Last Updated: January 24, 2020
If you are a California resident or are located in the European Economic Area, please see the “Additional Disclosures for California Residents” and “Additional Disclosures for Data Subjects in Europe” sections. If you have questions or wish to exercise your rights, please contact us as set out in the “Contact Us” section.
What information do we collect?
Information You Provide
When you provide information to us by registering on one of our Services such as our websites, web portals, mobile apps, responding to a survey, filling out a form or voluntarily providing any other information across any of our Services, we collect that information. The following are the categories of information we collect and have collected, including in the last 12 months:
You may choose to voluntarily provide other information to us that we do not request, and, in such instances, you are solely responsible for such information.
Information Automatically Collected
We also automatically collect information about you or your activities on our Services. The categories of information we automatically collect and have collected, including in the last 12 months, include:
Information from Other Sources
Sherpa receives and has received, including in the last 12 months, information from other sources, including exhibitors, event registration vendors. This information includes registration data, company data, demographics data, and profile data.
What do we do with your information?
Data from registration (such as name, address, device ID, and IP Address) are used solely for the purposes of enabling social features in the app, and deleted from app and web databases at the end of the event. Personal identifiers from this data set are stored by unique User ID in a separate, secure file for the life of the event data.
Company data from registration (such as company name, company city, company state/province, and company country), service use data, including web portal use data are analyzed, in aggregate, for the purposes of understanding the use of our systems, and reporting to event organizers and exhibitors on traffic flows, brand exposure, advertising exposure, and market analysis. These data are retained for 10 years following the event in order to determine long term trends.
We may process your information for our legitimate business interests, which include but are not limited to: fraud prevention, direct marketing, network and information systems security, data analytics or data enhancement, modifying or improving our Services, identifying usage trends, and determining the effectiveness of promotional campaigns and advertising. You have the right to object to this processing, and opt out through the app or web user interface.The information you provide also will be used to send you information and updates pertaining to your subscription, order, download, or other transactions. In addition, you may receive related company news, updates, and product or service information, etc.
We also use information that does not identify you (including information that has been aggregated or de-identified) for any purpose except as prohibited by applicable law. For information on your rights and choices regarding how we use information about you, please see the “Your Rights” section below.
Do we disclose any information to other parties?
Notwithstanding the above, we may share information that does not identify you (including information that has been aggregated or de-identified) except as prohibited by applicable law. For information on your rights and choices regarding how we share information about you, please see the “Your Rights” section below.
How do we protect your information?
We implement and maintain reasonable administrative, physical, technical security safeguards to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of information about you.
After a transaction, your related transaction data will not be kept on file for more than 60 days.
The Services are intended for a general audience, and is not directed at children under (13) years of age.
We do not knowingly gather personal information (as defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) in a manner not permitted by COPPA. If you are a parent or guardian and you believe we have collected information from your child in a manner not permitted by law, contact us at firstname.lastname@example.org. We will remove the data to the extent required by applicable laws.
We do not knowingly “sell,” as that term is defined under the California Consumer Privacy Act of 2018, the personal information of minors under 16 years old who are California residents.
If you are a California resident under 18 years old and registered to use the Services, you can ask us to remove any content or information you have posted on the Services. To make a request, email us at the email address set out in “Contact Us” section with “California Under 18 Content Removal Request” in the subject line, and tell us what you want removed. We will make reasonable good faith efforts to remove the post from prospective public view, although we cannot ensure the complete or comprehensive removal of the content and may retain the content as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If at any time you wish to suspend processing of your data, correct information, or request deletion of your data, that is your right. You may reach us via our Customer Service Form.
Updating and Accessing Information
Under the law of some countries, you may have the right to access the information Sherpa holds about you, correct mistakes in that information, and to delete information. If your information changes, or if you no longer desire our to use our Services, you may correct, update, or request deletion by submitting your request via our Contact Form to our customer service team. We will respond to requests within 30 days. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to do so and why. This is commonly in cases where we are unable to identify which information is yours (such as cases where the information has been de-identified).
Analytics and Advertising
We use analytics services, such as Google Analytics, to help us understand how users access and use the Service. Google provides tools to allow you to opt out of the use of certain information collected by Google Analytics at https://tools.google.com/dlpage/gaoptout and by Google Analytics for Display Advertising or the Google Display Network at https://www.google.com/settings/ads/onweb/ .
In addition, we work with agencies, advertisers, ad networks, and other technology services to place ads about our products and services on other websites and services. We allow our vendors and other companies to serve ads and/or collect certain information when you visit our Services. These companies may use information (such as click stream information, browser type, time and date, subject of advertisements clicked or scrolled over) during your visits to our Services and other party’s websites and online services to provide advertisements about goods and services likely to be of greater interest to you. These companies typically use tracking technologies such as cookies or web beacons to collect this information. To learn more about this behavioral advertising practice or to opt-out of this type of advertising, you can visit (i) for websites targeted ads from Digital Advertising Alliance (DAA) participants, http://www.aboutads.info/choices/; (ii) for app targeted ads from DAA participants, https://www.aboutads.info/appchoices; or (iii) for targeted ads from the Network Advertising Initiative participants, www.networkadvertising.org.
Messaging and Communications
Links to Other Parties’ Websites and Online Services
Occasionally, at our discretion, we may include or offer links to other parties’ products or online services on our Services. These links or websites are not owned or operated by Sherpa and have separate and independent privacy policies that govern their information collection practices. We therefore have no responsibility or liability for the content and activities of those linked sites. Nonetheless, we seek to protect the integrity of our Services and welcome any feedback about these sites and online services of other parties.
Data Protection Officer Sherpa RTLS Solutions
5420 Boulevard St-Laurent
Montreal, QC H2T 1S1
Additional Disclosures for California Residents
These additional disclosures for California residents apply only to individuals who reside in California. The California Consumer Privacy Act of 2018 (“CCPA”) provides additional rights to know, delete and opt out, and requires businesses collecting or disclosing personal information to provide notices and means to exercise rights.
Notice of Collection
In the past 12 months, we have collected the following categories of personal information listed in the CCPA:
For more information on information we collect, including the sources we receive information from, review the Information Collection section. We collect and use these categories of personal information for the business purposes described in the Use of Information section, including to provide and manage our Services.
Sherpa does not generally sell information as the term “sell” is traditionally understood. However, to the extent “sale” under the CCPA is interpreted to include advertising technology activities such as those disclosed in the Analytics and Advertising section as a “sale,” we will comply with applicable law as to such activity. Sherpa discloses the following categories of personal information for commercial purposes: identifiers, demographics, commercial information, internet activity, geolocation data and inferences. We use and partner with different types of entities to assist with our daily operations and manage our Services. Please review the Sharing of Information section for more detail about the parties we have shared information with.
Right to Know and Delete
If you are a California resident, you have the right to delete the personal information we have collected from you and the right know certain information about our data practices in the preceding 12 months. In particular, you have the right to request the following from us:
To exercise any of these rights, please submit a request by emailing us at email@example.com. In the request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests to know or delete.
Right to Opt-Out
To the extent Sherpa sells your personal information as the term “sell” is defined under the CCPA, you have the right to opt-out of the sale of your personal information by us to third parties at any time. You may submit a request to opt-out by clicking Do Not Sell My Personal Information. You may also submit a request to opt-out by emailing us at firstname.lastname@example.org.
You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly.
Right to Non-Discrimination.
You have the right not to receive discriminatory treatment by us for the exercise of any your rights.
Shine the Light
Customers who are residents of California may request (i) a list of the categories of personal information disclosed by us to third parties during the immediately preceding calendar year for those third parties’ own direct marketing purposes; and (ii) a list of the categories of third parties to whom we disclosed such information. To exercise a request, please write us at the email or postal address set out in “Contact Us” section above and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.
Additional Disclosures for Nevada Residents
Nevada law (NRS 603A.340) requires each business to establish a designated request address where Nevada consumers may submit requests directing the business not to sell certain kinds of personal information that the business has collected or will collect about the consumer. A sale under Nevada law is the exchange of personal information for monetary consideration by the business to a third party for the third party to license or sell the personal information to other third parties. If you are a Nevada consumer and wish to submit a request relating to our compliance with Nevada law, please contact us as at email@example.com.
Additional Disclosures for Data Subjects in Europe
Data Subject Rights
Under the GDPR, all consumers have the right to control how their information is collected and shared, including the right to full-featured use of our products when possible. You have the following rights, which can be exercised through our website and the privacy menu in the app: