Privacy Policy

Last updated: September 08, 2025

This Privacy Policy explains how GeoThinkTank LLC (“the Company,” “we,” “us,” “our”) collects, uses, shares, and protects personal information in connection with the aiThrive website, courses, and coaching services (the “Service”). By using the Service, you agree to this Policy. If you do not agree, please do not use the Service.


We use your personal information to operate and improve the Service. Depending on where you live, you may have additional privacy rights (e.g., under California’s CCPA/CPRA or the EU/UK GDPR). This Policy describes those rights and how to exercise them.


Interpretation and Definitions

Interpretation

Capitalized terms have the meanings set out below. Singular includes plural and vice versa.

Definitions

Account means a unique account you create to access parts of the Service.

Business (CCPA/CPRA) refers to the Company acting as a “business” under California law.

Company means GeoThinkTank LLC, 475 Brickell Ave #3213, Miami, FL 33131.

Controller (GDPR) means the Company when we determine purposes and means of processing personal data.

Cookies are small data files stored on a device to help operate and measure the Service.

Device means any device that can access the Service (e.g., computer, phone, tablet).

Personal Data (GDPR) means information relating to an identified or identifiable person; (CCPA/CPRA) includes information that identifies, relates to, or could reasonably be linked with a consumer or household.

Processor/Service Provider means a third party that processes Personal Data on our behalf.

Sensitive Personal Information (CPRA) includes certain data such as account logins with credentials.

Service means the aiThrive website, courses, coaching services, and related features, including embedded third-party services.

Third-Party Services means services not owned or controlled by us (e.g., OpenAI, Stripe/PayPal, Calendly, Google, MailerLite, Typeform, analytics/ads providers, hosting/CDN, WordPress plugins like Wordfence/MeowApps).

You means the individual using the Service, or a business acting through an authorized individual.


Collecting and Using Your Personal Data

Personal Data You Provide

We collect information you provide directly, such as:

  • Contact & Account: name, email, phone, password (hashed), and profile preferences.
  • Billing: billing name, address, and limited payment details (full card data is handled by our payment processors).
  • Course/Coaching: messages, intake form responses, uploads, and scheduling details.
  • Support: inquiries, feedback, and communications.

Usage Data (including AI interactions)

We collect usage information automatically, such as IP address, device/browser data, pages viewed, timestamps, referral URLs, and diagnostics. If you use embedded AI features (e.g., ChatGPT sessions via MeowApps/OpenAI), we process your inputs (prompts, text, files) and related session metadata to operate the feature. Where possible, we configure third-party services to limit their use of your data for model training.


AI Features (MeowApps / OpenAI API)

When you use our lesson chat, your inputs (prompts and any files you choose to send) are transmitted from our site to OpenAI via the MeowApps “AI Engine” plugin to generate a response. MeowApps does not receive your prompts; data is sent from our site directly to the configured AI provider and, if logging is enabled, a copy is stored in our WordPress database (wp_mwai_logs). We use these features to deliver the service and improve lesson quality.

Categories of data: prompt text you enter; usage metadata (timestamps, model used, token counts); optional user ID if logged in. We ask you not to include personal or sensitive information in prompts.

Legal bases (GDPR/UK-GDPR): performance of a contract (course functionality) and our legitimate interests in improving the service; where required, your consent at the point of use.

Recipients/Processors: OpenAI, LLC (API provider); hosting and security providers needed to operate our site. OpenAI’s API data usage terms apply; API data is not used for model training by default per OpenAI’s policies. See OpenAI’s terms and privacy notices.

International transfers: Data may be processed outside your country. Where required, we rely on Standard Contractual Clauses and comparable safeguards.

Retention: Chat logs, if enabled, are retained for up to 30 days (or shorter if you set a shorter period) and then deleted/anonymized. For deletion requests, refer to requesting erasure of your Personal Data.

Your choices: You can use the course without the chat feature. If you use the chat, do not include personal or confidential information. EU/UK users may withdraw consent at any time.

Information from Integrated Services

If you connect or interact with integrated services (e.g., Google for calendar/meet links, Calendly for scheduling, Stripe/PayPal for payments, MailerLite for emails), those providers may share information with us per their policies. We use that information to operate the integration.


Cookies and Similar Technologies

We use cookies, pixels, and similar technologies to operate the Service, remember preferences, measure performance, and (if enabled) personalize marketing. You can manage preferences via our cookie banner (where offered) or your browser settings. Some features may not function without certain cookies.

  • Strictly necessary (authentication, security, fraud prevention)
  • Functional (remember settings)
  • Analytics (e.g., GA4 to understand usage)
  • Advertising (Google Ads / Meta, for remarketing and ad measurement, if enabled)

Global Privacy Control (GPC). Where required by law, we treat a valid GPC signal as an opt-out of “sale/share” of personal information for the browser sending the signal.


For users in the EEA and UK, certain cookies and similar technologies (e.g., for advertising/remarketing and advanced analytics) are used only with your consent. Our banner lets you accept or reject categories and sends consent signals (Consent Mode v2) to our measurement and advertising partners so tags respect your choices. You can change your preferences anytime via the cookie banner located on lower right footer.

Important: If you do not consent to “Advertising” cookies, we will not use data for ads personalization or remarketing for your session.


How We Use Personal Data

  • Operate the Service (accounts, access control, payments, scheduling, course/coaching delivery)
  • Communicate (transactional notices, support, and—if you opt in—marketing)
  • Improve & Secure (analytics, debugging, preventing fraud/abuse, enforcing terms)
  • Personalize (if enabled) (remarketing, ad measurement—subject to your choices)
  • Compliance (legal obligations, tax/accounting, responding to lawful requests)
  • Business continuity (mergers, acquisitions, financing, restructuring)

How We Share Personal Data

  • Service Providers/Processors (hosting: GoDaddy; security: Wordfence; analytics: Google; email: MailerLite; payments: Stripe/PayPal; scheduling: Calendly; AI: MeowApps/OpenAI; and similar providers)
  • Affiliates (subject to this Policy)
  • Legal & Safety (to comply with law, protect rights and safety, prevent abuse/fraud)
  • Business Transfers (as part of a merger, acquisition, or asset sale)
  • With Consent/Direction (for specific features you enable)

We do not sell personal information for money. Some advertising/analytics uses may be deemed a “sale/share” under California law; see State Privacy Rights.


AI Providers

When you use embedded AI features (e.g., via MeowApps connecting to OpenAI’s API), your inputs and session metadata are processed by those providers to generate outputs and for security/abuse prevention in line with their terms and privacy notices. Where the provider offers data-control settings (e.g., limiting use for model improvement), we configure those settings when feasible. Do not include confidential or sensitive data in prompts.


Retention

We keep Personal Data only as long as needed for the purposes described or as required by law.

  • Account/profile: life of account + up to 24 months
  • Transactions/tax records: up to 7 years
  • Support tickets: up to 24 months after closure
  • Analytics: typically 26 months (or provider default)

We may retain limited logs to investigate security, fraud, or service abuse.


International Data Transfers

We may transfer Personal Data to countries with different data protection laws (e.g., to the U.S.). Where required, we use appropriate safeguards (such as Standard Contractual Clauses) and take steps to protect your information.


Your Choices and Rights

You can access, update, or delete certain Account information via settings or by contacting us. We may ask for verification. Some data must be kept for legal or security reasons.


Security

We use administrative, technical, and physical safeguards designed to protect Personal Data. No method of transmission or storage is 100% secure.


Analytics

We use Google Analytics 4 (GA4) to understand usage and improve the Service. Where applicable, we implement Consent Mode so analytics and ads tags respect your choices. For Google’s privacy practices, see Google Privacy & Terms. You can control cookies via our banner (where offered) or your browser.


Email Marketing

If you opt in, we may send newsletters or updates via our email service provider (MailerLite). You can unsubscribe at any time. See MailerLite’s privacy policy at MailerLite Privacy.


Payments

Payments are processed by third parties (e.g., Stripe/PayPal). We receive limited billing details and transaction metadata; full card data is handled by the processor under PCI-DSS. See Stripe Privacy and the provider’s policy used at checkout.


Advertising and Remarketing

We use advertising technologies (e.g., Google Ads, Meta) to show relevant ads and measure performance. You can control advertising cookies in our banner and via platform controls. Some uses may be deemed “sale/share” under California law; see State Privacy Rights.


Security Tools

We may use Google reCAPTCHA to protect forms from abuse; it collects device and usage data per Google Privacy.


GDPR Privacy

Legal Basis for Processing Personal Data under GDPR

We may process Personal Data under the following conditions:

  • Consent: You have given Your consent for processing Personal Data for one or more specific purposes.
  • Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
  • Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject.
  • Vital interests: Processing Personal Data is necessary in order to protect Your vital interests or of another natural person.
  • Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
  • Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company.

In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.


Your Rights under the GDPR

The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.

You have the right under this Privacy Policy, and by law if You are within the EU, to:

  • Request access to Your Personal Data. The right to access, update or delete the information We have on You. Whenever made possible, you can access, update or request deletion of Your Personal Data directly within Your account settings section. If you are unable to perform these actions yourself, please contact Us to assist You. This also enables You to receive a copy of the Personal Data We hold about You.
  • Request correction of the Personal Data that We hold about You. You have the right to have any incomplete or inaccurate information We hold about You corrected.
  • Object to processing of Your Personal Data. This right exists where We are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to our processing of Your Personal Data on this ground. You also have the right to object where We are processing Your Personal Data for direct marketing purposes.
  • Request erasure of Your Personal Data. You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it. Submit requests at support@aithrive.com or via our contact form and include "Data Deletion Request" in the subject to initiate the process of removing your Personal Data.
  • Request the transfer of Your Personal Data. We will provide to You, or to a third-party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which You initially provided consent for Us to use or where We used the information to perform a contract with You.
  • Withdraw Your consent. You have the right to withdraw Your consent on using your Personal Data. If You withdraw Your consent, We may not be able to provide You with access to certain specific functionalities of the Service.

Exercising of Your GDPR Data Protection Rights

You may exercise Your rights of access, rectification, cancellation and opposition by contacting Us. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, We will try our best to respond to You as soon as possible.

You have the right to complain to a Data Protection Authority about Our collection and use of Your Personal Data. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.


U.S. State Privacy Rights

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Iowa, Delaware, Tennessee, or Minnesota, you may have rights to:

  • Know/Access categories and specific pieces of Personal Data we collect, use, disclose, or “sell/share.”
  • Delete Personal Data (subject to exceptions).
  • Correct inaccurate Personal Data.
  • Opt out of “sale” or “sharing” of Personal Data and of targeted advertising.
  • Limit the use/disclosure of certain Sensitive Personal Information (CA).
  • Appeal a denial of your request (CO/CT/VA).

Submit requests at support@aithrive.com or via our contact form. We will verify your request and respond within the time required by law. You may use an authorized agent where permitted.

Do Not Sell/Share & GPC. We do not sell Personal Data for money. Certain analytics/ads may be deemed a “sale/share.” You may opt out via our cookie banner located on lower right footer and we honor a valid Global Privacy Control signal for the browser sending it.

Notice at Collection (California). We collect the categories described in this Policy for the purposes stated. We retain data as described in Retention.

Shine the Light (California). You may request information about our sharing with third parties for their direct marketing by contacting us.

Minors. We do not knowingly sell/share Personal Data of users under 16.


Canada (PIPEDA, CASL, Québec Law 25)

PIPEDA. If you are in Canada, you have rights to access, correct, and challenge the accuracy of Personal Information, and to withdraw consent (subject to legal/contractual limits). We process and store information in the U.S. and other countries; by using the Service you consent to cross-border transfers.

CASL (Anti-Spam). We send commercial electronic messages only with consent (express or implied) and include an unsubscribe mechanism. You can withdraw consent at any time via the link in our emails or by emailing support@aithrive.com.

Québec Law 25. We designate a Privacy Officer responsible for compliance (contact: support@aithrive.com). We notify the regulator and affected individuals of confidentiality incidents posing a risk of serious injury as required and maintain a log of incidents. Where required, we conduct privacy impact assessments for projects involving sensitive data or cross-border transfers.


Children’s Privacy

The Service is not directed to children under 18, and we do not knowingly collect Personal Data from anyone under that age. If you believe a child has provided data, contact us to delete it.


Do Not Track

We do not respond to browser DNT signals. Where required, we honor a valid Global Privacy Control signal as an opt-out of sale/share for that browser.


Links to Other Websites

Our Service may contain links to websites not operated by us. If you click a third-party link, you will be directed to that site. Review each site’s privacy policy; we are not responsible for their practices.


Changes to this Privacy Policy

We may update this Policy. If we make material changes, we will post a notice (e.g., banner or email) and update the “Last updated” date. Changes apply prospectively.


Contact Us

Email: support@aithrive.com
Web: aithrive.com/contact/
Phone: 1-202-368-0055