Privacy Policy

Protecting your private information is our priority. Here's a summary of our commitments to you:

  • We never sell your data.

  • We never advertise in Sherpa.

  • We don’t own the content you add to Sherpa.

  • We use the latest security industry best practices to protect you.

  • We are transparent about our practices and will notify you if things change.

  • We are compliant with FERPA

This Statement of Privacy applies to www.sherpalabs.co and the Sherpa platform, and governs data collection and usage. For the purposes of this Privacy Policy, unless otherwise noted, all references to Sherpa include www.sherpalabs.co, the Sherpa platform, and all other applications provided by Sherpa Labs, Inc. By using the Sherpa website, you consent to the data practices described in this statement.


Our Commitment
to Protecting Childrens' Privacy


Everyone at Sherpa takes the privacy of students and children extremely seriously. We do not intentionally target our services to students or children of any kind. Educators that have the authority to act on parents’ behalf may allow students under 13 to use our services and products, if such use is for educational purposes, and if this use ensures that students will not provide any personal information and will not share, or otherwise, distribute recordings containing personal information.

In order to provide the utmost level of data privacy and security for users under the age of 18, we require all users to indicate whether they are 18 years of age or older, or under 18 years of age, at the time that they sign-in. For those users under 18, we:

  1. Remove their email addresses and device-level IP addresses from any data shared with third parties.

  2. Remove them from any email communications, other than essential email notifications.

  3. Reserve the right to refuse to provide them with customer service support.

  4. Restrict access to certain features within the Sherpa product experience.

  5. Reserve the right to implement differentiated content retention policies for these users, through such methods that may include, but are not limited to, reducing the length of time that user content is available on the Sherpa service.

  6. Delete all user-generated Sherpa content on the one-year anniversary of its creation.

At any time, you may correct, update, remove or request access to personal information we may have about you by sending an email request. Parents and educational institutions that have provided minor students with access to Sherpa may correct, update, remove or request access to the minor’s personal information by sending an email request to shaury@stanford.edu.


Personal information we collect


We handle personal information of our website visitors and users of our platform – which includes both students and teachers. These individuals may provide information about themselves (e.g., teachers and students who sign up to use the platform) as well as about each other (e.g., teachers who provide information about their students).

This information may include:

  • Account and profile information, such as information needed to create your account, including first and last name, preferred name, email address, and school name.

  • Content and activity, such as your conversations with the AI chatbot, your video footage (if opted in to use camera-enabled conversations), and other information you submit through the platform or that is associated with your engagement with the Services.

  • Feedback or correspondence, such as information you provide when you contact us with questions, feedback (including about our service providers), or otherwise correspond with us online.

  • Testimonials. We may collect certain information (such as your name, photo, and/or video) if you choose to give us a testimonial about your experience with the Services. With your permission, we may post your testimonial and related information publicly on the Services. To request the removal of your testimonial, please contact us at shaury@stanford.edu.

  • Marketing information, such as your preferences for receiving communications about our Services, and details about how you engage with our communications.

  • Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.


We do not collect any personal information about you unless you voluntarily provide it to us.



Information we obtain from third parties

  • Social media information. We may maintain pages on social media platforms, such as Google, Facebook, LinkedIn, and other third-party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use, and processing of your personal information. You or the platforms may provide us with information such as your biographical, educational, and professional experience, and we will treat such information in accordance with this Privacy Policy.



Automatic data collection


We and our service providers may automatically log information about you, your computer or mobile device, and your interactions over time with our Services, our communications, and other online services, such as:

  • Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 4G), and general location information such as city, state or geographic area.

  • Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, browsing history, navigation paths between pages or screens, information about your activity on a page or screen, access times, duration of access, and whether you have opened our marketing emails or clicked links within them.


We use the following tools for automatic data collection:

  • Cookies, which are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns.

  • Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.


How we use your personal information

To operate our Services

  • Provide, operate, maintain, secure, and improve our Services.

  • Provide you with customer service.

  • Communicate with you about our Services, including by sending you announcements, updates, security alerts, and support and administrative messages.

  • Understand your needs and interests, and personalize your experience with our Services and our communications.

  • Respond to your requests, questions, and feedback.

Research and development


We may use your personal information for research and development purposes, including to analyze and improve our Services and our business. As part of these activities, we may create aggregated, de-identified, or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve our Services and promote our business.


Marketing


We may collect and use your personal information for marketing purposes. We may from time-to-time send you direct marketing communications as permitted by law, including, but not limited to, notifying you of special promotions, offers and events via email and in-app notifications. You may opt out of our marketing communications as described in the “Opt out of marketing communications” section below.


Compliance and Protection


Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

  • Protect our, your or others’ rights, privacy, safety, or property (including by making and defending legal claims).

  • Audit our internal processes for compliance with legal and contractual requirements and internal policies.

  • Enforce the terms and conditions that govern our Services.

  • Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.


Breach Policy


In the unlikely event that Sherpa comes to suspect a breach of the robust protective measures we have in place with respect to the data we collect, we will carry out an expeditious assessment of whether someone has, in fact, obtained unauthorized access to your protected data. For purposes of this policy, a breach is any unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information that we maintain.


If we determine that a breach has occurred, or even if we conclude that it’s reasonably likely to have taken place, we will immediately send you notice setting forth the following information:


  1. Date of the breach;

  2. Types of information subject to the breach;

  3. A description, in clear and plain language, of the nature of the breach, what occurred, and all reasonably likely consequences of the breach;

  4. Steps we are taking and those proposed to be taken to address the breach (including, where appropriate, any measures to mitigate its possible adverse effects).

  5. The name and contact information of a designated Sherpa representative that you can contact to discuss the matter further, ask questions, request further information, etc.


Should your use of Sherpa be part of a formal arrangement with a school district or other educational agency (regardless of whether your relationship with that institution is as a student, teacher, administrator, staff member, or something else), we will also provide the same notice via email and telephone to those person(s) designated by the district/agency for receipt of such information. In such an instance, you may receive notice of the breach described above directly from the district/agency on our behalf.


In either case, and regardless of whether we determine that a breach has actually occurred or not, we will adhere to all national, state and local data breach regulations applicable to the impacted user(s), which may include providing notice to legal authorities, as mandated by the laws of your country and/or regional/local jurisdiction.


Changes to this Statement


Sherpa reserves the right to change this Privacy Policy from time to time. We will notify you about significant changes in the way we treat personal information in the following ways:


  • Sending a notice to your primary email address, and to authorized account administrators in the case of minors

  • Placing a prominent notice on our site and our applications, and requiring your acknowledgement in order to proceed with use

  • Updating any privacy information on this page.


Your continued use of the Site and/or Services available through this Site after such modifications will constitute your: (a) acknowledgment of the modified Privacy Policy; and (b) agreement to abide and be bound by that Policy.


How we share your personal information


Other authorized users of the Services. We may share certain of your personal information with other users of the Services, to the extent those users belong to the same educational institution as you. For example, teachers will be able to view their own students’ completed assignments and conversations through the AI chatbot.

Service providers. We may share your personal information with third-party companies and individuals that provide services on our behalf or help us operate our Services (such as lawyers, bankers, auditors, insurers, customer support, hosting, analytics, email delivery, marketing, and database management).

Authorities and others. We may disclose your personal information to law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transfers. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution. In such a case, we will make reasonable efforts to require the recipient to honor this Privacy Policy.


Your choices


Access, update, or delete your account information. You can request for your personal information, or that we delete your account by emailing us at shaury@stanford.edu. Please note that (1) we may have to retain some information after your account is deleted, to comply with legal obligations, to protect the safety and security of our community or our Services, or to prevent abuse of our terms and (2) we may retain anonymous data after you delete your account, in order to improve the operation of our Services.

Opt out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email. You may continue to receive service-related and other non-marketing emails.

Online tracking opt out. There are a number of ways to limit online tracking, which we have summarized below:

  • Blocking cookies in your browser. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.

  • Using privacy plug-ins or browsers. You can block our services from setting cookies by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, DuckDuckGo, Ghostery or uBlock Origin, and configuring them to block third party cookies/trackers.

Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.


Other sites, mobile applications, and services


Our Services may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.


Security


Please note that any information you send to us electronically, while using the Services or otherwise interacting with us, may not be secure when it is transmitted to us. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us. Please be aware though that, despite our best efforts, no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” Any information you transmit to us you do at your own risk.


Changes to this Privacy Policy


We may modify this Privacy Policy from time to time in which case we will update the effective date at the top of this Privacy Policy. If we make material changes to the way in which we use information we collect, we will use reasonable efforts to notify you (such as by emailing you at the last email address you provided us, by posting notice of such changes on our website, or by other means consistent with applicable law) and will take additional steps as required by applicable law.


How to Contact Us


Please direct any questions or comments about this Policy or our privacy practices to: shaury@stanford.edu.

Conversation Breeds Understanding

Take a glimpse at the future of the classroom

Begin your first Conversation