The principles behind this policy are simple— We believe in an enlightened and transparent approach.
- We use data to make activities like organizing contacts, remembering birthdays, and sharing photos easier.
- You decide when to share your information with other users.
- We don’t sell your data or target ads to you. That’s not our business.
- We keep your info safe and secure.
If you have any questions, you can contact us at any time at firstname.lastname@example.org
Data We Collect
Personal data is data that identifies you that we use in combination with information we collect from publicly available sources:
- Name and Phone Number: Your name, photo and phone number are required to create an account. You share your name and phone number so that we can text you a code to verify your number and set up your account and to continue to verify your access to your account through the app and website.
- Additional Personal Data: You may share with us your personal and work email, phone numbers, mailing addresses, your birthday, and other personal information. This information is shared with other users as you request. We also use this information to understand your relationships.
- Payment Information: You may share additional payment information in order to upgrade to a premium account. We use a third party payment processor that does not share any financial information with us.
- Data from Public Sources: We collect data from third party sources, including publicly available database data and social network information and data to keep information updated.
Automatic Data is data we collect, some of which is personal, from your phone and the app automatically:
- Log Data: We collect Log Data when you interact with Sunshine, such as your IP address, browser type, operating system, your mobile carrier, device information (including device and application IDs), and cookie information. We use Log Data to operate our services and keep them secure.
- SDKs: We use SDKs, which are blocks of code provided by our partners, that may be installed in our mobile applications. SDKs help us understand how you interact with our mobile applications and collect certain information about the device and network you use to access the application. They do not access any information from your address book or contact cards.
Additional data is data you specifically authorize us to collect.
- Location: With your consent, we collect precise geolocation data from your phone when you activate location services and/or show you other Sunshine users near you (and show you near them) when you activate bluetooth services. We collect location information either just while you are using the app, or additionally, while it is in the background, depending on your selected preference. We use this data:
- In combination with other Sunshine users’ location information to understand when you are close to another Sunshine user you know and would like to share info like a contact or a photo.
- In some cases, we also look for patterns in your location data, for example when it seems like you are home or when you are at work, so we can provide relevant features.
- You can deactivate the collection of location data or stop having your proximity shared with other Sunshine users at any time by adjusting the settings on your device.
- Contacts: We collect contacts and other content from your device, from accounts you connect with Sunshine and directly from your contacts in order to provide service to you.
- Device Contacts: Sunshine collects contacts from your device. We analyze and organize this information.
- Contacts Update: We receive updates on your Contacts directly from them when they share their information in response to an email request we send on your behalf. We use this updated information to provide service to you.
- Google Contacts: With your consent, we access your Google Contacts directly through Google.
- Gmail: With your consent, we access your Gmail directly through Google. We use your Gmail to augment your contacts with additional info from the email, for example from a signature line. This information is only used for this purpose and is not shared with any other Sunshine user.
- Photos & Camera Roll: With your consent, we access your camera, camera toll, and photos from your device in order to analyze them and, if relevant, to share them with other Sunshine users.
- Calendar: With your consent, we access your calendar and its events. We use this data to infer birthdays and to organize those events.
How We Use Your Personal Data
We use your personal data to provide, maintain, secure, personalize and improve Sunshine Services as described above and to develop new products that work in conjunction with it. This includes:
- Using your data along with other Sunshine users’ data and data from publicly available sources to make inferences that improve our services and functionality.
- Enabling you to communicate with other Sunshine Users, including by sharing or sending information to them at your request.
- Storing your originally uploaded data so we can restore your phone at your request.
- Responding to your emails, submissions, questions, comments, requests, and complaints and provide customer service.
- Monitoring and analyzing usage of the Services and trends, and to increase the functionality of our Services.
- to contact you about the Services in which you have expressed interest or that might be of interest to you.
- Sending you service messages or to contact you to update you on new features or services that we offer. You can opt-out of marketing at any time as described in our email messages.
- for any other purpose for which the information was collected.
How We Use Your Data Accessed from Google
Google requires us to include the following specific language in this policy about how we treat the Contacts and Gmail data we access from Google:
We collect, hold, and use information obtained from certain Google OAuth API Scopes (the “Restricted Scopes”), as defined on the Google API Services: User Data Policy, for the following purposes and personal information will not be further processed in a manner that is incompatible with these purposes:
- to provide you with our app and platform’s core features;
- to comply with applicable law;
- for security purposes (such as investigating a bug or abuse); and
- for internal operations, provided that the data (including derivations) have been aggregated and anonymized.
We may disclose to third parties personal information obtained from certain Google OAuth API Scopes (the “Restricted Scopes”), as defined on the Google API Services: User Data Policy:
- to provide you with our app and platform’s core features;
- to comply with applicable law; and
- as part of a merger, acquisition, or sale of assets with notice to users.
When We Share Your Data
We never sell, share or grant access to any personal data you share with us. Period. We only share your data:
With your consent. You may direct us to disclose your information to others in the course of using our products.
To service providers who only use it to provide services to us. We share personal data with service providers who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research, and surveys. We limit the amount of information we share with our service providers whenever possible.
When required by law. We may preserve or disclose information about you when we reasonably believe it is necessary to comply with a valid law law enforcement request.
Please note: Our policy is to notify you of legal process seeking access to your information, such as search warrants, court orders, or subpoenas, unless we are prohibited by law from doing so. In cases where a court order specifies a non-disclosure period, we provide delayed notice after the expiration of the non-disclosure period. Exceptions to our notice policy include exigent or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.
When it cannot identify you: We may share non-personal information that is aggregated or de-identified so that it cannot reasonably be used to identify an individual.
Change of business: If we are involved in a merger, acquisition, or sale of assets, we will continue to take measures to protect the confidentiality of personal information and give affected users notice before transferring any personal information to a new entity.
We keep your account information for as long as your account is in existence in order to provide services to you. You can delete your account at any time using the settings in the account and we will delete your personal data along with the data that is associated with your account. Please note that we cannot delete data that you have shared with another user of the Services that has become part of their account. We retain information about you and your use of the Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm.
Your (California) Privacy Rights
In addition, we are required to provide you certain information about the business and commercial purposes for which we collect and share your personal information. We use and disclose the information we collect for the business purposes described in this policy, including to: audit our service, detect security incidents and prevent fraud, debug and repair errors, maintain your account, provide customer service, process or fulfill orders, conduct research and development and other activities to improve our service, market our services, and understand how users interact with our services.
California requires that we provide residents with notice that you may opt-out of the sale of personal information, you have a right to know about personal information collected, disclosed or sold, the right to request deletion of personal information, and the right to be treated without discrimination should you exercise these rights. Any user can exercise the above privacy rights by submitting your request in your account settings, or if you do not have an account with us, by emailing email@example.com.
Verification: to protect your Personal Data from unauthorized access or deletion, we may require you to verify your login credentials before you can submit a request to know or delete Personal Data. If you do not have an account with us, or if we suspect fraudulent or malicious activity, we may ask you to provide additional Personal Data for verification. If we cannot verify your identity, we will not provide or delete your Personal Data.
In the preceding 12 months, we have not disclosed any personal information.
We use and disclose the information we collect for the following commercial purposes: We have not disclosed any information for a commercial purpose.
Persons under the age of 13 are not permitted to create accounts. Parents who believe that their child has submitted personal information to us and would like to have it deleted may contact us at firstname.lastname@example.org.
We work hard to keep your personal data safe. We use a combination of technical, administrative, and physical controls to maintain the security of your data. This includes using Transport Layer Security (“TLS”) to encrypt many of our Services. No method of transmitting or storing data is completely secure, however.
Changes to this Policy
We will notify you before we make material changes to this policy and give you an opportunity to review the revised policy before deciding if you would like to continue to use the Services.
If you have questions, suggestions, or concerns about this policy, or about our use of your personal data, please contact us at email@example.com
471 Emerson St
Palo Alto, CA 9430