Skip to main content
Club
WelcomeMembersQuestionsMessagesGo Gold
Studio
CinemaMusicClipsMomentsInsightsChroniclesRadio
Essays
NarrativesPerspectivesSocietyHeritageWorksJourneysSuccessTaste & Style
Sport
FootballWrestling & Martial ArtsBasketball
Diaspora
CommunityOpportunitiesBack Home
News
SenegalAfricaWorld
Sunulife Play
Club
WelcomeMembersQuestionsMessagesGo Gold
Studio
CinemaMusicClipsMomentsInsightsChroniclesRadio
Essays
NarrativesPerspectivesSocietyHeritageWorksJourneysSuccessTaste & Style
Sport
FootballWrestling & Martial ArtsBasketball
Diaspora
CommunityOpportunitiesBack Home
News
SenegalAfricaWorld
Sunulife Play
Sunulife AIMy FavoritesMy HistoryHelp & FAQSunulife en Français
FR

Privacy Policy

Last updated: March 26, 2026

Sunulife Inc. (“Sunulife”, “we”, “us”) operates the Sunulife website and mobile applications (collectively, the “Service”). This Privacy Policy explains what data we collect, how we use it, with whom we share it, and what rights you have. By using the Service, you agree to this policy. A French version is available at /fr/confidentialite.

1. Who We Are

Sunulife Inc. is a Canadian company operating a bilingual (English/French) digital media platform focused on Senegalese culture and the African diaspora. Contact: [email protected].

2. Data We Collect

All visitors (no account required)

  • IP address — used for rate limiting, security, and abuse prevention.

  • Browser type, device type, operating system — collected anonymously via Google Analytics for service improvement.

  • Pages visited, time on page, referral source — collected anonymously via Google Analytics.

  • Language preference — stored locally in your browser (localStorage).

  • Cookies — see Section 6.

Free members (registered accounts)

  • Email address, username, and encrypted password (bcrypt hash — we never store your plain-text password).

  • Display name, country, profession, spoken languages, bio, and profile picture (optional, set by you).

  • Profile visibility settings (public or private).

  • Reading history and favorites (used for personalization and the monthly article read meter).

  • Q&A posts and replies you submit (public within the Club).

  • Account preferences (language, email notification settings).

Gold members (paid subscribers)

  • Everything above, plus subscription status and billing dates.

  • Payment is processed by Stripe or PayPal. We never see or store your card number, bank details, or full payment credentials — these are handled entirely by the payment processor.

  • Private messages you send and receive within the Club (stored in our database, accessible only to the participants and, where legally required, to Sunulife staff for moderation).

3. How We Use Your Data

  • To provide and operate the Service, including account authentication, content delivery, and personalization.

  • To enforce the monthly article read meter for free members.

  • To send transactional emails: account verification, password reset, new message notifications (you can disable message notifications in Preferences).

  • To process Gold subscription payments and manage billing.

  • To moderate content and enforce community guidelines.

  • To detect and prevent abuse, fraud, and security threats.

  • To improve the Service through aggregated, anonymized analytics.

4. Data Sharing and Third Parties

We do not sell your personal data. We share limited data with the following service providers who help operate the Service:

  • Stripe — payment processing for Gold subscriptions. Subject to Stripe’s Privacy Policy.

  • PayPal — alternative payment processing. Subject to PayPal’s Privacy Policy.

  • Google Analytics — anonymous usage analytics. Data is anonymized; we do not share identified user data with Google Analytics.

  • Google reCAPTCHA — bot and abuse protection during registration and form submissions.

  • DigitalOcean Spaces — cloud storage for user-uploaded profile images and media assets (Frankfurt, Germany region).

  • Bunny.net — CDN for fast global content delivery.

  • Vercel — hosting and edge delivery (servers primarily in the United States and Europe).

  • Gmail (via Nodemailer) — transactional email delivery (account emails, notifications).

We may also share data with legal authorities when required by applicable law, court order, or to protect the rights and safety of our users and platform.

5. Public Content

If your profile is set to public, your display name, username, country, profession, and bio are visible to all visitors. Your Q&A posts are public within the Club. Private messages are visible only to conversation participants.

6. Cookies

  • Authentication cookie (token) — a signed JWT stored as an HttpOnly cookie. Required to stay logged in. Valid for ~7 days.

  • Language preference — stored in localStorage (not a cookie), not shared with any third party.

  • Analytics cookies — set by Google Analytics for aggregated usage measurement. You can opt out via browser settings or a Google Analytics opt-out extension.

  • Advertising cookies — set by Google AdSense for visitors without a Gold account. Gold members do not see ads.

7. Data Retention

  • Account data is retained until you request deletion.

  • Reading history used for the monthly meter is tracked over a rolling 30-day window.

  • Private messages are retained until deleted by participants or in response to a deletion request.

  • Subscription billing records are retained as required by financial and tax regulations (typically 7 years in Canada).

  • Analytics data is retained in anonymized, aggregated form.

8. Your Rights

Depending on where you live, you may have the following rights:

EU / EEA users (GDPR)

  • Right of access — request a copy of data we hold about you.

  • Right to rectification — correct inaccurate data.

  • Right to erasure (“right to be forgotten”) — request deletion of your personal data.

  • Right to data portability — receive your data in a structured format.

  • Right to restriction of processing — limit how we process your data.

  • Right to object — object to processing based on legitimate interests.

  • Right to withdraw consent — for processing based on consent (e.g. email notifications), you can withdraw at any time in Preferences.

Canadian users (PIPEDA)

  • Right of access — request access to your personal information.

  • Right to correction — request correction of inaccurate personal information.

  • Right to withdraw consent — subject to legal and contractual limitations.

To exercise any of these rights, email [email protected] with the subject line “Privacy Request”. We will respond within 30 days. You can also update or delete most of your data directly in your account settings.

9. Children’s Privacy

The Service is not directed to children under 13 years of age. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.

10. International Data Transfers

Your data may be processed in countries outside your own, including the United States (Vercel hosting, Google, Stripe, PayPal) and Germany (DigitalOcean Spaces). These transfers are subject to appropriate safeguards, including data processing agreements with our service providers. By using the Service, you consent to these transfers.

11. Data Security

We use industry-standard technical measures to protect your data: passwords are hashed with bcrypt, authentication uses signed JWTs, connections are encrypted via HTTPS/TLS, and our database is access-controlled. No system is perfectly secure. If you discover a security issue, please report it to [email protected].

12. Changes to This Policy

We may update this policy when our practices change or when required by law. The “Last updated” date at the top reflects the most recent revision. For significant changes, we will notify logged-in users by email or in-app notice.

13. Contact Us

For any privacy questions or requests: