This Privacy Policy applies to all users of our Services. It explains how we collect, process, and use Personal Data about you. “Personal Data” is information relating to an identified or identifiable individual.

For the purposes of applicable data protection laws, the entity acting as the data controller of your Personal Data is Sun Locke LLC (and, where applicable, its subsidiaries, affiliates, or related entities). Sun Locke’s principal place of business is located at 510 Manhattan Ave. New York, NY, 10027. Sun Locke determines the purposes and means of processing your Personal Data and is responsible for ensuring that your Personal Data is processed in compliance with this Privacy Policy and applicable laws.

We collect and collate Personal Data that you either directly provide to us or that we obtain or infer through your use of the Services, as well as from third parties. The categories and amount of Personal Data we collect depend on the Services and the nature of your interactions with us.

Directly from you: When you register for an account, use our Services, contact us for support, respond to surveys, participate in promotions or events, subscribe to marketing communications, or otherwise provide Personal Data.

From your device and usage: We may automatically collect technical data such as IP addresses, browser types, device identifiers, operating systems, access times, and referring URLs. We also track how you interact with the Services (e.g., pages visited, features used, emails opened).

From third parties: We may obtain Personal Data from public sources, social media platforms, analytics providers, advertising networks, internet service providers, and other third parties. For example, if you are not the administrative user for your account, a colleague or authorized third party may provide your details to us. Our payment processors may collect payment data as necessary for billing purposes.

We may also infer data about you based on the information you provide or make available to us, such as personalizing your experience, suggesting additional Services, or drawing other inferences. In addition, we may use aggregated, deidentified, or anonymized data for any lawful business purpose.

We will indicate where any requested Personal Data is mandatory or optional. If you choose not to provide certain mandatory Personal Data, we may not be able to provide certain Services to you.

Our Services may contain links to third-party websites. Any access to and use of such linked websites is governed by the privacy policies of those third-party websites, and we are not responsible for the privacy practices of such third parties.

Primary use:


We process Personal Data for a variety of legitimate business purposes, including but not limited to:

We combine data about you across our different Services to provide you with a more seamless and efficient experience. We do not use solely automated decision-making processes that produce legal or similarly significant effects without human involvement, unless required or permitted by law.

Our legal basis for processing Personal Data includes our legitimate interests in operating our business, fulfilling our contractual obligations to you, complying with applicable laws, and—where required—obtaining your consent (e.g., for certain marketing communications or cookies).

Secondary use:
‍

We may also use your Personal Data for:

We retain your Personal Data for as long as is necessary to provide the Services and for legitimate and essential business purposes, such as maintaining the security of our systems, complying with legal obligations, resolving disputes, and enforcing our agreements. If you request that we delete your Personal Data, we will do so unless we are legally required or otherwise permitted by law to retain the data. Once we no longer need your Personal Data, we will securely delete, deidentify, or anonymize it.

We may share your Personal Data as follows:

We require that these third parties protect your Personal Data in accordance with applicable laws and contractual obligations.

Secure servers:


We implement appropriate technical and organizational measures to protect your Personal Data from unauthorized access, alteration, disclosure, or destruction. We use industry-standard encryption, access controls, and other security safeguards.

Usage restrictions:
‍

We prohibit our employees, affiliates, and third-party service providers from using your Personal Data in a manner inconsistent with this Privacy Policy or applicable law. For example, they are not permitted to:

We ensure that any third parties who process your Personal Data are bound by robust contractual obligations that uphold data protection standards and safeguard your rights.

Your Personal Data may be transferred to, and stored in, a country other than your country of residence. These locations may not provide the same data protection standards as your home country. Whenever we transfer your Personal Data outside the European Economic Area, the United Kingdom, or other regions with strict data protection laws, we will implement appropriate safeguards to ensure a level of data protection consistent with applicable law. You may contact us for a summary of the safeguards we have in place to protect your Personal Data and privacy rights in these circumstances.

This Privacy Policy only addresses our processing of your Personal Data. Other parties, including other users and third parties that have access to or may collect data in connection with our Services, have their own privacy practices. We encourage you to review the privacy policies of any third-party platforms, applications, or services you use or interact with.

If our Services integrate with any third-party APIs or services (e.g., YouTube API), we will inform you and link to their respective privacy policies. You have the option to revoke such access as described by the applicable platform’s settings.

Your choices:


Where we rely on your consent to process Personal Data, you may withdraw that consent at any time, subject to any legal or contractual restrictions. You may manage your marketing communication preferences by following the opt-out instructions in our emails. You can also manage browser or device settings to control cookies and other tracking technologies.

Your rights:


Depending on your jurisdiction, you may have certain rights regarding your Personal Data, which may include:

Certain requests may be subject to limitations or denials as permitted by applicable law. To exercise these rights, submit a verifiable request to us at legalnotices@sunlocke.com. If you appoint an authorized agent, the agent must present signed written permission to act on your behalf, and we may require additional verification of your identity.

If we cannot verify your identity, we may not be able to fulfill your request. If we deny your request, you may have the right to appeal our decision as permitted by applicable law.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us at:  legalnotices@sunlocke.com

We reserve the right to modify this Privacy Policy at any time. Any changes will be posted on our website with the updated “Last Updated” date. Your continued use of the Services after any such changes constitutes your acceptance of the revised Privacy Policy.

If you are a California resident, certain additional disclosures apply regarding how we handle your Personal Data. We may collect categories of personal information as defined by the California Consumer Privacy Act (“CCPA”) for the purposes and with the parties described herein. While we do not sell personal information in the traditional sense, we may engage in online advertising that could be considered a “sale” under the CCPA. See Section 10 above and our cookie policy for your options and choices regarding advertising and data sharing.

Where applicable, Sun Locke may comply with relevant data protection frameworks, such as the EU-U.S. Data Privacy Framework (DPF) or other similar programs. If so, we will provide additional information and a link to our certification. To learn more about the DPF program, please visit