Privacy Policy

Nutrible Inc. DBA ThriveLink

Effective Date: March 14, 2026

We take your privacy seriously. This policy explains how we keep your information safe while helping you connect to the services and resources you need.

1. Who We Are

Nutrible Inc., doing business as ThriveLink ("ThriveLink," "we," "us," or "our"), is an AI-powered care navigation company headquartered in Missouri. We help individuals and families access health coverage, food assistance, housing support, utility programs, and other safety-net resources — primarily over the phone, without requiring internet access or literacy skills.

We serve individuals referred by health plans, hospital systems, clinics, and community organizations. We also operate as a credentialed provider organization for social services and community health work.

Our website is www.mythrivelink.com. For questions or concerns about this policy, contact us at compliance@mythrivelink.com.

2. Information We Collect

We may collect the following categories of information, as relevant to the services we provide:

  • Identity and Contact Information — such as name, phone number, address, date of birth, and preferred language.

  • Health and Social Needs Information — such as health conditions, insurance status, program enrollment, housing situation, food access, income, employment, and other social determinants of health.

  • Program and Application Data — information needed to complete or assist with applications for government and community programs.

  • Sensitive Personal Information — such as race, ethnicity, disability status, and similar categories where required to connect you with appropriate programs or as required by those programs.

  • Communication Records — records of phone, SMS, or other interactions with our team and platform.

  • Technical and Usage Information — such as device data, IP addresses, and browsing activity collected when you visit our website.

  • Other Information — any additional information you choose to provide, or that we receive from partners and authorized representatives in connection with the services we deliver.

You are not required to provide information to us. If you choose not to, we may be unable to connect you with certain services.

3. How We Collect Information

We collect information:

  • Directly from you during phone calls, SMS interactions, or web forms

  • From referring partner organizations (health plans, hospitals, clinics, community organizations) who have an existing relationship with you

  • From authorized representatives acting on your behalf

  • Automatically through our website

Referral-Based Contact: When a partner organization refers you to ThriveLink, implied consent for initial outreach is established through that referral relationship. You may opt out at any time.

4. How We Use Your Information

We use your information to:

  • Provide care navigation and program enrollment assistance

  • Complete or assist with applications for government and community programs

  • Coordinate with health plans, providers, and community organizations on your behalf

  • Communicate with you about your case and available resources

  • Comply with legal and regulatory obligations

  • Support billing and credentialing as a provider organization

  • Improve our services and platform

5. HIPAA and Protected Health Information

ThriveLink operates as a credentialed provider organization and functions as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA) when handling Protected Health Information (PHI) on behalf of covered entities.

We maintain administrative, physical, and technical safeguards consistent with HIPAA requirements. PHI is used and disclosed only as permitted by HIPAA and as governed by Business Associate Agreements with our covered entity partners.

We retain health information as required by applicable law and our contractual obligations.

For questions about how your health information is handled, contact us at compliance@mythrivelink.com.

6. Telephone and SMS Communications (TCPA Compliance)

ThriveLink complies with the Telephone Consumer Protection Act (TCPA) and applicable state communications laws.

  • Implied Consent: When a partner organization refers you to ThriveLink, implied consent for initial outreach is established.

  • Opt-Out: Reply STOP to any SMS message to opt out at any time. You may also opt out of phone contact by informing our team during any interaction.

  • Every message includes opt-out instructions.

  • Purpose: Outreach is limited to purposes related to your care, services, or our programs.

  • SMS Opt-In Data is Never Shared with Third Parties. Your consent to receive text messages and your opt-in information will not be disclosed to any outside organization.

7. Our Use of Technology and AI

ThriveLink uses technology to assist our care navigators, including a telephonic AI platform.

  • AI assists our care navigation team. During interactions, AI technology may be used to support transcription, routing, and navigation assistance so our team can serve you more effectively.

  • All meaningful decisions are made by humans. Our care navigation team reviews all cases and determines next steps.

  • Data is stored in the United States on secure cloud infrastructure maintained by vetted third-party providers.

8. How We Share Your Information

We do not sell your personal information.

We may share your information in the following circumstances:

  • With Your Consent — Before sharing your information with outside agencies (such as Medicaid offices, government programs, or community organizations), we obtain your consent. You will be informed of who will receive your information and for what purpose.

  • With Authorized Representatives — If you have designated a representative (such as a family member or guardian), we may share information consistent with your authorization.

  • With Partner Organizations — We may share information with health plans, hospital systems, and referring organizations to coordinate your care and services, as permitted under applicable data sharing agreements and Business Associate Agreements.

  • With Service Providers — We work with third-party vendors who support our infrastructure, security, and operations. These vendors are contractually required to protect your information and may not use it for their own purposes.

  • As Required by Law — We may disclose information when required by law, court order, or government authority, or to protect the safety of any individual.

9. Sensitive Information

Some information you share may be a special type of information protected under federal or state law, including substance use treatment information (42 CFR Part 2), HIV/AIDS-related information, and other sensitive health categories. We have built our systems to limit who can view sensitive information and to prevent inappropriate access.

10. Data Subject Rights

Depending on your state of residence, you may have the right to:

  • Know what personal information we have collected about you

  • Request a copy of your information

  • Request correction of inaccurate information

  • Request deletion of your information, subject to legal limitations

  • Revoke consent for sharing your information

California Residents have additional rights under the CCPA/CPRA, including the right to know, delete, correct, and limit use of sensitive personal information. We do not sell or share personal information for behavioral advertising purposes.

To exercise any of these rights, submit a written request to compliance@mythrivelink.com. We will respond within the timeframe required by applicable law, typically within 30 to 60 days.

11. Security

ThriveLink maintains industry-standard administrative, technical, and physical safeguards, including encryption, access controls, and regular security testing, consistent with our SOC 2 certification and applicable healthcare regulations. No system is completely secure. We will notify you in accordance with applicable law if a breach affecting your information occurs.

12. Children's Privacy

Our services are not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with information, contact us at compliance@mythrivelink.com and we will take appropriate steps to delete it.

13. US Only

ThriveLink's services are intended for use within the United States. All data collected through our services is stored and maintained on infrastructure located within the United States. This Privacy Policy is governed by US law.

14. Contact Us

ThriveLink (Nutrible Inc.) Email: compliance@mythrivelink.com Website: www.mythrivelink.com

To report a compliance concern or submit a privacy request, email compliance@mythrivelink.com.

15. Updates to This Policy

We may update this policy at any time. Material changes will be posted on our website. Continued use of our services following notice of changes constitutes acceptance of the updated policy.

This policy is available in other languages upon request. Contact compliance@mythrivelink.com.