GM Sunshine
Data & Privacy

Privacy Policy

This Privacy Policy describes how GM Sunshine collects, uses, and shares personal information when you use our services.

Last updated: January 26, 2026

1. Information We Collect

We collect various types of information in connection with the services we provide, including:

Account Information

When you create an account, we collect your name, email address, and password (stored securely using industry-standard hashing). If you make a purchase, we collect billing information through our payment processor.

Contact & Newsletter Data

When you contact us or subscribe to our newsletter, we collect your email address and any information you provide in your message. We use this to respond to inquiries and send marketing communications (with your consent).

Automatically Collected Data

We automatically collect your IP address, browser type, device information, operating system, referring URLs, pages visited, and timestamps when you visit our website. This data is collected through server logs and analytics tools.

Payment Information

Payment processing is handled by Stripe. We do not store your full credit card number. Stripe may collect payment card details, billing address, and transaction information. See Stripe's privacy policy at stripe.com/privacy.

Cookies and Tracking Technologies

We use cookies for essential site functionality, analytics, and to remember your preferences. See our Cookie Policy for details.

2. How We Use Your Information

We may use the information we collect for various purposes, including:

  • To provide, maintain, and improve our services.
  • To process transactions and manage your account.
  • To communicate with you about your account, services, and promotional offers.
  • To monitor and analyze usage and trends to improve your experience.
  • To comply with legal obligations and protect our rights.

3. Sharing of Your Information

We may share your personal information with third parties in the following circumstances:

Service Providers

We may share your information with third-party vendors and service providers to facilitate our services and improve your experience.

Legal Compliance

We may disclose your information to comply with applicable laws, regulations, or legal requests.

Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

4. Data Security

We take reasonable measures to protect your personal information from unauthorized access, use, or disclosure. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee its absolute security.

5. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

For All Users

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your data (subject to legal retention requirements).
  • Opt-out: Unsubscribe from marketing emails at any time.

For EU/EEA Residents (GDPR)

  • Data Portability: Receive your data in a structured, machine-readable format.
  • Restriction: Request restriction of processing in certain circumstances.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent.

For California Residents (CCPA)

  • Know: Know what personal information is collected and how it's used.
  • Delete: Request deletion of personal information.
  • Non-Discrimination: Not be discriminated against for exercising your rights.
  • We do not sell your personal information.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

6. Third-Party Services

We use the following third-party services that may collect data:

Google Analytics (GA4)

We use Google Analytics to understand how visitors interact with our website. Google Analytics collects your IP address (anonymized), pages visited, time on site, browser/device information, and geographic location. You can opt out using the Google Analytics Opt-out Browser Add-on. See Google's privacy policy at policies.google.com/privacy.

Stripe (Payment Processing)

We use Stripe to process payments. When you make a purchase, Stripe collects your payment card details, billing address, and transaction information. We do not have access to your full card number. See Stripe's privacy policy at stripe.com/privacy.

Cloudflare

We use Cloudflare for security and performance. Cloudflare may collect IP addresses and request data to protect against malicious traffic. See Cloudflare's privacy policy at cloudflare.com/privacypolicy.

Our website may contain links to other websites. We are not responsible for the privacy practices of those third-party sites.

7. Data Retention

We retain your personal data only for as long as necessary:

  • Account data: Retained while your account is active. You may request deletion at any time.
  • Transaction records: Retained for 7 years for tax and legal compliance.
  • Server logs: Retained for up to 90 days for security and debugging purposes.
  • Newsletter subscriptions: Retained until you unsubscribe. You can unsubscribe at any time via the link in our emails.
  • Analytics data: Google Analytics data is retained for 14 months.

8. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy periodically for any updates.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at [email protected].

Thank you for trusting GM Sunshine with your personal information.

Terms of ServiceCookie Policy