Privacy Policy

Thesis Driven LLC ("Thesis Driven," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

This policy applies to all websites and services operated by Thesis Driven, including:

  • thesisdriven.com (main website, courses, and workshops)
  • thesisdriven.com/letters (editorial content)
  • database.thesisdriven.com (Real Estate Operator Database)
  • capitalstack.thesisdriven.com (Real Estate Investor Database)

1. Information We Collect

Information you provide to us

  • Account information: Name, email address, and password when you create an account or subscribe to our newsletter
  • Payment information: Billing details processed securely through Stripe when you purchase workshops, courses, or subscriptions. We do not store your full credit card number on our servers
  • Communications: Any information you include when you contact us via email or submit a form on our website
  • Workshop and course participation: Registration details and any information you share during sessions

Information collected automatically

  • Usage data: Pages visited, time spent on pages, clicks, and navigation patterns
  • Device information: Browser type, operating system, screen resolution, and device type
  • IP address and location: General geographic location derived from your IP address
  • Cookies and similar technologies: See Section 5 below for details

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process payments and deliver purchased products (workshops, courses, database access)
  • Send you our newsletter and editorial content you've subscribed to
  • Communicate with you about your account, purchases, or inquiries
  • Analyze how our services are used so we can improve them
  • Detect and prevent fraud or abuse

We do not sell your personal information to third parties.

3. Third-Party Services

We use third-party services to operate our platform, including:

  • Payment processors — to securely handle billing and transactions
  • Hosting providers — to deliver our websites and applications
  • Analytics providers — to understand how our services are used and improve them
  • Advertising tools — to measure campaign performance
  • Security and infrastructure providers — to protect our services and deliver content efficiently

These services may process personal data such as your IP address, email, usage data, and payment information in accordance with their own privacy policies.

On some subdomains, we use tools that may record anonymized user sessions (clicks, scrolls, page navigation) to improve the user experience. These recordings do not capture passwords, payment details, or keystrokes in sensitive fields.

Where required by applicable law (including GDPR and the ePrivacy Directive), analytics and tracking tools that process personal data will only be activated after you have given consent. Essential cookies required for basic site functionality do not require consent.

4. Data Sharing

We may share your information only in the following circumstances:

  • Service providers: With the third-party services listed above, solely to operate and improve our platform
  • Legal requirements: If required by law, regulation, or legal process
  • Business transfers: In connection with a merger, acquisition, or sale of assets, in which case you would be notified
  • With your consent: When you explicitly agree to share your information

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Cookies and Tracking

We use cookies and similar technologies to:

  • Keep you logged in to your account
  • Remember your preferences
  • Understand how you use our services (analytics)
  • Process purchases through Webflow Commerce

You can control cookies through your browser settings. Disabling cookies may affect the functionality of some services, such as staying logged in or completing purchases.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our services. If you cancel your account or unsubscribe, we will delete or anonymize your personal information within 30 days, unless we are required to retain it for legal or business purposes.

Payment records are retained as required for tax and accounting compliance.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request that we correct inaccurate or incomplete information
  • Deletion: Request that we delete your personal information
  • Portability: Request a machine-readable copy of your data
  • Opt-out: Unsubscribe from marketing emails at any time using the link in any email we send

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

8. California Residents (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it is used
  • Request deletion of your personal information
  • Opt out of the sale of your personal information (we do not sell personal information)
  • Not be discriminated against for exercising your privacy rights

9. European Residents (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, our legal bases for processing your personal information include:

  • Contract: Processing necessary to provide services you've purchased or subscribed to
  • Legitimate interest: Analytics and service improvement, provided they do not override your rights
  • Consent: Where you have given explicit consent, such as subscribing to our newsletter

You have the right to lodge a complaint with your local data protection authority.

10. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

11. Security

We take reasonable measures to protect your personal information, including encryption of data in transit (HTTPS across all subdomains), secure payment processing through Stripe (PCI-compliant), and access controls on our internal systems. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions about these Terms, please contact us at [email protected].