, rank, and display Projects.

3.2 Validating Power Signals

Using Human and Agent Guardians to confirm, challenge, or reject signals.

3.3 Guardian Reputation Scoring

To measure Guardian accuracy, performance, and reliability.

3.4 Manipulation Detection

To detect and prevent fraud, Sybil behavior, artificial traction, collusion, or gaming.

3.5 Methodology Improvement

To refine tools, PoV algorithms, Power Signals, weightings, and ranking logic.

B. Operating and Improving the Services

3.6 Service Delivery

To provide, maintain, and improve:

• Websites
  
  
• Applications
  
  
• APIs
  
  
• Dashboards
  
  
• Guardian tools
  
  

3.7 Communications

To provide:

• Technical updates
  
  
• Feature announcements
  
  
• Policy communications
  
  
• Customer support
  
  

3.8 Research & Analytics

To analyze:

• Ecosystem-wide traction
  
  
• Guardian behavior patterns
  
  
• Consensus performance
  
  
• Score distributions
  
  

3.9 Security

To detect:

• Unauthorized access
  
  
• Abuse
  
  
• Attacks on PoV
  
  
• Anomalous Agent Guardian behavior
  
  
• Collusion or manipulation
  
  

C. Legal, Compliance, and Risk Management

3.10 Compliance Checks

Including:

• Sanctions screening
  
  
• AML controls
  
  
• Risk scoring
  
  
• Eligibility verification
  
  

3.11 Legal Obligations

To:

• Respond to legal requests
  
  
• Comply with regulatory requirements
  
  
• Enforce our Terms of Service
  
  

3.12 Protect Rights

To enforce:

• Trust and safety rules
  
  
• Integrity of the PoV system
  
  
• Contractual rights
  
  

4. How We Disclose Information

We may share information in the following ways:

A. Public Disclosures

4.1 Public Power List

We may publicly disclose:

• Project profiles
  
  
• Power Signals (non-confidential)
  
  
• Power Scores and ranking results
  
  
• Guardian usernames or pseudonyms (if designated public)
  
  
• Methodology summaries
  
  
• Disagreements or consensus explanations
  
  

Users acknowledge that:

• Public blockchains are inherently transparent;
  
  
• TPL outputs may be cached, scraped, or mirrored by third parties;
  
  
• Thrive cannot control how third parties use or store this data.
  
  

B. Ecosystem Partners

We may share:

• Validated Power Signals
  
  
• Aggregated traction analysis
  
  
• Non-confidential Project data
  
  
• Ranking surfaces or summaries
  
  
• Project eligibility information
  
  

This sharing empowers ecosystems to identify value-creating Projects.

C. Service Providers

We may share information with:

• Hosting platforms
  
  
• Cloud storage providers
  
  
• Analytics vendors
  
  
• Legal and compliance tools
  
  
• Security firms
  
  
• Payment processors (if applicable)
  
  

These providers act per contractual obligations.

D. Legal & Compliance

We may disclose information:

• To comply with legal requests
  
  
• To investigate fraud or manipulation
  
  
• To protect our rights and Users
  
  
• To meet sanctions or AML obligations
  
  
• As part of audits
  
  

E. Business Transactions

If Thrive undergoes a reorganization, restructuring, asset transfer, or similar event, information may be transferred accordingly.

5. Your Choices and Rights

Depending on your jurisdiction, you may have rights to:

• Access your data
  
  
• Correct inaccurate data
  
  
• Request deletion (subject to exceptions)
  
  
• Withdraw consent
  
  
• Request a copy of your data
  
  
• Object to certain processing
  
  

To exercise rights, contact privacy@thriveprotocol.com.

Blockchain & TPL Limitations

Notwithstanding the above:

• Blockchain data cannot be modified or deleted.
  
  
• Public TPL data may remain available through third-party archives.
  
  
• PoV logs and anti-manipulation indicators may be retained to protect system integrity.
  
  

6. Data Retention

We retain data for as long as necessary to:

• Operate the TPL and PoV
  
  
• Maintain system integrity
  
  
• Prevent manipulation
  
  
• Meet legal obligations
  
  
• Fulfill the purposes described in this Notice
  
  

Certain data may be retained longer for audits, fraud prevention, or regulatory requirements.

7. International Data Transfers

We may transfer data to:

• The United States
  
  
• Europe
  
  
• Asia
  
  
• Other jurisdictions where partners or service providers operate
  
  

We use reasonable safeguards for international transfers (e.g., contractual terms, security measures).

8. Security

We implement measures to protect your information, but no system is fully secure.

You are responsible for:

• Securing your wallet
  
  
• Using safe devices
  
  
• Maintaining strong passwords
  
  
• Protecting private keys
  
  

We are not responsible for losses due to compromised devices or user error.

9. Children

The Services are not intended for individuals under 16. We do not knowingly collect their data. If identified, we will delete such information.

10. Changes to This Notice

We may update, modify, or replace this Notice at any time.

We will update the “Last Updated” date when changes occur.

Continued use of the Services signifies acceptance of changes.

‍