Skip to content



this statement, we want to tell you who we are, what data we process about you, why we collect it, what we use it for and how we store and protect it.

Why? Because your privacy is important to us.

To make this statement more user friendly, we use “we”, “us”, “our” etc. to describe our company “Thesis”.

When we refer to “you”, we mean you as a user of our website, e.g. when you request a demo, ask to be contacted, sign up for our newsletters, sign up for our service etc. or we mean you as our existing customer, to whom we supply our products and services.

When we talk about our “website” we mean:, including our sub-domains and other sites that we own and operate.

On our website, in our emails and on our social-media profiles, we have links to websites that aren’t ours. This statement doesn’t cover how those websites/companies process your data. We encourage you to read the privacy notices on the other websites you visit.

Who are we?

Thesis Cloud, (400 Chesterfield Center, STE 400, Chesterfield, MO 63017, United States), as well as its affiliated companies (hereafter: “Thesis”). You can find more information about us on:

This Privacy Statement describes Thesis's privacy practices in relation to:

  • The Thesis websites.
  • The software and services offered by Thesis to its customers.

Thesis processes your personal data with due care, in accordance with all applicable laws and regulations, in particular the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and – to the extent it relates to the processing of personal data – any applicable law that amends, supersedes or replaces existing law. Our privacy statement explains what personal data we process, how we do that and how you may object to the processing of your personal data.


This privacy statement applies to all personal data that Thesis processes during the execution of our services, including the personal data of visitors of the Thesis websites.


Thesis will process your personal data if you visit Thesis websites or use Thesis’s software and services, as well as the personal data from our existing customers to whom we supply our products, software and services.


We may collect and process information in several ways:

3.1       In relation to our software and services:

1. Contact information, such as name, company name, title, email address, mailing address and phone number, financial qualification and billing information, such as billing name and address and the number of users or systems within the organization that will be using our software and services.


In relation to our websites:

1. Information we get from your use of our services and your visit to our websites. Contact information, such as name, company name, date of birth, home address, e-mail address, IP-address, banking account, and phone number, account user name and password. Information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, internet service provider (ISP), operating system, date/time stamp, and clickstream data and the actions you take on the Thesis's websites (such as the web pages viewed and the links clicked). And we also process your preferences for certain products and services.

3.2       Cookies

We use various technologies to collect and store information when you visit a Thesis website, including cookies. Thesis has several different categories of cookies. With the “Strictly Necessary Cookies” we do not collect any personal data. However, with the rest of the cookies’ categories there is personal data collection and processing which is happening only after we have acquired your explicit, informed and freely given consent. Some of the cookies allow us to calculate the aggregate number of people visiting our websites and monitor the use of the websites. This helps us to improve our websites and better serve our users. We also use cookies that make the use of the website easier for you, for example by remembering usernames, passwords and (language) preferences. We also use tracking and analytics cookies to see how well our services are being received by our users. We have provided the means for you to manage your cookies’ preferences at all times, through our designated button on our website. For more information about cookies and how to manage them, please, read our Cookies Statement.

3.3       Your mobile device

We may provide features that rely on the use of additional information on your mobile device or require access to certain services. Granting us access does not mean that we have unlimited access to that information nor access to specific information without your consent. If permission is granted, we will collect the information for the specific purposes explained when requesting the authorization.


  • Pictures and camera: We will not access your pictures nor your camera without first getting your explicit permission and we will never scan or import your photo library or camera roll. If you give explicit permission to access photos or camera, we will only use images that you specifically choose to interact with the provided services.
  • Location: We will not collect or use the location of your mobile device without first getting your explicit permission. Location is only employed to provide the required services.
  • Contacts: We will not scan or import your contacts stored on your phone without first getting your explicit permission. Only if required for the services we will, with your explicit permission, have access to information that’s stored on your mobile device.

Thesis uses the data we collect for:

4.1       Services

Thesis processes your personal data in the first place for the execution of an agreement and/or to be able to deliver our services to you. We use the data, for example, to send an invoice or maintain our relationship with you. We also use the data to answer any of your requests for information or to evaluate your application.

Furthermore, for invoicing and payment and use of the system. For the execution of a contract with our customer, to provide customer support and training and to solicit feedback from our customers. Additionally, to provide software and services, preventing or addressing service or technical problems, license enforcement and at a customer's request in connection with other customer support matters, professional services, or as may be required by law.

4.2       Engagement of third parties

Thesis may engage other parties to perform (part of) our services to you. To the extent that these third parties need access to personal data to perform such services, Thesis has taken the appropriate contractual and organizational measures to ensure that your data are processed exclusively for the purposes specified in this privacy statement and in accordance with all applicable laws and regulations.

4.3       Marketing and sales activities

As a customer of Thesis, we are happy to make you offers for our products and services. We do this by phone, email or mail, unless you object to or unsubscribe for this.

4.4       Processing of your data on Thesis websites

We collect and use your personal data on our websites in the first place to deliver our (web) services and communicate with you. To send you materials you request and to send you other marketing materials by email, postal mail or telephone, for instance about our software and services. We might use the information to send details of events, and marketing materials. We also use your contact data to measure our own marketing efforts and performance, analyzing all marketing contact with you, its timing and the extent of its success. We use this information for what is usually called "analytics" essentially to understand how visitors move around our websites, what content is popular and what is not and (either alone or with information about the company you work for) to provide more personalized information about us. We hold this information against a visitor’s IP address, unless a visitor submits contact information to us, in which case we hold this information against the submitted contact information.

Your personal data are also used for research and analysis to improve our services and our websites and we also use your personal data (IP address) to analyze how often our website is visited. We may also use your personal data entered on our websites in certain cases to send information by email about other services of Thesis to you, if you have given us consent for that unless you object to or unsubscribe for this Please, find the procedure below (point 11).

4.5       Processing of your data on Thesis’s career website.

Visitors of the Thesis career page, can create a personal account, where they can apply for jobs at Thesis, track their applications and receive job alerts based on their job preferences. 

Our Career Privacy Statement explains what personal data we process, how we do that and how you may object to the processing of your personal data. More information about Thesis's privacy practices in relation to the use of Thesis’s career website, can be found under privacy-statement. This Career Privacy Statement may be updated from time to time. 


If you are visiting our website, Thesis will share this information with:

5.1     Our customer relationship management software providers (HubSpot), marketing automation platform providers (HubSpot), email platforms (such as HubSpot).

5.2     Thesis will not simply pass your personal data to individuals or other organizations. Thesis will only do so if this is compatible with the purpose for which the data was collected. Thesis will also only do this if one of the following grounds applies:

  • With your explicit consent.
  • Performing an agreement.
  • For legal reasons/obligations:
    We may share your personal data with third parties outside Thesis if we have a good-faith belief that access to and use of the personal data is reasonably necessary to:
1. meet any applicable law, regulation, and/or court order
2. detect, prevent, or otherwise address fraud, security or technical issues and/or
  • protect the interests, properties or safety of Thesis, our users or the public as far as in accordance with the law.
  • Vital interest of the person concerned or other natural persons as per article 6 of the GDPR.
  • Performing a task carried out in the public interest or in the exercise of official authority vested in Thesis.
  • Legitimate interest of Thesis.

5.3     We may share aggregated, non-personally identifiable data with our partners, like advertisers, or the public. For example, we may share information publicly to show trends about the widespread use of our services. However, such data would be anonymized beforehand and would no longer comprise personal data.

5.4     If Thesis is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of all personal data. We will give notice to all customers concerned before the personal data are transferred or become subject to a different privacy statement.


Thesis does not store your personal data longer than is legally permitted and necessary for the purposes for which the data were collected. The storage period depends on the nature of the information and the purposes of processing. The maximum period may therefore vary per use. However, it will be automatically deleted if we do not have a legal ground to process it for a longer period.


Data Subject: the person(s) to whom specific personal data relates.

These rights are inter alia:

7.1.      The right to request from Thesis access to your personal data

Thesis offers you, if you are the Data Subject, access to the personal data we process. This means you can contact us asking us to inform you about your personal data that we have collected and processed and the purposes such data are used for. Please find below the procedure and contact data (point 11).

7.2       The right to request from Thesis rectification and/or erasure of your personal data

If you believe we are holding inaccurate personal data, please contact us so we can correct the data. Please find below the procedure and contact data.

You may also ask us to delete your personal data from our systems. We will comply with such request unless we have a legitimate ground to retain the data. Please find below the procedure and contact data (point 11).

7.3       The right to object

You may object to certain use of your personal data if such data are processed for other purposes than necessary for the performance of our services or for compliance with a legal obligation. You may also object to any further processing of your personal data after prior given consent. Please, find below the procedure and contact data (point 11).

If you object to the further processing of your personal data, this may lead to fewer possibilities to use our websites and other services.

7.4       The right to data portability

A Data Subject has the right to receive (as per article 20 of the GDPR) his / her personal data that he / she has provided to a data controller or to take it to another data controller. Thesis will provide these data on a common format.

7.5       The right to request from Thesis the restriction of the processing concerning you;

7.6       The right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;

7.7       The right to lodge a complaint with the supervisory authority.

The above rights do not apply if there is a compelling, justified reason to process the personal data.


8.1     We take all reasonable, appropriate security measures to protect Thesis and our customers from unauthorized access to or unauthorized alteration, disclosure or destruction of personal data we hold. Contact your account manager for details about the security measures relevant to the services you receive.

8.2     Should, in spite of the security measures, a security breach occur that is likely to have negative effects to your privacy, we will inform you about the breach as soon as reasonably possible. Thesis maintains a Data Breach protocol for this purpose.

    • Thesis will only pass on Personal Data from the European Economic Area (EEA) to a country outside the EEA if there is an adequate level of data protection. This will be comparable with the level of data protection applicable for European Union (EU) when it comes to the protection of fundamental rights of individuals. Processor will inform the Controller of this.
    • Where processing of personal data takes place in a country outside the European Economic Area (EEA) for which the European Commission has not provided an adequacy decision, processing will only take place provided that there are appropriate safeguards that provide an adequate level of protection for personal data. In such a case Thesis will comply with the respective obligations in the EU Standard Contractual Clauses (or such other appropriate safeguards that the applicable data protection authority or a competent regulator decides provides for a sufficient level of protection).

10.1   Our privacy statement applies worldwide, to all of the services offered by Thesis.

10.2   Our privacy statement may change from time to time. We will not reduce your rights under this privacy statement without your explicit consent. If the changes are significant, we will provide a more personal notice.


11.1   You may request questions concerning the processing of your personal data, as mentioned under 7, by sending an e-mail, including your name, address, phone number and a copy of a valid ID to

You will receive a response in writing within 4 weeks of the date on which we receive your request.

11.2   When you visit our website, you may unsubscribe from ongoing marketing communications by unsubscribing for this.


If you have a complaint about the processing of your personal data by Thesis, please contact our Data Protection Officer using the contact details above to submit your complaint. As a data subject you also have the right to file a complaint with the supervisory authority.


       Other policies of Thesis can be found on the Thesis website.


This Privacy Statement may be updated from time to time. Please always check the last version.