Privacy Policy

Last updated: February 15, 2025

1. Introduction

Welcome to Sunslider ("we," "our," or "us"). We are committed to protecting your privacy and ensuring that your personal data is handled securely and in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"). This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website and reserve your username for the Sunslider app.

2. Data Controller

Sunslider SAS is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or your rights, you can contact us at:

Sunslider SAS
France
[email protected]

3. What Data We Collect

When you request a username reservation for the Sunslider app, we collect the following personal data:

  • Requested Username
  • Email Address
  • Device Preference (iPhone or Android)
  • Language Preference (Your selected locale)

We also collect certain technical data automatically:

  • Device and Usage Data: IP address, device type, browser type, operating system, and activity logs.
  • Cookies and Tracking Technologies: We use cookies and similar technologies to enhance user experience and gather analytics.

4. Purpose of Data Collection

We process your personal data for the following purposes:

  • Reserving your requested username on the Sunslider app.
  • Communicating with you about the Sunslider app, including updates and launch notifications.
  • To improve, personalize, and secure our services.
  • To detect and prevent fraud, abuse, and security threats.
  • To comply with legal obligations and enforce our Terms of Service.

5. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

  • Consent: When you sign up or enable certain features.
  • Contractual Necessity: To provide the username reservation service you request.
  • Legitimate Interests: To improve security, prevent fraud, and enhance our services.
  • Legal Obligations: To comply with laws and regulations.

6. Data Storage and Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or misuse:

  • Your data is stored on secure servers located in the European Union.
  • We use HTTPS encryption across our site to protect data transmission.
  • Access to your data is strictly limited to authorized Sunslider personnel only.

However, no system is 100% secure, and we encourage users to take precautions when sharing information online.

7. Data Sharing and Third Parties

We do not sell, share, or distribute your personal data to third parties. However, we may share your data with:

  • Service Providers: Companies that assist with hosting, analytics, customer support, and security.
  • Law Enforcement and Legal Authorities: When required by law or to protect rights, safety, and property.

8. hCaptcha

We use the hCaptcha security service (hereinafter "hCaptcha") on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation ("IMI"). hCaptcha is used to check whether user actions on our online service (such as submitting a login or contact form) meet our security requirements. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled. For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI. hCaptcha analysis in the "invisible mode" may take place completely in the background. Website or app visitors are not advised that such an analysis is taking place if the user is not shown a challenge. Data processing is based on Art. 6(1)(b) of the GDPR: the processing of personal data is necessary for the performance of a contract to which the website visitor is party (for example, the website terms) or in order to take steps at the request of the website visitor prior to entering into a contract. Our online service (including our website, mobile apps, and any other apps or other forms of access offered by us) needs to ensure that it is interacting with a human, not a bot, and that activities performed by the user are not related to fraud or abuse. In addition, processing may also be based on Art. 6(1)(f) of the GDPR: our online service has a legitimate interest in protecting the service from abusive automated crawling, spam, and other forms of abuse that can harm our service or other users of our service. IMI acts as a "data processor" acting on behalf of its customers as defined under the GDPR, and a "service provider" for the purposes of the California Consumer Privacy Act (CCPA). For more information about hCaptcha's privacy policy and terms of use, please visit the following links: https://www.hcaptcha.com/privacy and https://www.hcaptcha.com/terms

9. Data Retention

We retain your personal data for as long as you continue to use the Sunslider social network. If you delete your account or otherwise ask us to remove you from Sunslider, we will retain your data for a reasonable period as required for administrative and legal purposes before securely deleting it.

10. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible.
  • Inform affected users directly without undue delay when a breach is likely to result in a high risk to their rights and freedoms.

Our breach notifications will include:

  • The nature of the personal data breach
  • The likely consequences of the breach
  • The measures taken or proposed to address the breach and mitigate possible adverse effects

We maintain internal breach detection, investigation, and notification procedures to ensure we can respond promptly to any data breach incident. We also document all breaches, their effects, and the remedial actions taken, in accordance with GDPR requirements.

11. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards, such as Standard Contractual Clauses or other GDPR-compliant mechanisms.

12. Your Rights Under GDPR

As a user, you have the following rights regarding your personal data; we extend these same rights to our users coming from all other parts of the world as well:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request corrections to any inaccurate or incomplete data.
  • Deletion: Request the deletion of your personal data ("right to be forgotten").
  • Objection: Object to our processing of your data under legitimate interest.
  • Restriction: Request limited processing of your data in certain circumstances.
  • Portability: Request your data in a structured, machine-readable format.

To exercise any of these rights, please contact us at [email protected]. We will respond within one month, as required by GDPR.

13. Children's Privacy

Our platform is only available to users aged 16 and older; this information will be verified when users complete the signup process when the app is live. We do not knowingly collect data from children under 16. If we learn that a user is under 16, we will delete their account and associated data.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any significant changes will be communicated on our website or via email. Please check this page periodically for updates.

15. Contact Information

If you have any questions or concerns about this Privacy Policy or how we handle your data, you can contact us at:

Sunslider SAS
France
[email protected]

By using Sunslider, you acknowledge that you have read and understood this Privacy Policy.