Sherpa Privacy Policy
One on One Sherpa, LLC (“Sherpa”) is committed to safeguarding your privacy on our website located at http://sherpacrm.com, our online Sherpa CRM Software application and our Sherpa CRM Mobile App. We use this privacy policy to clearly disclose to you our privacy practices in a manner that is easy to understand. If there is something you do not understand about our privacy practices, please feel free to contact us at privacy@sherpacrm.com.
We may change this policy from time to time so please check back often. If we significantly change our collection, use, or disclosure practices, we will try to send you a notice via email if you have provided us with an email address.
What information do we collect from you?
We collect information in several ways. Some of the information we collect is personal to you or your company. Other information is anonymous. We collect contact and registration information, information in contact-us forms, bill payment information, information you post in interactive areas, website activity information, and data submitted to our CRM software and mobile app.
- When you ask us to contact you, we ask for your name and email address
- When you register, we also collect your address, and phone number along with information about your company
- When you log in, we collect your email address and password
- When you report a problem with our site or services we will collect contact information along with a description of your problem
- When you contact us via the company email address, we will collect your contact information and any information you include in your email
- When you order a product or service from us or pay a bill online we ask for transaction information including your mailing address, phone number, email address and payment information
- Information you post in interactive areas of our website such as our Intra-Sherpa Forum or our Intra-Sherpa Messaging Function
- When you visit and navigate our site, use our applications or third party sites, or open our emails, we may collect technical information about your use of our site including IP address, device identifier, and viewing information
- When you use our Sherpa CRM Software or Sherpa CRM Mobile App, we collect information about your customers and potential customers along with information about your efforts with respect to your customers (collectively, “CRM Data”). This includes (i) company background information such as name, category and community, phone number, website, size, level of care, (ii) prospect profiles, including contact information (including name, age/date of birth, gender), community, sales journals and strategy, photographs, life stories, typical day, key decision influencers, care information (including status, counselor information, care type, date information, and related information); (iii) unit descriptions, occupancy status, amenities, pricing; and (iv) sales team member and professional decision influencer contacts and profiles; and (v) Intra-Company forum to collect and display company specific occupancy documents, creative follow up or event related templates.
How do we collect information from you?
Direct Collection
We collect much of the information listed above directly from you when you submit it on our website. This includes information such as registration information, contact information, user submissions, and public postings. If you do not want to share your information, you can choose not to participate in a particular service or activity.
Indirect Collection
- Provide you with personalized content based on your use of our site
- Enable you to more easily use our site and the Sherpa CRM by remembering and using contact information, purchasing information, and registration information
- Evaluate, monitor and analyze the use of our site and its traffic patterns to help improve our site and services
- Assist us with ad reporting functions such as to learn which ads are bringing users to our website
Cookies
A cookie is a small amount of data that is sent to your browser from a Web server and stored on your computer’s hard drive. Cookies enable us to identify your browser as a unique user. Cookies may involve the transmission of information from us to you and from you to us. Cookies may also be used by another party on our behalf to transfer information to us in accordance with their privacy policy. Some cookies are “persistent cookies.” They are used by us each time you access our website. Other cookies are called “session cookies.” Session cookies are used only during a specific browsing session. We may use a session cookie, for example, to remember that you have already navigated through a particular menu, or that you have entered in age information for a portion of a site that is restricted by age. We may also use “analytics cookies” that allow web analytics services to recognize your browser or device and, for example, identify whether you have visited our website before, what you have previously viewed or clicked on, and how you found us. This information is provided anonymously for statistical analysis only. Analytics cookies are usually persistent cookies. We use Google Analytics javascript for traffic reporting.
Log Files
Like most standard website servers, we use log files. Log files track Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks. We utilize this information to analyze trends, administer the site, prevent fraud, track website navigation in the aggregate, and gather broad demographic information for aggregate use.
How do we use your information?
Our main goal in collecting information is to improve the website and mobile app and provide you with the best possible experience on the website and mobile app.
For example, by using the information we collect, we can provide you with an easy to use and readily available Intra-Sherpa Forum to display company specific occupancy documents, creative follow-up or even related templates.
We will also use your personal information to:
- Notify you of other products, services and apps available from Sherpa and our affiliates
- Enable you to participate in online transactions
- Personalize online content so that is applies to you and your interests
- Make our products, services, the Sherpa CRM, the Sherpa Mobile App and the Sherpa Website better
- Compile, analyze and do research on our users’ demographics and behavior
- Detect, investigate and prevent activities that may violate our policies or be illegal
- We use, and share location data only to provide and improve our services.
Who is collecting information?
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Except as provided in this Privacy Policy, only Sherpa and our affiliates and service providers will have access to your personal account information.
When you are on our site and are asked for personal information, you are sharing that information with Sherpa and our affiliates and service providers. If personal data is to be collected and/or maintained by any company other than Sherpa or its affiliates, we will try to notify you on the website or in an updated version of this Privacy Policy. If you do not want your data to be shared, you can choose not to allow the transfer by not using that particular service. Other websites to which we link may collect personally identifiable information about you when you visit those sites. The information practices of other websites linked to our websites are not covered by this Privacy Policy.
With whom does Sherpa share my information?
We will not disclose any of your personally identifiable information except when we have your permission, when required by law, for security and compliance, to service providers working on our behalf, or if or if we sell our company or assets. We may also disclose information to third party partners in blinded or aggregated form that does not identify individuals.
These are some of the ways that your information may be disclosed:
Service Providers
We occasionally hire other companies to provide limited services on our behalf, including mailing, website development and operation, answering customer questions about products or services, sending postal mail or email, analyzing website use, processing payments, providing investor information and processing data. We will only provide those companies the information they need to deliver the service, and they are contractually prohibited from using that information for any other reason.
Data in the Aggregate
We may disclose “blinded” aggregated data and user statistics and blinded and aggregated versions of the Client Data to prospective partners and other third parties. Blinded data is data that does not identify an individual person.
Other
We also may disclose your information in special cases. For example, when we believe that we must disclose information to identify, contact or bring legal action against someone who may be violating our Terms of Use, or may be causing injury to or interference with our rights or property, other website users or customers, or anyone else who may be harmed by such activities. We may disclose or access account information when we believe in good faith that the law requires it and for administrative and other purposes that we deem necessary to maintain, service and improve our products and services. As we continue to develop our business, we may buy or sell businesses or assets. In such transactions, confidential customer information generally is one of the transferred business assets. In the event of a transaction involving the sale of some or all of Sherpa’s businesses, customer and site visitor information may be one of the transferred assets and may be disclosed in connection with negotiations relating to a proposed transaction. In such case, the transferred information may become subject to a different privacy policy.
How can I control my personal information?
To make a request to view, edit or delete your personal information, contact us at us at privacy@sherpacrm.com. You may also disable some collection through your browser settings or Google’s opt-out tool. If you are a resident or a prospective resident of a senior living community, make your request through your community or facility.
We offer our customers choices for the collection, use and sharing of personal information. You may contact us at privacy@sherpacrm.com if you wish to view, edit, or delete your personal information from our database, and we will use commercially reasonable efforts to accommodate your request. If you are a resident or prospective resident of a senior living community, your information is collected through that community and Sherpa is acting as a service provider to that community. Make any request relating to your information through your community or facility. Sherpa complies with requests from our customer communities as to CRM Data of residents and prospective residents. If you believe that any inaccurate or inappropriate information has been obtained or provided to others through your use of this website, you should contact us at privacy@sherpacrm.com.
You may disable browser cookies in your browser or set your browser to warn you when a cookie is being sent. You may lose some features or functionality when you disable cookies. Remember, also, that disabling cookies is browser specific. If you log on using Google Chrome, you must also disable cookies in Safari if you use that browser at a different time. You may opt-out of Google Analytics collection by downloading the browser plugin “Google Analytics Opt-out Browser Add-on” here To ensure that you will not receive recurring marketing or other information from us unless you choose to, we will provide you with simple instructions on each marketing email from Sherpa for you to let us know that you have chosen to stop receiving such emails from us. |
How does Sherpa protect financial-related information?
We use commercially reasonable efforts to protect your financial-related information.
As a matter of policy and long-time business practice, we do not sell information provided by our users. Any user statistics that we may provide to prospective partners regarding financial matters are provided in the aggregate only and do not include any personally identifiable information about any individual user. We will transfer your credit card number, bank account number or other personal information to the appropriate credit card company or bank in order to process any online payments.
What security precautions are in place to protect against the loss, misuse, or alteration of my information?
We use encryption for financial transactions and other designated areas of our website. We use commercially reasonable efforts to protect your information when it is in our system.
Your Sherpa Account Information and Sherpa Profile are password-protected so only you have access to this personal information. We use encryption technology for credit card numbers, bank account numbers, passwords, and registration information. Remember to sign out of your Sherpa account and close your browser window when you have finished your work. This is to ensure that others cannot access your account by using your computer when you are away from it. We use Secure Socket Layer (SSL) encryption for access to and use of the Sherpa CRM.
Because information sent through the Internet travels from computer to computer throughout the world, when you give us information, that information may be sent electronically to servers outside of the country where you originally entered the information. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. Except as specifically stated, this site does not use security encryption measures. You will know that a webpage uses TLS encryption when you see “https” or the padlock symbol in your browser URL. Information that you disclose by use of this site (as with any site that is non-secure), by posting a message or using e-mail, potentially could be collected and used by others. This may result in unsolicited messages from third parties or use of such information by third parties for their own purposes, legal or illegal. As a result, while we strive to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us or from our services, and you do so at your own risk. Once we receive your transmission, we use commercially reasonable efforts to ensure its security on our systems.
What else should I know about my privacy?
lease keep in mind that whenever you voluntarily disclose information online, that information may be accessible to other customers and users. Ultimately, you are solely responsible for maintaining the secrecy of your passwords and/or any account information. Please be careful and responsible whenever you are online.
When you or we end your customer relationship with us, we will treat the information we have about you as if you were still our customer.
Your California Privacy Rights
California residents are entitled to additional protections under California Law including the right to request information about third parties to whom we disclose information for marketing purposes.
California Shine the Light Law
California Civil Code Section 1798.83 permits our visitors who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email or written request at the address below.
Make sure to state that you are a California Resident.
Do Not Track
Our website does not support DNT codes.
Do Not Track (DNT) is a privacy preference that users can set in their web browsers. While the United States Federal Trade Commission has endorsed DNT, our website does not support DNT codes.
California Consumer Privacy Act
Under the CCPA, you have the right to know what information is being collected and how it is being sold or disclosed, the right to say no to sales of your information, the right to access and delete your information and the right to equal service and price based on your privacy choices. To make a request, contact us at privacy@sherpacrm.com. If you are a resident or prospect at a senior living community, contact your community to make a request.
We collect identifiers, personal information listed in the California Customer Records Statute, Commercial Information, Internet or Other Network Activity Information, and Geolocation Data. We collect this information from you, from senior living communities and from other third parties. We use, share and retain your information as described above. Much of the information we collect is subject to the B2B exception to the CCPA.
This Privacy Notice for California Residents supplements the information contained in above in our general privacy policy and applies solely to visitors, users, and others who reside in the State of California.
Your Rights
The California Consumer Privacy Act (“CCPA”) grants State of California residents the following rights, to:
- Know what personal information is being collected about them;
- Know whether their personal information is sold or disclosed and to whom;
- Say no to the sale of their personal information;
- Access their personal information;
- Have their personal information deleted; and
- Have the right to equal service and price, even if they exercise their privacy rights under this law.
Categories of Personal Information We Collect
We collect, or may collect, information that identifies you, your household or your device or is reasonably capable of being connected with or linked to you, your household, or your device (“Personal Information”). Personal information does not include public information available from government records, de-identified or aggregated information or information that is protected by certain laws such as HIPAA for health related information and the Gramm-Leach Bliley Act (GLBA) for certain financial information.
We collect the following categories of Personal Information:
- Identifiers
- First and last name
- Email address
- Mailing address
- Phone number
- Internet Protocol (IP) Address
- Personal Information Listed in the California Customer Records Statute
- The above identifiers
- Limited medical information included in CRM Data
- Characteristics of Protected Classifications
- Not collected
- Commercial Information
- Information you disclose when you ask us a question about our website or services
- Information about your residents including CRM Data described above.
- Biometric Information
- Not collected
- Internet or Other Electronic Network Activity Information
- Cookies
- Domain name
- Browser type
- Device identifiers including MAC address
- Device type
- Browser plug-in types and versions
- Operating system and platform
- Time zone setting
- Usage and viewing data
- Geolocation Data
- Information that tells us from where you access our website
- Sensory Data
- Not-collected
- Professional or Employment-Related Information
- Not-collected
- Non-public Education Information
- Not-collected
- Inferences Drawn from Other Personal Information
- Not collected
- From Third Parties. For example, when you pay a bill online, we may receive personal information from payment processors.
How We Share Your Personal Information
We share information in each of the above categories as follows:
- All categories of information
- We will share information in all of the above categories if our company is sold or we engage in a merger or other such transaction.
- We will share information in all of the above categories of information in connection with a law enforcement request that is compliant with the California Electronic Communications Privacy Act.
- Identifiers
- We share identifiers with service providers who use that information only to provide services to us such as website development and operating, sending postal mail or email, analyzing website use, job applications, and processing data.
- Personal Information Listed in the California Customer Records Statute
- We share credit card information with service providers who process payments on our behalf.
- Internet or Other Electronic Network Activity Information
- We share this information with our data analytics providers
How We Use Your Information
See “How Do We Use Your Information” above to learn how we use your information. We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
How We Retain and Store Your Personal Information
We retain your personal information for as long as necessary to fulfill the purpose(s) for which we collected it and to comply with applicable laws. We use reasonable security precautions to protect your information while in storage.
Requests to Know
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
•The categories of personal information we collected about you.
The categories of sources for the personal information we collected about you.
•Our business or commercial purpose for collecting or selling that personal information.
•The categories of third parties with whom we share that personal information.
•The specific pieces of personal information we collected about you (also called a data portability request).
•If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
•sales, identifying the personal information categories that each category of recipient purchased; and
•disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Requests to Delete
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
1. Complete the transaction for which we collected the personal information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise performing our contract with you.
2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
3. Debug online services to identify and repair errors that impair existing intended functionality.
4. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
5. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
6. Comply with a legal obligation.
7. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
How to Submit a Request to Know or a Request to Delete
To request this information please submit a verifiable consumer request to us by either:
•Mailing us at the address below and asking for a Consumer Request Form
•Emailing us at privacy@sherpacrm.com and asking for a Consumer Request Form
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. To designate an authorized agent, email us at privacy@sherpacrm.com and we will provide you with a form to make a designated agent request.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. To make a request, you must:
- Mail or Email us to receive a CCPA Consumer Request Form
- Complete the CCPA Consumer Request Form
- Provide sufficient information that allows us to reasonably verify that you are the person about whom we collected personal information or that you are an authorized representative
- If you request the categories of information we collect, we require your first and last name and your email address.
- If you request the specific information or to have your information deleted, we require your first and last name, email address and information about your two most recent transactions with us.
- Describe your request with sufficient detail that allows us to understand, evaluate and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We will try to respond to your request within forty-five (45) days of when we receive it. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily
useable and should allow you to transmit the information from one entity to another entity without hindrance, specifically by electronic mail communication.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
An amendment to the CCPA provides an exemption to the Right to Know and Right to Delete for personal information between a business and a person who is acting as an employee, director, officer, or contractor of a company, partnership, sole proprietorship, nonprofit, or government where the information is used in the context of a business transaction.
How to Submit an Opt-Out Request?
We do not and will not sell your personal information to third parties. If we change that practice in the future, we will update our privacy policy and provide an opt-out link pursuant to the CCPA. We will treat any information that we collected prior such a change as though you opted-out of the sale of your personal information.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Address for California Privacy Requests
Privacy
Sherpa, CRM
3030 Locust Street St. Louis, Missouri 63103
Please include your name, street address, city, state, and zip code (your street address is optional if you wish to receive a response to your request via email). We will not accept requests via the telephone or by fax. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.
Who do users contact with questions or concerns about our Privacy Policy?
If you need further assistance, please send an e-mail with your questions or comments to privacy@sherpacrm.com or write us at:
Privacy
Sherpa, CRM
3030 Locust Street St. Louis, Missouri 63103
Your Nevada Privacy Rights
Sherpa does not sell your personal information. Nevada law (SB 220), permits customers in Nevada to opt-out of the sale of certain kinds of personal information. A sale under Nevada law is the transfer of this personal information to third parties for monetary consideration so these third parties can then re-sell or license the sold information. We do not sell your personal information to third parties as defined in Nevada law.
Special Privacy Provisions for Children Under 13
Sherpa does not collect information from children under the age of 13.
Your UK Data Protection and Privacy rights
Important
Sherpa is a processor of its customers’ data in the Sherpa CRM which is also accessed through the Sherpa app. The Sherpa customer is the controller and is responsible for compliance of the CRM data and its use of that data. CRM data is hosted in the Republic of Ireland, however our staff in the US may access CRM data for US for the purpose of service provision (e.g. support) on the basis of “standard contractual clauses” between us as processor and our European customers as controllers. This privacy policy does not cover our customers’ use of the CRM data. Please contact the Sherpa customer if you have any queries about the CRM data, the customer’s use of that data or to exercise your data protection or privacy rights in relation to the CRM data.
Sherpa and data protection
Summary
Sherpa uses your data for legitimate business reasons:
- marketing our prospective and actual business customers, and
- accounts, records and business administration purposes.
To exercise your rights, please contact us at contact us at privacy@sherpacrm.com.
Further details
You have a right to the following information about our use of your ‘personal data’ as defined in UK data protection laws.
1. Our identity and contact details: please see “Who do users contact with questions or concerns about our Privacy Policy?” above.
2. Our purposes for using your data: please see “How do we use your data?” above.
3. We use your data where it’s in our legitimate interests to do so. Those legitimate interests are:
a. to conduct B2B marketing
b. accounts and records and business administration purposes, including responding to enquiries, processing transactions, analysis, protecting our interests and protecting and improving our products and services (the Sherpa CRM, Sherpa app and website): please see “How do we collect information from you?” and “How do we use your data?” above for further details.
4. Recipients of your data: this includes service providers and other parties in a merger or acquisition; please see “With whom does Sherpa share my information?” above.
5. Transfers of personal data: we are in the US. If you are a business in Europe, please be aware that if you contact us outside of our products and services, for example through our website or by email, and send us personal data, that you will be transferring personal data to us in the US.
6. Storage period for your data: this will be for as long as we need it; please see “How We Retain and Store Your Personal Information.” above. Please contact us if you want to know for how long we keep particular data of yours.
7. You have the right to request that we give you access to your data, rectify or erase your data or restrict our use of your data; you have a right to object to our use of your data (including for direct marketing), and if applicable, a right to data portability. To exercise your rights, please contact us.
8. You have a right to lodge a complaint about our use of your data with the Information Commissioner in the UK, https://ico.org.uk/global/contact-us/ or 0303 123 1113.
Please note that we use customer feedback for product improvement. We also set up and run analytic reports and use other reports generated in the Sherpa CRM to improve our products and for customer support purposes. With our customers’ permission, we will also create aggregated ‘blinded’ customer data to demonstrate our products and services. ‘Blinded’ means this data will not be in a form that identifies you. Please see “With whom does Sherpa share my information?” above for further information.
Sherpa and privacy
Summary
- You have a right to object to direct marketing. To do so please use the unsubscribe option in the communication or contact us at privacy@sherpacrm.com.
- We use a cookie in the Sherpa CRM for product improvement purposes. Our customers provide details of this cookie to users.
- We use mobile details to help troubleshoot issues in our app.
Further details
You have the right to opt-out of marketing from us. Please exercise your rights using the unsubscribe option in the emails or contact us at privacy@sherpacrm.com. We track email opens and click-throughs on links in the emails.
We include a cookie in our CRM to analyse use within the product, in order to improve the product and user experience within the product. Our customers are required to provide details of this cookie to users and to collect any necessary consent.
To help troubleshoot issues in our app as part of our service to customers, we collect the user’s device details, operation system version and app version. We do not collect this data in the CRM.
For further information on cookies please see “How do we collect information from you?” and “How can I control my personal information?” above.
Page updated 09/21/2022