Privacy Policy

Effective Date: December 20, 2025

This Privacy Policy explains how CrownThrive, LLC ("CrownThrive," "we," "us," "our") collects, uses, shares, and protects information when you use CrownOasis and any related services, websites, and applications (collectively, the "Services").

This Privacy Policy is part of and incorporated into the CrownOasis Terms of Service. By using the Services, you agree to this Privacy Policy. If you do not agree, do not use the Services.

Company: CrownThrive, LLC
Mailing Address: 307 Payne Street, Gretna, Virginia 24557, Pittsylvania County, United States
Support Email: contact@crownthrive.com

0. Scope and Definitions

This Privacy Policy applies to information we process when you:

a) Visit our websites, including mycrownoasis.com and other pages operated by CrownThrive.
b) Create an account, sign in, or manage your profile and preferences.
c) Generate, edit, publish, or manage websites, pages, copy, layouts, images, and other content through AI and no-code tools.
d) Subscribe to a plan, make a payment, or manage billing.
e) Contact support, submit forms, or interact with messages we send or receive.

Key Definitions:

a) Personal Data means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to you.
b) Account Data means information associated with your login, plan, and user profile.
c) User Content means any text, files, prompts, images, logos, brand elements, data, or materials you upload, submit, generate, or publish through the Services.
d) AI Output means any copy, page structure, code, layout, design suggestions, images, or other content generated with assistance from AI through the Services.
e) Processing means any operation performed on information, such as collecting, storing, using, sharing, analyzing, or deleting.

1. What We Collect

We collect information from three main sources: 

(1) information you provide, 

(2) information collected automatically, and

(3) information from third parties.

1.1 Information You Provide
a) Account and Profile Data: name, email address, password (stored in hashed form), and account settings.
b) Billing Data: subscription plan selection, billing address (if provided), transaction history, and payment status.
c) User Content and Prompts: text, images, brand assets, prompts, page content, and files you upload or create through the Services.
d) Support and Communications: messages you send to support, form submissions, and troubleshooting information you share.

1.2 Information Collected Automatically

a) Device and Usage Data: IP address, browser type, device identifiers, operating system, language settings, pages viewed, clicks, referring URLs, and session activity.
b) Log Data: timestamps, errors, performance logs, and security-related events.
c) Cookies and Similar Technologies: cookies, pixels, and local storage that help the Services function and improve performance.

1.3 Information from Third Parties
a) Payment Processors: confirmation of payment status, chargebacks, disputes, and limited billing metadata from processors such as Stripe (hosted payment flows) and PayPal.
b) Analytics and Infrastructure Providers: aggregated analytics, hosting logs, and performance metrics used to maintain reliability and security.
c) Integrations You Choose: if you connect or embed third-party tools, we may receive limited data required to enable that connection, depending on the integration.

2. How We Use Information

We use information to operate the Services, deliver core functionality, improve the product, maintain security, enforce plan limits, and provide support.

a) Provide and Maintain the Services: create accounts, authenticate users, generate websites, publish pages, and deliver platform features.
b) Process Payments and Subscriptions: handle billing, plan enforcement, invoices, renewals, refunds (if applicable), and account standing.
c) Customer Support: respond to requests, troubleshoot issues, and communicate service updates and operational notices.
d) Security and Abuse Prevention: detect fraud, prevent misuse, enforce rate limits and fair use controls, and protect accounts and systems.
e) Product Improvement: understand feature usage, measure performance, and improve user experience and reliability.
f) Communications: send onboarding messages, important notices, policy updates, and account-related alerts.
g) Compliance and Legal: comply with applicable law, respond to lawful requests, and protect our rights and our users.

3. Ecosystem Sharing and Identity Systems

CrownOasis is part of the CrownThrive Convergent Ecosystem. To keep your experience consistent, secure, and interoperable, we may share certain information within CrownThrive-owned platforms, tools, and systems where reasonably necessary to operate the Services and the ecosystem properly.

This internal sharing may support identity, access, routing, analytics, support operations, rewards, compliance posture, and other foundational capabilities across our ecosystem.

Examples of ecosystem-level purposes include:
a) Identity and account continuity across CrownThrive systems (single customer record, account status, plan eligibility).
b) Support workflows and issue resolution across our support tooling and operational systems.
c) Security monitoring, fraud prevention, and abuse controls across interconnected services.
d) Analytics and performance insights that help improve reliability and customer experience.
e) Interoperable routing and linking between ecosystem tools (for example, publishing, profile and link systems, ticketing, booking, rewards, and ad tools).
f) Future interoperability and upgrades as we adopt new technology layers for identity, compliance, and provenance.

We limit internal access to need-to-know, use role-based access controls where applicable, and maintain reasonable safeguards to protect information used across the ecosystem.

4. AI, Prompts, and Output Responsibility

CrownOasis uses AI to generate website content, page structures, design suggestions, and other outputs based on your instructions. AI is a tool, not a guarantee.

a) Your Inputs: you control what you submit. Do not include sensitive personal information in prompts unless you have the right and a clear need to do so.
b) Your Output Use: you are responsible for reviewing, editing, and verifying AI Output before publishing or relying on it.
c) No Professional Advice: AI Output may be inaccurate, incomplete, or unsuitable. It is not legal, financial, medical, or professional advice.
d) Safety Controls: we may apply automated and human review controls to prevent abuse, protect users, and enforce policy.

CrownThrive frameworks like the Cultural Imprint Engine and the Thrive Flywheel help drive quality, clarity, and responsible design decisions. Our CHLOM posture informs how we think about compliance, accountability, and rights management as features evolve.

5. Legal Bases for Processing (EEA, UK, and Similar Regions)

If you are in a jurisdiction that requires a legal basis for processing, we rely on the following:

a) Contract: processing necessary to provide the Services under our Terms of Service.
b) Legitimate Interests: improving the Services, securing the platform, preventing fraud, and operating responsibly.
c) Consent: where required, for certain cookies, marketing communications, or optional data uses.
d) Legal Obligation: compliance with applicable laws, accounting rules, and lawful requests.

6. How We Share Information

We do not sell your personal data. We share information only as needed to operate the Services, support ecosystem functionality, and meet legal obligations.

a) Service Providers: hosting, storage, analytics, email delivery, security, and support tools that help us run CrownOasis.
b) Payment Processors: to process subscriptions and transactions (for example, Stripe hosted payment flows and PayPal).
c) Ecosystem Internal Sharing: within CrownThrive-owned platforms and systems as described in Section 3 for identity, interoperability, support, security, and operational continuity.
d) Legal and Safety: when required by law or to protect rights, safety, and platform integrity.
e) Business Transfers: in a merger, acquisition, reorganization, or asset sale, subject to standard confidentiality protections.
f) With Your Direction: when you choose to connect third-party tools, publish content publicly, or otherwise instruct us to share information.

We require vendors and processors to handle data with appropriate confidentiality and security measures consistent with the services they provide.

7. Cookies, Analytics, and Tracking

We use cookies and similar technologies to keep the Services working, remember preferences, understand usage, and improve performance.

Cookie categories may include:

a) Essential: required for login, security, and core functions.
b) Performance and Analytics: helps us understand usage patterns and improve reliability.
c) Functional: remembers preferences and improves experience.
d) Advertising (if enabled): used to measure and improve marketing performance.

You can manage cookies through browser settings and, where available, cookie controls on our site. Some third parties may set cookies when you use embedded tools or click external links, and those parties control their own practices.

8. Data Retention

We retain information only as long as necessary for the purposes described in this Privacy Policy, including providing the Services, meeting legal obligations, resolving disputes, and enforcing agreements.

a) Account Data: retained while your account is active and for a reasonable period after closure for compliance and security.
b) Billing Records: retained as required by tax, accounting, and payment dispute rules.
c) Logs and Security Records: retained for security monitoring, abuse prevention, and system integrity.
d) Published Content: remains accessible based on your publishing settings and actions (public vs private).

9. Security

We implement reasonable administrative, technical, and physical safeguards designed to protect information from unauthorized access, loss, misuse, or alteration. No system is perfectly secure, and we cannot guarantee absolute security.

You are responsible for maintaining the security of your account, including:

a) Using strong passwords and keeping credentials confidential.
b) Not sharing accounts unless your plan and policies allow it.
c) Notifying us immediately if you suspect unauthorized access.

10. Your Rights and Choices

Depending on where you live, you may have rights regarding your personal data. We honor applicable requests as required by law and subject to appropriate verification.

Common rights may include:

a) Access: request a copy of personal data we hold about you.
b) Correction: request correction of inaccurate information.
c) Deletion: request deletion of personal data, subject to legal and operational limits.
d) Portability: request export of certain data in a portable format, where applicable.
e) Objection or Restriction: object to or restrict certain processing, where applicable.
f) Consent Withdrawal: withdraw consent where processing is based on consent.
g) Marketing Preferences: opt out of promotional emails via unsubscribe links or by contacting us.

To make a request, contact us at contact@crownthrive.com.

If you are in a state or country with additional privacy rights (for example, California and certain other U.S. states), you may have additional rights to know, access, delete, or limit certain uses of your data. We do not sell personal information as that term is commonly defined in many state privacy laws.

11. International Transfers

We are based in the United States and may process information in the United States or other locations where our service providers operate. If you access the Services from outside the United States, you understand your information may be transferred to and processed in jurisdictions that may have different data protection rules.

12. Children’s Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided personal data to us, contact us and we will take appropriate steps to delete it.

13. Third-Party Links and Embedded Tools

The Services may include links to third-party sites or embedded tools. We are not responsible for the privacy practices of third parties. Review their policies before providing information to them.

14. Future Technology and Interoperability

CrownThrive is building for long-term interoperability across the Convergent Ecosystem. As features evolve, we may adopt new technical methods to support identity, compliance posture, provenance, and platform integrity. If we introduce materially new processing that impacts your rights or choices, we will update this Privacy Policy and, where required, provide additional notice or controls.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the Effective Date and post the revised policy on this page. Your continued use of the Services after changes become effective means you accept the updated policy.

16. Contact Us

Questions about this Privacy Policy or our privacy practices can be sent to:

CrownThrive, LLC
307 Payne Street
Gretna, Virginia 24557
Pittsylvania County, United States
contact@crownthrive.com