PRIVACY POLICY

Last Updated: January 24, 2020

This Privacy Policy provides a description of how Sherpa RTLS Solutions (“Sherpa,” “we,” “our,” or “us”) collects, uses, and shares information about you as well as your rights and choices regarding such information. It applies to any of our websites, web portals, mobile apps or other digital services that link to this Privacy Policy or offline service that makes this Privacy Policy available to you (the “Services”). By using the Services, you agree to our Terms and Conditions and information practices described in this Privacy Policy. If you do not agree, discontinue use of the Services.

If you are a California resident or are located in the European Economic Area, please see the “Additional Disclosures for California Residents” and “Additional Disclosures for Data Subjects in Europe” sections. If you have questions or wish to exercise your rights, please contact us as set out in the “Contact Us” section.

What information do we collect?

Information You Provide

When you provide information to us by registering on one of our Services such as our websites, web portals, mobile apps, responding to a survey, filling out a form or voluntarily providing any other information across any of our Services, we collect that information. The following are the categories of information we collect and have collected, including in the last 12 months:

  • Identifying Data, including your full name, email address, postal address, telephone number, and fax number. 
  • Company Data, including the name of the company you work for, company city, company state/province, company country, company contact data, job title and position, 
  • Account Credentials, including your username, password, password hints, and information for authentication and account access. 
  • Demographic Data, including your age, gender, and country. 
  • Transaction Data, including your payment instrument number (such as a credit or debit card number), expiration date, and security code as necessary to process your payments.
  • Profile Data, including your interests, inferences, and preference and behavioral data.
  • Content, including content within any messages you send to us (such as feedback and questions to customer support) or publicly post on the Service.

You may choose to voluntarily provide other information to us that we do not request, and, in such instances, you are solely responsible for such information.

Information Automatically Collected

We also automatically collect information about you or your activities on our Services. The categories of information we automatically collect and have collected, including in the last 12 months, include: 

  • Service Use Data, including data about features you use, pages you visit, emails and advertisements you view, click or scroll over, events and services you view and attend, click stream information, the time of day you browse, and your referring and exiting pages.
  • Device Data, including data about the type of device or browser you use, your device’s operating software, your internet service provider, your device’s regional and language settings, and device identifiers such as IP Address, MAC Address, and badge number.
  • Location Data, including imprecise location data (such as location derived from an IP address or data that indicates a city or postal code level) and, with your consent, precise location data (such as latitude/longitude data).

We use various tracking technologies to automatically collect information when you use the Service. For further information on how we use tracking technologies such as cookies, and your rights regarding them, see the section below entitled “Do we use cookies?”.

Information from Other Sources

Sherpa receives and has received, including in the last 12 months, information from other sources, including exhibitors, event registration vendors. This information includes registration data, company data, demographics data, and profile data.

What do we do with your information?

Data from registration (such as name, address, device ID, and IP Address) are used solely for the purposes of enabling social features in the app, and deleted from app and web databases at the end of the event. Personal identifiers from this data set are stored by unique User ID in a separate, secure file for the life of the event data.


Company data from registration (such as company name, company city, company state/province, and company country), service use data, including web portal use data are analyzed, in aggregate, for the purposes of understanding the use of our systems, and reporting to event organizers and exhibitors on traffic flows, brand exposure, advertising exposure, and market analysis. These data are retained for 10 years following the event in order to determine long term trends.

We collect and use information for business and commercial purposes in accordance with practices described in this Privacy Policy. Our business purposes for collecting and using information, including in the last 12 months, include to:

  • provide and manage our Services;
  • provide exhibitors with qualified sales leads when you allow them to scan your badge;
  • personalize your experience;
  • improve our Services, websites, portals, mobile apps and digital products;
  • process your orders or requests and to pre-populate forms;
  • administer a contest, promotion, survey or other site feature;
  • send you emails or push notifications including information about updates to your subscriptions, orders, downloads, or other transactions, technical notices, security alerts, changes to our policies, and support and administrative messages;
  • provide you with location-based or other services, including marketing through push notifications.
  • match the right messages to you on our Services or on other party’s services;
  • offer you opportunities to connect directly with your peers and with sellers of technology or services that may be of interest to you;
  • aggregate data for statistical analysis, academic, and industry research;
  • send you direct marketing and advertising; and 
  • fulfill any other business or commercial purposes at your direction or with notice to you and/or your consent.

We may process your information for our legitimate business interests, which include but are not limited to: fraud prevention, direct marketing, network and information systems security, data analytics or data enhancement, modifying or improving our Services, identifying usage trends, and determining the effectiveness of promotional campaigns and advertising. You have the right to object to this processing, and opt out through the app or web user interface.The information you provide also will be used to send you information and updates pertaining to your subscription, order, download, or other transactions. In addition, you may receive related company news, updates, and product or service information, etc.

We also use information that does not identify you (including information that has been aggregated or de-identified) for any purpose except as prohibited by applicable law. For information on your rights and choices regarding how we use information about you, please see the “Your Rights” section below.

Do we disclose any information to other parties?

We share information we collect in accordance with the practices described in this Privacy Policy. The types of entities to whom we disclose and have shared information, including in the last 12 months, include the following: 

  • Service Providers. We share information with entities who process information on our behalf for our business purposes and assist us in operating our Services, conducting our business, or servicing you. We contractually prohibit our service providers from retaining, using, or disclosing information about you for any purpose other than performing the services for us. We also contract with service providers to provide you services and products; in such instances, notice will be provided to you before such services or products are purchased. 
  • Exhibitors and Other Companies. We share information with exhibitors to facilitate apps for events. In addition to providing you with our own content and content that we license, we offer you the opportunity to access others’ branded content and expertise. When you choose to take advantage of that content and expertise, you choose to have your name and contact details transferred directly to that other company or companies. This includes the transfer of registration data and company data to exhibitors who have scanned your badge in person during an event.
  • Vendors and Other Parties. We share information with vendors for business and commercial purposes, including event registration vendors, and analytics and advertising technology companies. Vendors may act as our service providers, or in certain contexts, independently decide how to process your information. 
  • For Legal Obligations. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others rights, property, or safety. We reserve the right to use or disclose information in connection with: (i) legal proceedings or preparations therefore; (ii) to respond to judicial or other government process such as court orders, subpoenas, requests for discovery and similar litigation relation requirements; (iii) to provide information to law enforcement agencies or for an investigation on a matter related to public safety; (iv) in general to comply with applicable laws, government requests and court orders and (v) enforce our policies and procedures, protect us or others rights, property or safety. We may elect to make these disclosures even if we have not received a subpoena, if we believe in good faith that we have a legal obligation to do so, or if we believe that our failure to do so may result in liability to us, or a violation of law.
  • Public Forums. We offer Services such as online communities, websites, web portals, digital products and mobile applications that allow you to publish content. We will publish the user name that you provide when you comment or publish other content. Privacy controls may be provided to allow you to manage your profile on these sites and applications. It is your responsibility as a professional to locate, understand, and utilize these privacy controls.
  • Merger or Acquisition. We reserve the right to share information in connection with, or during negotiations of, any proposed or actual merger, purchase, sale or any other type of acquisition or business combination of all or any portion of our assets, or transfer of all or a portion of our business to another business. 
  • Facilitating Requests. We share information at your request or direction, such as when you choose to share information with a social network about your activities on the Services. 
  • Consent. We share information with notice to you and your consent. 

Notwithstanding the above, we may share information that does not identify you (including information that has been aggregated or de-identified) except as prohibited by applicable law. For information on your rights and choices regarding how we share information about you, please see the “Your Rights” section below.

How do we protect your information?

We implement and maintain reasonable administrative, physical, technical security safeguards to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of information about you.

After a transaction, your related transaction data will not be kept on file for more than 60 days.

Children

The Services are intended for a general audience, and is not directed at children under (13) years of age.

We do not knowingly gather personal information (as defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) in a manner not permitted by COPPA. If you are a parent or guardian and you believe we have collected information from your child in a manner not permitted by law, contact us at dpo@sherpa-solutions.com. We will remove the data to the extent required by applicable laws.

We do not knowingly “sell,” as that term is defined under the California Consumer Privacy Act of 2018, the personal information of minors under 16 years old who are California residents.

If you are a California resident under 18 years old and registered to use the Services, you can ask us to remove any content or information you have posted on the Services. To make a request, email us at the email address set out in “Contact Us” section with “California Under 18 Content Removal Request” in the subject line, and tell us what you want removed. We will make reasonable good faith efforts to remove the post from prospective public view, although we cannot ensure the complete or comprehensive removal of the content and may retain the content as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Your Rights

If at any time you wish to suspend processing of your data, correct information, or request deletion of your data, that is your right. You may reach us via our Customer Service Form.

Updating and Accessing Information

Under the law of some countries, you may have the right to access the information Sherpa holds about you, correct mistakes in that information, and to delete information. If your information changes, or if you no longer desire our to use our Services, you may correct, update, or request deletion by submitting your request via our Contact Form to our customer service team. We will respond to requests within 30 days. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to do so and why. This is commonly in cases where we are unable to identify which information is yours (such as cases where the information has been de-identified).

Cookie Choices

We use cookies which are small files that a site, or its service provider, transfers to your device through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information.

We use cookies to understand and save your preferences for future visits. We use information gathered through analytics tools that utilize cookies to aggregate anonymized user information to help us better design our Services, and to enhance the functionality you enjoy as you navigate between our digital Services.

We also may use cookies to match the right people with the right message you see on our Services or on the websites or online services of other parties in conjunction with advertising vendors.

By using our site or allowing your browser to “accept cookies”, you consent to use of cookies with respect to your device.

For more information about how we use cookies read our Cookie Policy, and see our Manage Your Cookie Settings page to manage your cookie preferences.

Analytics and Advertising 

We use analytics services, such as Google Analytics, to help us understand how users access and use the Service. Google provides tools to allow you to opt out of the use of certain information collected by Google Analytics at https://tools.google.com/dlpage/gaoptout and by Google Analytics for Display Advertising or the Google Display Network at https://www.google.com/settings/ads/onweb/ .

In addition, we work with agencies, advertisers, ad networks, and other technology services to place ads about our products and services on other websites and services. We allow our vendors and other companies to serve ads and/or collect certain information when you visit our Services. These companies may use information (such as click stream information, browser type, time and date, subject of advertisements clicked or scrolled over) during your visits to our Services and other party’s websites and online services to provide advertisements about goods and services likely to be of greater interest to you. These companies typically use tracking technologies such as cookies or web beacons to collect this information. To learn more about this behavioral advertising practice or to opt-out of this type of advertising, you can visit (i) for websites targeted ads from Digital Advertising Alliance (DAA) participants, http://www.aboutads.info/choices/; (ii) for app targeted ads from DAA participants, https://www.aboutads.info/appchoices; or (iii) for targeted ads from the Network Advertising Initiative participants, www.networkadvertising.org.

Social Media

Sherpa mobile apps interface with your social media when you use the social features, including likes, comments, and check-ins, and only the data related to those features and who used them is collected. Any further interaction on social media falls under the social media website or mobile application’s privacy policy.

Messaging and Communications 

  • In App Messaging. Messaging within the mobile app exposes any information in your profile to those with whom you message, including but not limited to your name, company affiliation, and Employment Information. You may opt-out of sharing this information at any time, but Sherpa does not currently support anonymous messaging in our mobile applications for safety reasons.
  • E-mails. You can opt-out of receiving promotional emails from us at any time by following the instructions as provided in emails to click on the unsubscribe link, or emailing us at the email address set out in the “Contact Us” section below with the word UNSUBSCRIBE in the subject field of the email. Please note that you cannot opt-out of non-promotional emails, such as those about your account, transactions, servicing, or Sherpa’s ongoing business relations.
  • Push Notifications. If you have opted-in to receive push notification on your device, you can opt-out at any time by adjusting the permissions in your device or uninstalling our app.

Links to Other Parties’ Websites and Online Services

Occasionally, at our discretion, we may include or offer links to other parties’ products or online services on our Services. These links or websites are not owned or operated by Sherpa and have separate and independent privacy policies that govern their information collection practices. We therefore have no responsibility or liability for the content and activities of those linked sites. Nonetheless, we seek to protect the integrity of our Services and welcome any feedback about these sites and online services of other parties.

Your Consent

In using our Services, you will actively consent to our online privacy policy. You may withdraw this consent at any time without penalty, and without any degradation of Services.

Changes to our Privacy Policy

We reserve the right to revise and reissue this Privacy Policy at any time. Any changes will be effective immediately upon posting of the revised Privacy Policy. Your continued use of our Service indicates your consent to the Privacy Policy then posted. If the changes are material, we may provide you additional notice to your email address. If we decide to change our privacy policy, we will post those changes on this page, and/or update the Privacy Policy modification date below.

Contact Us

If you have any questions regarding this Privacy Policy or have a disability and would like to access this Privacy Policy in an alternative format, contact us using the information below:


Data Protection Officer Sherpa RTLS Solutions

5420 Boulevard St-Laurent

Suite 230

Montreal, QC H2T 1S1
Canada
Website: www.sherpa-solutions.com
Email: dpo@sherpa-solutions.com

Additional Disclosures for California Residents

These additional disclosures for California residents apply only to individuals who reside in California. The California Consumer Privacy Act of 2018 (“CCPA”) provides additional rights to know, delete and opt out, and requires businesses collecting or disclosing personal information to provide notices and means to exercise rights.

Notice of Collection

In the past 12 months, we have collected the following categories of personal information listed in the CCPA: 

  • Identifiers, including name, email address, phone number account name, IP address, and badge number. 
  • Customer Records, billing address, and credit or debit card information.
  • Demographics, such as your age or gender. This category includes data that may qualify as protected classifications under other California or federal laws. 
  • Commercial Information, including interactions and engagement with the Services.
  • Internet Activity, including your interactions with our Services.
  • Geolocation Data, including location enabled services such as WiFi and GPS.
  • Employment Data, including information about the company you work for and your job and title. 
  • Inferences, including information about your interests, preferences and favorites.

For more information on information we collect, including the sources we receive information from, review the Information Collection section. We collect and use these categories of personal information for the business purposes described in the Use of Information section, including to provide and manage our Services. 

Sherpa does not generally sell information as the term “sell” is traditionally understood. However, to the extent “sale” under the CCPA is interpreted to include advertising technology activities such as those disclosed in the Analytics and Advertising section as a “sale,” we will comply with applicable law as to such activity. Sherpa discloses the following categories of personal information for commercial purposes: identifiers, demographics, commercial information, internet activity, geolocation data and inferences. We use and partner with different types of entities to assist with our daily operations and manage our Services. Please review the Sharing of Information section for more detail about the parties we have shared information with. 

Right to Know and Delete

If you are a California resident, you have the right to delete the personal information we have collected from you and the right know certain information about our data practices in the preceding 12 months. In particular, you have the right to request the following from us: 

  • The categories of personal information we have collected about you;
  • The categories of sources from which the personal information was collected; 
  • The categories of personal information about you we disclosed for a business purpose or sold; 
  • The categories of third parties to whom the personal information was disclosed for a business purpose or sold; 
  • The business or commercial purpose for collecting or selling the personal information; and 
  •  The specific pieces of personal information we have collected about you.

To exercise any of these rights, please submit a request by emailing us at dpo@sherpa-solutions.com. In the request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests to know or delete.

Right to Opt-Out

To the extent Sherpa sells your personal information as the term “sell” is defined under the CCPA, you have the right to opt-out of the sale of your personal information by us to third parties at any time. You may submit a request to opt-out by clicking Do Not Sell My Personal Information. You may also submit a request to opt-out by emailing us at dpo@sherpa-solutions.com. 

Authorized Agent

You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly. 

Right to Non-Discrimination. 

You have the right not to receive discriminatory treatment by us for the exercise of any your rights. 

Shine the Light

Customers who are residents of California may request (i) a list of the categories of personal information disclosed by us to third parties during the immediately preceding calendar year for those third parties’ own direct marketing purposes; and (ii) a list of the categories of third parties to whom we disclosed such information. To exercise a request, please write us at the email or postal address set out in “Contact Us” section above and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year. 

Additional Disclosures for Nevada Residents

Nevada law (NRS 603A.340) requires each business to establish a designated request address where Nevada consumers may submit requests directing the business not to sell certain kinds of personal information that the business has collected or will collect about the consumer. A sale under Nevada law is the exchange of personal information for monetary consideration by the business to a third party for the third party to license or sell the personal information to other third parties. If you are a Nevada consumer and wish to submit a request relating to our compliance with Nevada law, please contact us as at dpo@sherpa-solutions.com.

Additional Disclosures for Data Subjects in Europe 

Data Subject Rights 

Under the GDPR, all consumers have the right to control how their information is collected and shared, including the right to full-featured use of our products when possible. You have the following rights, which can be exercised through our website and the privacy menu in the app:

  1. You may withdraw your consent to the collection and/or use of your personal data at any time.
  2. You may request a copy of your data.
  3. You may request that your personal data be deleted.
  4. You may request that we cease processing of your personal data for a period determined by you.
  5. You may request that we correct an error in your personal data.