DPA & Enterprise Legal
Standard contractual documents for enterprise customers and acquisition due diligence.
Standard Data Processing Agreement (DPA)
Our GDPR/UK GDPR-compliant DPA incorporates Standard Contractual Clauses (2021/914) for transfers outside the EEA/UK. It covers:
- Subject matter and duration of processing
- Categories of data subjects and personal data
- Processor obligations (Art. 28) — confidentiality, subprocessor controls, breach notification, deletion
- Exhibit B: vendor-level subprocessor list (provided with signed DPA)
- Audit and cooperation rights for enterprise customers
Request a countersigned DPA: legal@thrive.fi
Master Services Agreement (MSA)
For enterprise, API, and team deployments, we offer an MSA covering service scope, SLAs, liability caps, IP ownership (customer data vs. Thrive platform), and order-form pricing. Consumer subscriptions remain governed by the Terms of Service.
Order form
Enterprise deals use an Order Form referencing the MSA: tier, seats, support SLA, data processing scope, and term. Contact cs@thrive.fi.
Intellectual property
Thrive DeFi, LLC owns Thrive signals, Thrive Metrics (TPS/TAS/TRP), workbench, moat archives, and brand assets. User journal data and exchange-synced trades remain user data. Creator marketplace content is licensed to subscribers per Terms. IP assignment documentation for founders and contractors is available under NDA in the due diligence package.
Due diligence index
Acquirers may request: MRR export, vendor register, security questionnaire, sync volume attestation, and IP summary. Email cs@thrive.fi with subject "Due diligence request".