Privacy

EFFECTIVE DATE: April 11, 2018

As used in this “Privacy Policy”, “Sherlock” refers to all websites (including https://www.sherlockscore.com), properties, and services owned or operated by Space Pencil, Inc., aka Sherlock.

This Privacy Policy is part of Sherlock's Terms of Use and describes the privacy practices of Sherlock. It explains when and how Sherlock collects end user and client information, including Personally Identifiable Information (defined below), how we use such information, and the circumstances under which we may disclose such information to others. This Privacy Policy includes the policies that Sherlock observes for compliance with laws in the United States as well as other applicable laws, including those followed regarding the transfer of Personally Identifiable Information from the European Economic Area (“EEA”) and/or Switzerland to the United States under the U.S. – EU Privacy Shield and U.S. – Swiss Safe Harbor, respectively (collectively, the “Safe Harbor and Privacy Shield”).

By visiting the Sherlock website, visiting a Sherlock client website that provides notice of its use of Sherlock and/or this policy, or registering for our service, you acknowledge that you accept and consent to the practices outlined in this Privacy Policy.

What Types of User Information Does Sherlock Obtain?

Visitors to the Sherlock Website. If you are a visitor to the Sherlock website or a Sherlock client (“Client”) who registers or signs into the Sherlock website (including for purposes of obtaining a free trial of Sherlock's services), we may obtain the following types of information from you or concerning your computer or device (“Sherlock Client Information”), which may include information that can itself be used to identify and/or contact you (“Personally Identifiable Information”):

Name
Email address
Phone number
Website name and URL
Credit card number
Billing address
Visitor site preferences
Sherlock may also receive certain information that may be provided by your browser or mobile device, including:
Browser information
Operating system information
Mobile device information (e.g., device identifier, mobile operating system, etc.)
IP address
Pages accessed
Time of visit
Time of last visit
Referring site, application, or service, including the relevant search queries that led you to Sherlock's website

Visitors to Sherlock's Clients’ Websites. Our Clients may use customized and proprietary Sherlock's code, software and/or services (“Service(s)”) to obtain information regarding the activities that users engage in while visiting their web pages (“Client User Data”). When a user visits a website that uses Sherlock's Service, Sherlock code contained on the website contacts Sherlock's servers and enables Sherlock to collect Client User Data. Some Clients may also use their own code to obtain Client User Data and then send such information to Sherlock's servers. Client User Data may include Personally Identifiable Information, including, but not limited to, the types of information listed for Sherlock Client Information above.

Client User Data is stored on Sherlock's web servers and databases (including those hosted on third party servers on behalf of Sherlock) for use in performing analysis and producing reports for the applicable Sherlock Client. In addition, Sherlock itself uses the Sherlock Service in order to obtain insights into visitors’ activities on its own websites, which include, as of the Effective Date, http://www.sherlockscore.com and http://blog.sherlockscore.com.

Sherlock's collection and analysis of Client User Data helps our Clients to evaluate and understand how their users are interacting with their websites, and potentially, to modify their websites in order to make them more valuable or useful for their users. Sherlock's Clients determine the types of Client User Data that are sent to Sherlock's servers for analysis. This data may include or be linked to Personally Identifiable Information depending on how the Client uses Sherlock's Services on its website(s). Sherlock's Clients are contractually prohibited from sending personally sensitive Client User Data (e.g. personal health information, political opinions, religious or philosophical beliefs) to Sherlock and Sherlock does not knowingly receive such data.

In addition, Sherlock may collect certain information about a Client’s visitor’s computer that may be provided by the visitor’s browser. This includes browser information, operating system information, mobile device information, IP address, time of visit, and the referring site, application, or service. Such information may be collected and shared with the Sherlock Client even though not specifically requested by the Client.

How Do We Use This Information?

Visitors to the Sherlock Website. We use the Sherlock Client Information, including Personally Identifiable Information, to register your account, fulfill your requests, understand how you are engaging with Sherlock, communicate with you, determine if you are satisfied with the Service, process billing for Sherlock Services, and personalize your experience on the Sherlock website and with the Sherlock Service.

We may also use Sherlock User Information to facilitate the delivery of content or advertisements that we believe may be of interest to you, or to communicate with you about new or existing products and services or special offers. For more information on opting out of these communications, please see the section on “User Privacy Controls” below.

Visitors to Sherlock's Clients’ Websites. Except as described in the “Disclosure of Information to Third Parties” section below, Sherlock never sells or shares any Client User Data with individuals or companies other than the specific Client whose website transmitted the Client User Data to Sherlock.

Sherlock does not collect or aggregate information about end user behavior across multiple, different websites that are operated by different Clients, nor does it use any Client User Data for purposes of behavioral advertising. However, Sherlock may analyze Client User Data in the aggregate for purposes of internal research and/or to determine overall trends or metrics concerning how users are engaging with websites, and may report such general trends publicly, without disclosing any Client User Data.

Our Client’s Use of Sherlock. Sherlock contractually requires its Clients to abide by all applicable laws, rules and regulations, including the Safe Harbor and Privacy Shield where it applies, as well as other applicable laws relating to privacy and data collection (“Applicable Laws”). Sherlock also contractually requires its Clients to obtain any necessary consents from visitors to its website(s) for the Client’s use of Sherlock's services, comply with all Applicable Laws (including, as an example, the Safe Harbor and Privacy Shield where it applies) with respect to the transfer of Personally Identifiable Information of EU or Swiss subjects through the Service, and to post an online privacy policy that provides each visitor with clear notice of its practices regarding data collection, use, and disclosure (including the Client’s use of Sherlock), along with a link to the Sherlock Privacy Policy and to the Sherlock Service Opt-Out (discussed below).

Sherlock cannot be held responsible for any Client’s failure to make these disclosures on its website or for any Client’s use or collection of Client User Data that is not permitted under this Privacy Policy or otherwise. For more details on the terms that apply to our Clients’ use of the Sherlock Service, please see Section 4 (“Privacy”) in the Sherlock Terms of Use.

Sherlock's Use of Cookies and Web Beacons

Cookies. Sherlock uses cookies (small text files that Sherlock stores locally on your computer) on our Client’s websites for one or more of the following purposes: to help identify unique visitors and/or devices; assess usage patterns and perform traffic analysis; identify visitor preferences; conduct A/B testing; diagnose problems with our servers, and otherwise administer the Sherlock Service. Sherlock does not use methods such as browser cache, Flash cookies, or eTags, for acquiring or storing information about end users web browsing activity on Client websites or otherwise.

Depending on how our Clients use Sherlock's Services, information contained in Sherlock cookies placed on the computers of end users may be linked to Personally Identifiable Information in Sherlock's database. This allows our Clients to use the Sherlock Service to better analyze and measure their users’ interactions with their website and to organize activities by the same user on their website across time.

If you do not wish to have Sherlock place and use cookies on your computer, you should set your browser preferences to refuse all cookies before accessing Sherlock or other websites that may use Sherlock. Sherlock is not responsible for any failure by you or your browser to accurately implement or communicate your browser preferences or settings. In addition, please be aware that even if you configure your browser settings to reject all cookies, your activity on Sherlock client websites will still be recorded by our Service, unless you opt out of our Service as set forth below. However, your rejection of all cookies will prevent Sherlock from determining whether or not someone using your computer has previously visited the website, i.e., whether or not the visitor is a “unique” visitor, and from retrieving any information about your prior activities on a Client’s website through information contained in a cookie.

Please note that if you set your browser to reject cookies, some features of the websites you visit may be unavailable. For more information on how to reject cookies, see your browser's instructions on changing your cookie settings. Additionally, please note that rejecting cookies may also prevent you from opting out of our Service because that involves placing an opt-out cookie in your browser.

If you do not elect to set your browser preferences to refuse cookies, you consent to have cookies, including cookies used by Sherlock, placed on your computer when you visit our Client’s websites.

Web Beacons. Sherlock may also collect certain information using Web Beacons. “Web Beacons” are electronic images that may be used on Sherlock's Website, in Sherlock's Service, or in our email communications. They are used, for example, to count website visits or to tell if an email has been opened and acted upon.

Disclosure and Transfer of Information to Third Parties

Service Providers. Information, including Sherlock Client Information, Client User Data, and any Personally Identifiable Information contained therein, may be shared with certain third-party companies and individuals that help facilitate technical and administrative aspects of the Sherlock Service (e.g., credit card processing), or perform functions related to the administration of Sherlock (e.g. hosting services). These third parties perform tasks on our behalf and are contractually obligated not to disclose or use Sherlock User Information or Client User Data for any other purpose, and to employ adequate security measures to prevent unauthorized access to such data. However, Sherlock is not responsible in the event that Personally Identifiable Information is disclosed as a result of a breach or security lapse by any such third party.

Sherlock Clients. Sherlock Clients may share Client User Data with service providers (e.g. customer relationship management platforms) that perform tasks on behalf of Sherlock Clients. Sherlock contractually requires the Clients to disclose such practices to its users.

Law Enforcement and Legal Process. Sherlock also reserves the right to disclose any Sherlock Client Information or Client User Information (including Personally Identifiable Information) to: (i) comply with any law, regulation, or legal request; (ii) enforce, apply, or investigate breaches of the Terms of Use or other agreements; (iii) respond to client requests; or (iv) protect the rights, property, or safety of Sherlock, our employees, our users, or others.

Change of Control. If Sherlock, or substantially all of its assets, is acquired by another company or successor entity, Sherlock Client Information and/or Client User Data will be one of the assets transferred or acquired by the purchaser or successor. You acknowledge that such transfers may occur, and that any purchaser of or successor to Sherlock or its assets may continue to collect, use and disclose your information acquired prior to such transfer or acquisition as set forth in this policy.

User Privacy Controls and Do Not Track Signals

Clients and Visitors to the Sherlock Website. Sherlock offers several ways for you to review and update account information that is obtained and stored by Sherlock, or to change your Sherlock communication preferences:

If you have a Sherlock account, you can review or update your account information by contacting us at support@sherlockscore.com.

You may unsubscribe to any of our e-mail or direct message communications regarding updates or products by following the unsubscribe instructions in the body of any message.

You may contact us at privacy@spacepencil.com, attn: Sherlock Privacy Office.

Do Not Track Signals. Sherlock Clients decide whether their use of Sherlock's Service is responsive to Do Not Track signals from browsers, and whether Sherlock will be notified of a Do Not Track signal received from a user’s browser. If a Sherlock Client enables the forwarding of a Do Not Track signal to Sherlock, Sherlock will attempt to read the signal and will not collect any Client User Data from a user visiting that Sherlock Client’s website during that session, following receipt of the Do Not Track signal. The Do Not Track signal is browser-specific, and will not work for mobile devices. If a Sherlock Client does not forward Do Not Track signals to Sherlock, then Sherlock will not have any access to such signals from the Client’s users, and such signal will have no effect on Sherlock's collection or use of data received from that user during the applicable session(s).

Visitors to Sherlock's Clients’ Websites. If you wish to opt out of Sherlock's collecting Client User Data when you visit Sherlock's Client Websites, please see the Sherlock's Tracking Opt-Out Instructions or opt-out directly below.

Opt-in/Opt-out of Sherlock Tracking

If you would like to opt out of Sherlock tracking, you can email privacy@spacepencil.com.

Unlike the Do Not Track signal described above, which applies only to Sherlock Clients who have activated the functionality, this opt-out mechanism applies to all Sherlock Client websites, meaning that no user data will be collected about you on any such websites. Please note that if you use a different device or Internet browser than you used when opting out of Sherlock's Service, or if you clear your cookies, Sherlock will not be able to view the opt-out and will collect Client User Data when you visit Sherlock Client websites. In these circumstances, you will need to revisit the link above from the new browser or device in order to reiterate your opt-out decision for that device or browser.

Email Communications

We may contact you by e-mail or other equivalent electronic communications if you access Sherlock products or services. By registering or using Sherlock Services, you specifically consent to the receipt of these e-mail or text message communications. If you do not want to receive emails or other communications from us, please follow the unsubscribe instructions in the body of such communications or notify us by email at privacy@sherlockscore.com.

How We Protect Your Personal Information

Sherlock has implemented reasonable security mechanisms to protect Sherlock Client Information and Client User Data that is maintained on Sherlock's servers from loss, misuse and unauthorized access, disclosure, alteration and destruction. Examples of these security mechanisms include limited and password-protected access, high security public/private keys, encryption on processed data, and SSL encryption to protect transmission of data.

However, please keep in mind that no security system is impenetrable. It may be possible for third parties to intercept or access Sherlock Client Information and Client User Data in spite of these measures. Sherlock cannot guarantee the security of your information and cannot be held responsible for unauthorized access to Sherlock client accounts.

Our Policy Toward Children

Our Site and Service is not directed to children under 13. We do not knowingly collect personally identifiable information from children under 13 or from websites that are targeted to children under 13. If you are under 13, please do not attempt to register or send any information about yourself to us, including your name, address, telephone number, or email address. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without their consent, he or she should contact us as provided below. If we become aware that a child under 13 has provided us with personally identifiable information, we will delete such information from our servers.

Changes to this Privacy Policy

Sherlock retains the discretion to amend or modify this Privacy Policy from time to time. If we make material changes to the way we collect, use or disclose Personally Identifiable Information, we will notify you by posting a clear and prominent announcement on Sherlock or through a direct communication to your Sherlock account. For new users, the change or update will become effective upon posting. For existing users, the change or update will become effective 14 days after posting.

Use and disclosure of information we obtain is subject to the later of: (1) the Privacy Policy in effect at the time such information is collected or (2) any subsequent Privacy Policy of which you have constructive notice.

How to Contact Us

Sherlock welcomes any questions or comments about this Privacy Policy or our privacy practices. Any such comments or questions should be submitted via e-mail to: privacy@spacepencil.com, or by first class mail, air mail, or overnight courier to:

Sherlock Privacy Office
℅ Space Pencil, Inc
847 Sansome Street, Lower Level
San Francisco, CA 94111

We will use reasonable efforts to respond promptly, within 10-20 business days, to requests, questions or concerns you may have regarding access to Personally Identifiable Information about you that we have collected. We may contact you for follow up information.

Safe Harbor and Privacy Shield Rights and Dispute Resolution

Sherlock complies with the U.S. - E.U. Privacy Shield framework and the U.S. - Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Sherlock has certified that it adheres to the Safe Harbor and Privacy Shield Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor and Privacy Shield programs, and to view Sherlock's certification, please visit http://www.export.gov/safeharbor/ and https://www.privacyshield.gov/ .

With respect to personal information received or transferred pursuant to the Privacy Shield Framework, Sherlock is subject to the investigatory and regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Sherlock may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Under Safe Harbor and Privacy Shield individuals have the right to access information held about them and amend or delete it if it is inaccurate. Any such requests or inquiries should be directed to the Sherlock Privacy Office; contact information is provided above under “How to Contact Us”

Under Safe Harbor and Privacy Shield individuals must have the choice to opt out of the collection and forward transfer of the data to third parties. Sherlock's options for doing so are explained under “User Privacy Controls” Sherlock further certifies that it complies with Safe Harbor and Privacy Shield policies regarding the onward transfer of data to third parties. Information about onward transfer and disclosure is available under “Disclosure and Transfer of Information to Third Parties”

Any questions or concerns regarding the use or disclosure of Personally Identifiable Information should be directed to the Sherlock Privacy Office at the address given above. Sherlock will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personally Identifiable Information by reference to the principles contained in this Privacy Policy. For complaints that cannot be resolved between Sherlock and the complainant, disputes will be resolved pursuant to Sections 13.4 through 13.6 of the Terms of Use. For the avoidance of doubt, the dispute resolution procedures will be conducted in English.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at:

https://feedback-form.truste.com/watchdog/request/

Under certain conditions individuals may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. In addition, the United States Federal Trade Commission is the statutory body that has jurisdiction to hear any claims against Sherlock regarding possible unfair or deceptive practices and violations of laws or regulations governing privacy.

Effective Date of this Privacy Policy

This Privacy Policy is effective as of the Effective Date set forth at the top of this document.