Sunny Benefits, Inc. (“Sunny,” “Us,” “We,” or “Our”) offers comprehensive health and wellbeing programs (the “Programs”) designed to encourage, reward, and incentivize healthy activities, and to enable insurers to help their members maximize supplemental benefit dollars. Our Programs are provided by employers, health plans, or insurance carriers (each a “Sponsor”) on a voluntary basis, and are administered, managed, and/or operated by Sunny Benefits, Inc., a Delaware corporation headquartered at 145 King Street, Suite 102, Charleston, SC 29401. The Programs are delivered through our web platform (the “Site”) and mobile application (the “App”), collectively referred to as the “Platform”.
One of the features that makes Sunny’s Programs unique is the integration of the healthy activities and behaviors with a reloadable VISA® branded prepaid payment card (the “Card”) issued by The Bancorp Bank, N.A., Member FDIC (the “Issuer”). Depending on the Program for which your Sponsor has enrolled you, you may earn rewards and incentives that are loaded on the Card upon completion of healthy activities, be able to use your Card to purchase designated approved over-the-counter health and wellness items under a supplemental benefits program (“Approved Purchases”), or both. Your Card is issued subject to the terms and conditions of the Issuer’s Prepaid Card Cardholder Agreement and the Issuer’s Privacy Policy, which may contain restrictions on your privacy rights, such as mandatory arbitration.
This Privacy Notice describes how we collect, use, store, and share personal information, both online and offline, and outlines your rights regarding access, correction, transfer, restriction, or deletion of your data. Protecting your information is our highest priority. Please read this Privacy Notice carefully. If you do not agree with our policies and practices, do not enroll in any Sunny Benefits Program.
We collect both anonymous and personal information to provide you with our Programs and services. “Personal Information” means any information that directly or indirectly identifies you. The types of Personal Information we collect depends on how you use our Platform and may include:
PHI is a special type of Personal Information that is protected under the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). If you participate in an Enterprise Program with a Covered Entity as defined by HIPAA, we comply with all HIPAA requirements. With respect to your use of the Platform, we may receive PHI from your Sponsor in the form of file listing all persons that your Sponsor is designating as eligible to use our Platform (an “Eligibility File”). We require that Sponsors ensure that Eligibility Files contain the minimum necessary amount of information to verify your identity as the correct individual.
If your Sponsor is not a “Covered Entity” under HIPAA, then the Eligibility File, and any information you voluntarily provide through your use of the Platform may not constitute PHI, even if it includes health-related information such as measurements (e.g. height, weight), or biometrics.
We also collect information that does not individually identify you, such as browser type, operating system, technical data, and usage statistics. We may link this information to Personal Information or Health Information.
You are not required to provide Personal Information but withholding it may limit our ability to provide certain services.
We collect information in the following ways:
We may also collect information through engagement surveys, activity tracking devices, and health stations, depending on your Program design.
We use your Personal Information to:
| Purpose | Legal Basis |
| Administer and manage the Program and related features | Performance of Services, contractual necessity and legitimate interest |
| Manage your Sunny Benefits account and membership | Performance of Services, contractual necessity and legitimate interest |
| Verify your identity | Legal requirement |
| Provide you with the services or financial products you have requested, e.g., responding to any inquiry, providing support services, managing your account and profile, hosting events, and managing the contractual relationship | Contractual necessity and legitimate interest |
| Administration, research, database development and business operation purposes. | Legitimate interest |
| Protect against, identify, and prevent fraud, abuse and other criminal activity, claims and other liabilities. | Legal requirement and legitimate interest |
| Administer and protect our business and this website. | Legitimate Interest |
| Make suggestions and recommendations to you about goods or services that may be of interest to you; to the extent required by applicable law, we will obtain your consent to send you electronic marketing communications | Legitimate Interest |
| Identify you upon enrollment or sign-in | Legal requirement, Contractual necessity, and legitimate interest |
| Track your progress, incentives, and rewards | Contractual necessity, and legitimate interest |
| Provide information about the Program and features | Legitimate interest |
| Respond to your questions and requests | Contractual necessity, and legitimate interest |
| Ensure appropriate security and confidentiality controls | Legal requirement, Contractual necessity, and legitimate interest |
Note that we may process your personal data on more than one legal basis depending on the specific purpose for which we are using your personal information.
When we process personal information for our legitimate interests, we take appropriate measures to ensure that the interests we pursue are balanced with your interests, rights and freedoms, about which we will provide more information upon request.
We may use the information we collect to comply with and enforce applicable legal requirements to which we are subject, and for the establishment, exercise or defense of legal claims, whether in court proceedings or in administrative or out-of-court procedures.
We also may use the information we collect about you in other ways for which we will provide specific notice at the time of collection and obtain your consent if required by applicable law.
If you opt to receive push notifications, emails, or text messages, we may send you reminders and notices about your Program and related services. You may opt out at any time by updating your preferences, contacting Member Services, or responding STOP to any text message.
By accepting the Membership Agreement, you consent to us contacting you directly, including via automated systems, at any phone number on your profile. You may update your contact preferences at any time.
We do not sell your Personal Information to third parties. We only share Personal Information as necessary to fulfill legitimate business purposes, and only in the following circumstances:
We may share anonymized and aggregated data with your Sponsor for evaluation and improvement of the Program. Identifiable information is shared only as necessary for administration or compliance purposes.
Your data is protected and maintained in accordance with industry-leading security practices, including HITRUST standards, to protect your information. Security measures include:
While we strive to protect your data, no company can guarantee complete security for online services.
Our Sites are not designed to respond to “do not track” signals from browsers. To learn how to opt out of interest-based advertising in the U.S., visit www.aboutads.info/choices or www.networkadvertising.org/choices.
This website recognizes and respects the Global Privacy Control (GPC) standard, which allows users to communicate their privacy preferences to websites that may process their personal information. If you have enabled a GPC signal on your browser or device, we will process it for your browser, but it will not apply outside of that browser to your device, account, or offline sales or sharing. After using the GPC, if you clear your cookies in your browser, you will need to use the GPC again for us to process your opt-out request for that browser. For more information about the GPC, please visit globalprivacycontrol.org.
Please keep in mind that our Platforms and the Program may allow you to link to online services managed by third parties in order to provide certain features or experiences or ti other online services (such as social media platforms) for your convenience and information, and may include third-party features such as apps, tools, widgets and plug-ins. These third-party services and features may operate independently from us. The privacy practices of the relevant third parties, including details on the information they may collect about you, are subject to the privacy statements of these parties, which we strongly suggest you review. To the extent any linked online services or third-party features are not owned or controlled by us, we are not responsible for these third parties’ information practices.
You have the following rights regarding your Personal Information:
You may review and update your Personal Information by logging in to our Platform. Requests for copies, corrections, transfers, or deletion of your data can be made by contacting us at [email protected]. We will respond within a reasonable timeframe, subject to legal and contractual obligations.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We may also decline your request and provide you with an explanation where your request would prevent our ability to provide the Program to you. In addition, please be aware that your Sponsor provides Eligibility Files on a regular basis so even if we delete your information, it may be re-provided by a subsequent Eligibility File.
We use cookies to enhance your experience, save preferences, track advertisements, and analyze site traffic. You may refuse cookies via your browser settings, but this may limit site functionality. For more information, refer to our Cookie Policy.
Our Services are not directed to children under 13, and we do not knowingly collect Personal Information from children under 13. If we learn that we have collected such information, we will delete it promptly.
Sunny Benefits is a U.S.-based company. Your Personal Information may be transferred to, stored, and processed in the United States. If you are located in the European Economic Area (EEA), we use appropriate safeguards, such as standard contractual clauses, for international data transfers.
We may update this Privacy Notice periodically. Material changes will be communicated via email or a prominent notice on our website. Please review this Notice regularly for updates. Changes are effective upon posting.
For questions about this Privacy Notice, contact:
Sunny Benefits, Inc.
145 King St., Suite 102
Charleston, SC 29401
United States
Email: [email protected]
We retain your Personal Information as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. We may anonymize your data for research or statistical purposes, in which case it may be used indefinitely.
Sunny
145 King St., Suite 102
Charleston, SC 29401
The Sunny Visa® Prepaid Card is issued by The Bancorp Bank, N.A., Member FDIC, pursuant to a license from Visa U.S.A. Inc. and may not be used everywhere Visa debit cards are accepted. Valid only in the U.S. No Cash or ATM access.
©2025 Sunny Benefits, Inc. All rights reserved. All other trademarks shown are the property of their respective owners.
