Privacy Policy

Our Privacy Policy - Here are the highlights

As a general rule, privacy policies are written by lawyers for lawyers. We hope you find these highlights below to be a clear and transparent summary of our Privacy Policy, but our lawyers want us to remind you that the full, binding legalese of our Privacy Policy is below. And, depending on your state (California particularly), there is specific legalese using definitions required by specific state law that you may review. 

With those disclaimers out of the way, here’s our most important highlight:

Sunbound’s purpose is to help families better pay for senior care. We will only collect and use your personally identifiable information for that purpose. We will never sell your personal data to a third-party and only collect what we absolutely need to ensure you have an optimal experience using our platform.

It’s our promise to customers that we respect the trust you place in us and the privacy of the information you share. Part of providing superior customer service includes making sure that we’re building a relationship of trust with customers. Our way of doing that is to let you know in a clear, prominent and easily accessible way how we collect, use share and above all - protect your personal information

Introduction Overview

Sunbound (“Company” “we” or “us”) offers a platform to make senior living, senior care and other healthcare and real estate related payments, and related products and services. We operate the website which includes a payment portal and application for additional consumer payment financing options (individually, “Website” or “Site”). This privacy policy and notice aims to inform you about how we collect, use, disclose, store, secure and dispose information about you when you: interact or use our website and if you use any of our products, services or applications (including any trial) (collectively the “Services”) in any manner.

Privacy Policy Scope

This policy covers any Services being provided by the Company as a part of an online platform. Privacy Principles we follow will ensure that all personal data that the Company holds will be: processed lawfully, fairly and in a transparent manner; collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; adequate, relevant and limited to what is necessary; accurate and kept up to date; kept in a form which permits identification of data subjects for no longer than is necessary; processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage.

Types of information we collect

When you visit our Website, we may collect personal data from you in order to allow us to provide certain services to you such as responding to your questions or to provide general marketing information to you and for you. We will use this data in connection with your visit to our website. You may, for example, provide us with your personal data when you: communicate with use for the purposes of obtaining or learning about our Services; communicate with us through the "Feedback" link on our website or by emailing us; applying for a job or internship; requesting to access a Company research report; or applying to attend a Company hosted or sponsored event. If we use your personal data for any other purposes, we will provide you with a separate notice. The personal data that we collect from you may include: your name; email address; the company for whom you work; company address; telephone number; and the country where you live. We may also automatically collect data about you, such as technical information about your computer or internet browser. Data may also be collected about you indirectly through monitoring activities which will be conducted by or on our behalf in accordance with relevant legislation or regulatory requirements (for example, monitoring e-mails that we receive from you or recording telephone calls when you contact us). We will process your personal data for the purposes listed above on the basis of one or more of the following: the processing is necessary for the performance of a contract or for entering into a contract with you. Please note that where this is the case, we may not be able to perform or enter into a contract with you unless you provide your personal data; but may do so if processing is necessary to comply with a legal obligation; or you have given your consent (where we rely on this legal basis, we will always seek to obtain your consent separately as and when necessary).

How we collect your information

The Company collects information in different ways. Directly from you or from your company. For example, when you: Log into your Company account; make a payment or purchase on our Platform; create a personalized Company shopping account; track an order online; sign up to receive promotional emails or text messages (including offers and sales alerts); sign up to join a loyalty, rewards or similar program or club; participate in one of our promotional sweepstakes, contests, surveys or focus groups; use the Ratings & Reviews or related services and features; submit a request to our Customer Service team; visit and navigate Company's Platforms on any device; enable location-based features on our Platforms; or interact with Company's social media pages, including but not limited to Facebook, Twitter, YouTube and Instagram.

Collection of personal data by automated means

Information that is passively collected when you visit the Website or use the Services, and we may use “cookies” which are small files stored as text on your computer or device. In some countries, we are not permitted to send cookies to the browser of a user without the prior consent of the affected user. In this case, we will seek such consent. The remainder of this section assumes that either the use of cookies is not restricted by applicable law, or if it is restricted that the individual has explicitly consented to the use of the cookies. These “cookies” and other similar technologies like pixels, web beacons (also known as “clear GIFs”) and local storage may be used to collect information about how you use the Services and provide features to you. We may also ask advertisers or other partners to serve Company ads or services to your devices, which may use cookies or similar technologies placed by us or the third party. If a visitor does not want information collected through the use of cookies, most browsers allow the visitor to reject cookies. Please note that if you use your browser settings to modify or block all cookies, you may not be able to access parts of the Services and your user experience may be severely degraded. We may share non-Personal Information obtained via cookies with our advertisers and affiliates. Information provided by these cookies are essential to help us provide the Services in a manner that is adapted to each user’s specific needs. We believe that such means are fair, lawful, and proportional to the legitimate interest and needs of our business, and that our methodology fairly addresses each user’s legitimate rights and expectations in view of the context and purpose for the collection and use of the information collected.

Mobile Device Unique Identifier

When you use a mobile device to connect to our Website or Services via a service provider that uniquely identifies your mobile device, we may use this unique identifier to offer you extended services and/or functionality. Certain Services may require the collection of your mobile phone number. We may associate that mobile phone number with the mobile device unique identifier.

Log file information

Log file information may be automatically reported by your browser each time you make a request to access (i.e., visit) the Website or Services. It can also be provided when the content of the Website or Services is downloaded to your browser or device. When you use the Services, our servers automatically record certain log file information, including your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Services, domain names, landing pages, pages viewed, and other such information. We may also collect similar information from emails sent to our Users which then help us track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Services.

Strictly Necessary Cookies

Necessary cookies are used for the purpose of authentication and providing data security. These cookies are necessary for Our Site to work and enable us to distinguish users and enable you to use its services and features. Disabling these cookies will encumber Our Site’s performance and may make these services and features unavailable.

Functional Cookies

These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.

Analytics or Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.

Targeting or Advertising Cookies

These cookies will usually be third-party cookies, although if a user is visiting the advertising network’s own website it is technically possible these could be first party. They will always be persistent but time-limited cookies. These cookies can be associated with services provided by the third-party, but this is not always the case. These cookies contain a unique key that is able to distinguish individual user’s browsing habits or store code that can be translated into a set of browsing habits or preferences using information stored elsewhere.

How we use your information

The following are the examples of how we may use your information for the legitimate interest of our business. For example, we may use your information to better understand what products interest you based on information we collect about you and your household. To Communicate with You. We may communicate with you about your account or our relationship. We may also contact you about this Privacy Policy or our Platform Terms & Conditions. To Improve Our Products and Services. We may use your information to enhance our Platforms and services to serve you better. To Respond to Your Requests or Questions. This may include responding to your customer feedback. For Security Purposes. This could include protecting our company and our customers. It may also include protecting our Platforms. For Marketing Purposes. We may provide you with information about new products and special offers. We may use your information to serve you ads about our products and offers. We may tell you about new features or updates. These might be third-party offers or products we think you might find interesting. To Send Push Notifications. To Support Our Products and Services. This could include fulfilling your requests for products or services. It could also include processing purchases or return transactions. Law or regulatory obligations. Certain laws and regulations require us to maintain and disclose collected information.

How we share your information

We may disclose/share your information in the following ways: On our Platforms. For example, we may display information you post on our Ratings & Reviews feature. With Our Business Partners. For example, this may include third parties that provide financial products and services related to our business. It may also include a third party that co-sponsors a contest or promotion. With Our Service Providers. We may share your information with third parties who perform services on our behalf. For example, this may include vendors and payment processors. It may also include companies that send emails on our behalf. Government, courts, and Law enforcement. We will access, preserve, and share any information about you, without your consent, to government or law enforcement officials or private parties as we in good faith believe necessary or appropriate to respond to claims and legal process (including, but not limited to, subpoenas), to comply with applicable laws, to protect the property and rights of Company, you or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to pose a risk of being, or is illegal, unethical or legally actionable. This may include responding to legal requests from jurisdictions outside of the United States where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.

How we protect your information

We use commercially reasonable physical, electronic, administrative, and procedural safeguards to preserve the integrity, confidentiality, and security of all personal information collected through the Services. However, no security measure, system, or control is infallible. Therefore, like all businesses, we cannot guarantee that our Services are invulnerable to attack or misuse. To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we maintain appropriate physical, electronic, and managerial procedures to safeguard and secure the information and data stored on our system. While no computer system is completely secure; we believe the measures, we have implemented reduce the likelihood of security problems to a level appropriate to the type of data involved. The Site may contain links to other websites that we do not own or control. The Privacy Policy does not apply to these websites and we are not responsible for the privacy practices of such websites or other services operated by such websites. Once you leave the Site via such a link, we recommend your review the privacy policy applicable to such third-party websites to learn how they use and disclosure your personally identifiable information. Our staff are trained in how to keep your information safe and secure. We use secure systems and buildings to hold your information. We aim to only keep your information for as long as we need it. Here are some of the things we do to protect your information.

Staff training

We train our staff in how to keep your information safe and secure. When we send information or store our data, we put arrangements in place to protect your information. When you log into our websites or apps, we encrypt data sent from your computer to our systems so no one else can access it. We have firewalls, intrusion detection and virus scanning tools to stop viruses and unauthorized people accessing our systems. When we send your electronic data to other organizations, we use secure networks or encryption. We use passwords and/or smartcards to stop unauthorized people getting access. We aim to keep personal information only for as long as we need it – for example, for business or legal reasons. When we no longer need information, we take reasonable steps to destroy or de-identify it. We will maintain data security by protecting the confidentiality, integrity and availability of the Personal Data, defined as follows: Confidentiality: only people who are authorized to use the data can access them; Integrity: Personal Data should be accurate and suitable for the purpose for which they are processed; Availability: authorized users should be able to access the data if they need it for authorized purposes.

How we dispose your information

Our goal is to maintain your information no longer than necessary for the purposes that we collected and used the data. Upon the expiry of the data retention periods set out in data retention policy, or when a data subject exercises their right to have their personal data erased, personal data shall be deleted, destroyed, or otherwise securely disposed of as follows: Personal data stored electronically (including any and all backups thereof) shall be deleted. Special category personal data stored electronically (including any and all backups thereof) shall be deleted. Personal data stored in hardcopy form shall be shredded if not required. Special category personal data stored in hardcopy form shall be shredded straight away if no longer required.

Individual’s rights (Data subject rights)

The EU General Data Protection Regulation (GDPR) grants individuals who are in the European Union and European Economic Area (EU/EEA) the certain rights, with some limitations. The Data Protection Officer will establish a system to enable and facilitate the exercise of data subject rights related to: Information access; Objection to processing; Objection to automated decision-making and profiling; Restriction of processing; Data portability; Data rectification; Data erasure. If you would like to exercise above EU General Data Protection Regulation (GDPR) rights about your Personal Information we hold about you, please submit a written request to: or contact us using the information provided in the “How to Contact Us” section below. Our privacy team will examine your request and respond to you as quickly as possible. Please note that we may still use any aggregated and de-identified Personal Information that does not identify any individual and may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes and providing contact information for such affiliates and/or third parties.

Children’s Privacy

The Company does not knowingly collect or solicit any information from anyone under the age of 18 or knowingly allow such persons to register for the Services. The Services and their content are not directed at children under the age of 18. In the event that we learn that we have collected personal information from a child under age 18 without parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact Company at If you are a California resident under the age of 16, do not share any personal information without parental consent. Contact us at for assistance.

Text messaging

You may opt-out of receiving text messages by replying “STOP” to any text message received.


In all promotional emails, you will be given the opportunity to opt-out of receiving such messages in the future by clicking on the link at the bottom of the email that says “unsubscribe.” Please note, we reserve the right to send you Services-related communications (e.g., account verification, payment confirmations, technical and security notices) that you may not opt out of.


If a visitor does not want information collected through the use of cookies, most browsers allow the visitor to reject cookies.

Mobile device unique identifier

Unless you choose to opt out, we may also share your mobile phone number with certain select third parties. You can opt out by changing the privacy settings on your profiles/devices.


The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. To be in accordance with CAN-SPAM Act, we agree to the following: not to use false or misleading subjects or email addresses; to identify the message as an advertisement in some reasonable way; to include the physical address of our business or site headquarters; to monitor third-party email marketing services for compliance, if one is used; to honor opt-out/unsubscribe requests quickly; to allow users to unsubscribe by using the link at the bottom of each email.

California Residents

This Supplemental California Privacy Notice only applies to our processing of personal information that is subject to the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA provides California residents with the right to know what categories of personal information Sunbound has collected about them and whether Sunbound disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding 12 months. California residents can find this information below:

Category of Personal Information Collected by Sunbound
Categories of Third Parties Information is Disclosed to for a Business Purpose
Examples: A real name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers
- Advertising networks
- Data analytics providers
- Social networks
- Service providers
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Examples: A real name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers
- Service providers
Protected classification characteristics under California or federal law
Examples: Age (40 years or older), citizenship, marital status provided by job applicants and employees.
- Service providers
Commercial information
Examples: Records of services purchased.
- Service providers
Internet or other electronic network activity
Examples: Browsing history, search history, information on a consumer's interaction with an internet website, application, or advertisement.
- Service providers
- Advertising networks
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Examples: A real name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers
- Service providers
Geolocation data
Examples: Physical location of your home.
- Service providers
Sensory data
Examples: Audio/Visual data and information about your pets provided for medical diagnostic purposes.
- Service providers
Professional or employment-related information
Examples: Current or past job histories provided by job applicants.
- Service providers

“Sales” of Personal Information under the CCPA

For purposes of the CCPA, Sunbound does not “sell” personal information, nor do we have actual knowledge of any “sale” of personal information.

Additional Privacy Rights for California Residents


California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.

Authorized Agent

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact us as set forth below.


To protect your privacy, we will take steps the following steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

If you are a California resident and would like to exercise any of your rights under the CCPA, please contact us as set forth below. We will process such requests in accordance with applicable laws.


This Privacy Policy uses industry-standard technologies and was developed in line with the World Wide Web Consortium’s Web Content Accessibility Guidelines, version 2.1. If you wish to print this policy, please do so from your web browser or by saving the page as a PDF.

Nevada Residents

If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Information to third parties who intend to license or sell that Personal Information. You can exercise this right by contacting us as indicated below with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account. Please note that we do not currently sell your Personal Information as sales are defined in Nevada Revised Statutes Chapter 603A.

Rights to Know

You may request, no more than twice in a 12 month period, access to the specific pieces of personal data we have collected about you in the last 12 months. You may also request additional details about our information practices, including the categories of personal information we have collected about you, the sources of such collection, the categories of personal information we share for a legitimate business or commercial purposes, and the categories of third parties with whom we share your personal information. You may make these requests by contacting using the contact information provided below in the “Contact Information” Section. After submitting your request, please monitor your email for a verification email. We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.

Copies of Personal Information

You may request, no more than twice in a 12 month period, transportable copies of your personal information that we have collected about you in the last 12 months. You may make these requests by contacting using the contact information provided below in the “Contact Information” Section. After submitting your request, please monitor your email for a verification email. We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security.


You may request that we delete the personal information we have collected about you. Please note that we may retain certain information as required or permitted by applicable law. You may make these requests by contacting us using the contact information provided below in the “Contact Information” Section. After submitting your request, please monitor your email for a verification email. We are required by law to verify your identity prior to granting access to your data in order to protect your privacy and security. Changes to our privacy policy Our privacy policy became effective on February 2022. From time to time, it may be necessary for Company to change its privacy policy and notice, so we suggest that you check here periodically. Links to other sites We may offer links to sites that are not operated by Company. If you visit one of these linked sites, you should review their privacy and other policies. We are not responsible for the policies and practices of other companies.

How to contact us

If you wish to contact us to update your information or complaints, please feel free to contact us: by email at