EFFECTIVE DATE: April 11, 2018
What Types of User Information Does Sherlock Obtain?
Visitors to the Sherlock Website. If you are a visitor to the Sherlock website or a Sherlock client (“Client”) who registers or signs into the Sherlock website (including for purposes of obtaining a free trial of Sherlock’s services), we may obtain the following types of information from you or concerning your computer or device (“Sherlock Client Information”), which may include information that can itself be used to identify and/or contact you (“Personally Identifiable Information”):
Website name and URL
Credit card number
Visitor site preferences
Sherlock may also receive certain information that may be provided by your browser or mobile device, including:
Operating system information
Mobile device information (e.g., device identifier, mobile operating system, etc.)
Time of visit
Time of last visit
Referring site, application, or service, including the relevant search queries that led you to Sherlock’s website
Visitors to Sherlock’s Clients’ Websites. Our Clients may use customized and proprietary Sherlock’s code, software and/or services (“Service(s)”) to obtain information regarding the activities that users engage in while visiting their web pages (“Client User Data”). When a user visits a website that uses Sherlock’s Service, Sherlock code contained on the website contacts Sherlock’s servers and enables Sherlock to collect Client User Data. Some Clients may also use their own code to obtain Client User Data and then send such information to Sherlock’s servers. Client User Data may include Personally Identifiable Information, including, but not limited to, the types of information listed for Sherlock Client Information above.
Client User Data is stored on Sherlock’s web servers and databases (including those hosted on third party servers on behalf of Sherlock) for use in performing analysis and producing reports for the applicable Sherlock Client. In addition, Sherlock itself uses the Sherlock Service in order to obtain insights into visitors’ activities on its own websites, which include, as of the Effective Date, http://www.sherlockscore.com and http://blog.sherlockscore.com.
Sherlock’s collection and analysis of Client User Data helps our Clients to evaluate and understand how their users are interacting with their websites, and potentially, to modify their websites in order to make them more valuable or useful for their users. Sherlock’s Clients determine the types of Client User Data that are sent to Sherlock’s servers for analysis. This data may include or be linked to Personally Identifiable Information depending on how the Client uses Sherlock’s Services on its website(s). Sherlock’s Clients are contractually prohibited from sending personally sensitive Client User Data (e.g. personal health information, political opinions, religious or philosophical beliefs) to Sherlock and Sherlock does not knowingly receive such data.
In addition, Sherlock may collect certain information about a Client’s visitor’s computer that may be provided by the visitor’s browser. This includes browser information, operating system information, mobile device information, IP address, time of visit, and the referring site, application, or service. Such information may be collected and shared with the Sherlock Client even though not specifically requested by the Client.
How Do We Use This Information?
Visitors to the Sherlock Website. We use the Sherlock Client Information, including Personally Identifiable Information, to register your account, fulfill your requests, understand how you are engaging with Sherlock, communicate with you, determine if you are satisfied with the Service, process billing for Sherlock Services, and personalize your experience on the Sherlock website and with the Sherlock Service.
We may also use Sherlock User Information to facilitate the delivery of content or advertisements that we believe may be of interest to you, or to communicate with you about new or existing products and services or special offers. For more information on opting out of these communications, please see the section on “User Privacy Controls” below.
Visitors to Sherlock’s Clients’ Websites. Except as described in the “Disclosure of Information to Third Parties” section below, Sherlock never sells or shares any Client User Data with individuals or companies other than the specific Client whose website transmitted the Client User Data to Sherlock.
Sherlock does not collect or aggregate information about end user behavior across multiple, different websites that are operated by different Clients, nor does it use any Client User Data for purposes of behavioral advertising. However, Sherlock may analyze Client User Data in the aggregate for purposes of internal research and/or to determine overall trends or metrics concerning how users are engaging with websites, and may report such general trends publicly, without disclosing any Client User Data.
Depending on how our Clients use Sherlock’s Services, information contained in Sherlock cookies placed on the computers of end users may be linked to Personally Identifiable Information in Sherlock’s database. This allows our Clients to use the Sherlock Service to better analyze and measure their users’ interactions with their website and to organize activities by the same user on their website across time.
Please note that if you set your browser to reject cookies, some features of the websites you visit may be unavailable. For more information on how to reject cookies, see your browser’s instructions on changing your cookie settings. Additionally, please note that rejecting cookies may also prevent you from opting out of our Service because that involves placing an opt-out cookie in your browser.
Web Beacons. Sherlock may also collect certain information using Web Beacons. “Web Beacons” are electronic images that may be used on Sherlock’s Website, in Sherlock’s Service, or in our email communications. They are used, for example, to count website visits or to tell if an email has been opened and acted upon.
Disclosure and Transfer of Information to Third Parties
Service Providers. Information, including Sherlock Client Information, Client User Data, and any Personally Identifiable Information contained therein, may be shared with certain third-party companies and individuals that help facilitate technical and administrative aspects of the Sherlock Service (e.g., credit card processing), or perform functions related to the administration of Sherlock (e.g. hosting services). These third parties perform tasks on our behalf and are contractually obligated not to disclose or use Sherlock User Information or Client User Data for any other purpose, and to employ adequate security measures to prevent unauthorized access to such data. However, Sherlock is not responsible in the event that Personally Identifiable Information is disclosed as a result of a breach or security lapse by any such third party.
Sherlock Clients. Sherlock Clients may share Client User Data with service providers (e.g. customer relationship management platforms) that perform tasks on behalf of Sherlock Clients. Sherlock contractually requires the Clients to disclose such practices to its users.
Change of Control. If Sherlock, or substantially all of its assets, is acquired by another company or successor entity, Sherlock Client Information and/or Client User Data will be one of the assets transferred or acquired by the purchaser or successor. You acknowledge that such transfers may occur, and that any purchaser of or successor to Sherlock or its assets may continue to collect, use and disclose your information acquired prior to such transfer or acquisition as set forth in this policy.
User Privacy Controls and Do Not Track Signals
Clients and Visitors to the Sherlock Website. Sherlock offers several ways for you to review and update account information that is obtained and stored by Sherlock, or to change your Sherlock communication preferences:
If you have a Sherlock account, you can review or update your account information by contacting us at firstname.lastname@example.org.
You may unsubscribe to any of our e-mail or direct message communications regarding updates or products by following the unsubscribe instructions in the body of any message.
You may contact us at email@example.com, attn: Sherlock Privacy Office.
Do Not Track Signals. Sherlock Clients decide whether their use of Sherlock’s Service is responsive to Do Not Track signals from browsers, and whether Sherlock will be notified of a Do Not Track signal received from a user’s browser. If a Sherlock Client enables the forwarding of a Do Not Track signal to Sherlock, Sherlock will attempt to read the signal and will not collect any Client User Data from a user visiting that Sherlock Client’s website during that session, following receipt of the Do Not Track signal. The Do Not Track signal is browser-specific, and will not work for mobile devices. If a Sherlock Client does not forward Do Not Track signals to Sherlock, then Sherlock will not have any access to such signals from the Client’s users, and such signal will have no effect on Sherlock’s collection or use of data received from that user during the applicable session(s).
Visitors to Sherlock’s Clients’ Websites. If you wish to opt out of Sherlock’s collecting Client User Data when you visit Sherlock’s Client Websites, please see the Sherlock’s Tracking Opt-Out Instructions or opt-out directly below.
Opt-in/Opt-out of Sherlock Tracking
If you would like to opt out of Sherlock tracking, you can email firstname.lastname@example.org.
Unlike the Do Not Track signal described above, which applies only to Sherlock Clients who have activated the functionality, this opt-out mechanism applies to all Sherlock Client websites, meaning that no user data will be collected about you on any such websites. Please note that if you use a different device or Internet browser than you used when opting out of Sherlock’s Service, or if you clear your cookies, Sherlock will not be able to view the opt-out and will collect Client User Data when you visit Sherlock Client websites. In these circumstances, you will need to revisit the link above from the new browser or device in order to reiterate your opt-out decision for that device or browser.
We may contact you by e-mail or other equivalent electronic communications if you access Sherlock products or services. By registering or using Sherlock Services, you specifically consent to the receipt of these e-mail or text message communications. If you do not want to receive emails or other communications from us, please follow the unsubscribe instructions in the body of such communications or notify us by email at email@example.com.
How We Protect Your Personal Information
Sherlock has implemented reasonable security mechanisms to protect Sherlock Client Information and Client User Data that is maintained on Sherlock’s servers from loss, misuse and unauthorized access, disclosure, alteration and destruction. Examples of these security mechanisms include limited and password-protected access, high security public/private keys, encryption on processed data, and SSL encryption to protect transmission of data.
However, please keep in mind that no security system is impenetrable. It may be possible for third parties to intercept or access Sherlock Client Information and Client User Data in spite of these measures. Sherlock cannot guarantee the security of your information and cannot be held responsible for unauthorized access to Sherlock client accounts.
Our Policy Toward Children
Our Site and Service is not directed to children under 13. We do not knowingly collect personally identifiable information from children under 13 or from websites that are targeted to children under 13. If you are under 13, please do not attempt to register or send any information about yourself to us, including your name, address, telephone number, or email address. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without their consent, he or she should contact us as provided below. If we become aware that a child under 13 has provided us with personally identifiable information, we will delete such information from our servers.
How to Contact Us
Sherlock Privacy Office
℅ Space Pencil, Inc
847 Sansome Street, Lower Level
San Francisco, CA 94111
We will use reasonable efforts to respond promptly, within 10-20 business days, to requests, questions or concerns you may have regarding access to Personally Identifiable Information about you that we have collected. We may contact you for follow up information.
Safe Harbor and Privacy Shield Rights and Dispute Resolution
Sherlock complies with the U.S. – E.U. Privacy Shield framework and the U.S. – Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Sherlock has certified that it adheres to the Safe Harbor and Privacy Shield Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor and Privacy Shield programs, and to view Sherlock’s certification, please visit http://www.export.gov/safeharbor/ and https://www.privacyshield.gov/ .
With respect to personal information received or transferred pursuant to the Privacy Shield Framework, Sherlock is subject to the investigatory and regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Sherlock may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Under Safe Harbor and Privacy Shield individuals have the right to access information held about them and amend or delete it if it is inaccurate. Any such requests or inquiries should be directed to the Sherlock Privacy Office; contact information is provided above under “How to Contact Us”
Under Safe Harbor and Privacy Shield individuals must have the choice to opt out of the collection and forward transfer of the data to third parties. Sherlock’s options for doing so are explained under “User Privacy Controls” Sherlock further certifies that it complies with Safe Harbor and Privacy Shield policies regarding the onward transfer of data to third parties. Information about onward transfer and disclosure is available under “Disclosure and Transfer of Information to Third Parties”
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at:
Under certain conditions individuals may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. In addition, the United States Federal Trade Commission is the statutory body that has jurisdiction to hear any claims against Sherlock regarding possible unfair or deceptive practices and violations of laws or regulations governing privacy.