Privacy Policy
Protecting your private information is our priority. Here's a summary of our commitments to you:
We never sell your data.
No mobile information will be sold or shared with third parties for promotional or marketing purposes
We never advertise in Sherpa.
We don’t own the content you add to Sherpa.
We use the latest security industry best practices to protect you.
We are transparent about our practices and will notify you if things change.
We are compliant with FERPA
This Statement of Privacy applies to www.sherpalabs.co and the Sherpa platform, and governs data collection and usage. For the purposes of this Privacy Policy, unless otherwise noted, all references to Sherpa include www.sherpalabs.co, the Sherpa platform, and all other applications provided by Sherpa Labs, Inc. By using the Sherpa website, you consent to the data practices described in this statement.
Our Commitment
to Protecting Childrens' Privacy
Everyone at Sherpa takes the privacy of students and children extremely seriously. We do not offer our services directly to students or children. When Sherpa is used by an educational institution, students and families may interact with Sherpa only under the direction and control of the institution, and Sherpa acts as a ‘school official’ under FERPA.
SMS to Families
Sherpa utilizes AI-powered SMS agents to facilitate communication between families and educational institutions regarding attendance. These agents operate under strict privacy controls:
Data Use and Transparency:
The AI SMS agents process limited data such as attendance records and general academic performance to send personalized messages and alerts.
Families are informed at the beginning of interactions that they are communicating with an AI-powered agent. They are given clear Opt-In instructions in compliance with the TCPA.
Families may voluntarily provide information through SMS (such as reasons for absences). Sherpa processes this information solely for the purpose of routing it to the appropriate school personnel, in accordance with FERPA.
Families may opt-out of communications at any time following clear instructions provided in each message.
All data from interactions are handled according to our data retention policy, ensuring data is not held longer than necessary.
Communications through AI SMS agents are secured and encrypted to protect family privacy.
When Sherpa is used by an educational institution, the institution may provide Sherpa with student information necessary to deliver the Services, such as attendance records, contact information for parents or guardians, and other relevant educational data. Sherpa processes this information solely for the purpose of providing the Services under the direction of the institution.
Sherpa’s AI-powered SMS agents assist with communication and data collection, but all attendance decisions, interventions, and determinations are made by authorized school personnel. Sherpa does not make attendance decisions or take disciplinary action.
How we use your personal information
To operate our Services
Provide, operate, maintain, secure, and improve our Services.
Provide you with customer service.
Communicate with you about our Services, including by sending you announcements, updates, security alerts, and support and administrative messages.
Understand your needs and interests, and personalize your experience with our Services and our communications.
Respond to your requests, questions, and feedback.
Research and development
Sherpa does not use personal information to train general-purpose AI models. We may use de-identified or aggregated data to improve the performance, safety, and accuracy of our Services.
Compliance and Protection
Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
Protect our, your or others’ rights, privacy, safety, or property (including by making and defending legal claims).
Audit our internal processes for compliance with legal and contractual requirements and internal policies.
Enforce the terms and conditions that govern our Services.
Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
Sherpa retains personal information only for as long as necessary to provide the Services or as required by the educational institution. Unless otherwise directed by a school, Sherpa deletes or de-identifies student information within 12 months of collection.
Sherpa is not a covered entity or business associate under HIPAA. Any health-related information shared by families (such as doctor’s notes) in connection with attendance is treated as an “education record” under FERPA, not as protected health information under HIPAA.
Breach Policy
In the unlikely event that Sherpa comes to suspect a breach of the robust protective measures we have in place with respect to the data we collect, we will carry out an expeditious assessment of whether someone has, in fact, obtained unauthorized access to your protected data. For purposes of this policy, a breach is any unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information that we maintain.
If we determine that a breach has occurred, or even if we conclude that it’s reasonably likely to have taken place, we will immediately send you notice setting forth the following information:
Date of the breach;
Types of information subject to the breach;
A description, in clear and plain language, of the nature of the breach, what occurred, and all reasonably likely consequences of the breach;
Steps we are taking and those proposed to be taken to address the breach (including, where appropriate, any measures to mitigate its possible adverse effects).
The name and contact information of a designated Sherpa representative that you can contact to discuss the matter further, ask questions, request further information, etc.
Should your use of Sherpa be part of a formal arrangement with a school district or other educational agency (regardless of whether your relationship with that institution is as a student, teacher, administrator, staff member, or something else), we will also provide the same notice via email and telephone to those person(s) designated by the district/agency for receipt of such information. In such an instance, you may receive notice of the breach described above directly from the district/agency on our behalf.
In either case, and regardless of whether we determine that a breach has actually occurred or not, we will adhere to all national, state and local data breach regulations applicable to the impacted user(s), which may include providing notice to legal authorities, as mandated by the laws of your country and/or regional/local jurisdiction.
Changes to this Statement
Sherpa reserves the right to change this Privacy Policy from time to time. We will notify you about significant changes in the way we treat personal information in the following ways:
Sending a notice to your primary email address, and to authorized account administrators in the case of minors
Placing a prominent notice on our site and our applications, and requiring your acknowledgement in order to proceed with use
Updating any privacy information on this page.
Your continued use of the Site and/or Services available through this Site after such modifications will constitute your: (a) acknowledgment of the modified Privacy Policy; and (b) agreement to abide and be bound by that Policy.
How we share your personal information
Other authorized users of the Services. We may share certain of your personal information with other users of the Services, to the extent those users belong to the same educational institution as you. For example, teachers will be able to view their own students’ completed assignments and conversations through the AI chatbot.
Service providers. We may share your personal information with third-party companies and individuals that provide services on our behalf or help us operate our Services (such as lawyers, bankers, auditors, insurers, customer support, hosting, analytics, email delivery, marketing, and database management).
Authorities and others. We may disclose your personal information to law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transfers. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution. In such a case, we will make reasonable efforts to require the recipient to honor this Privacy Policy.
Your choices
Access, update, or delete your account information. You can request for your personal information, or that we delete your account by emailing us at shaury@stanford.edu. Please note that (1) we may have to retain some information after your account is deleted, to comply with legal obligations, to protect the safety and security of our community or our Services, or to prevent abuse of our terms and (2) we may retain anonymous data after you delete your account, in order to improve the operation of our Services.
Other sites, mobile applications, and services
Our Services may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.
Security
Please note that any information you send to us electronically, while using the Services or otherwise interacting with us, may not be secure when it is transmitted to us. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us. Please be aware though that, despite our best efforts, no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” Any information you transmit to us you do at your own risk.
Changes to this Privacy Policy
We may modify this Privacy Policy from time to time in which case we will update the effective date at the top of this Privacy Policy. If we make material changes to the way in which we use information we collect, we will use reasonable efforts to notify you (such as by emailing you at the last email address you provided us, by posting notice of such changes on our website, or by other means consistent with applicable law) and will take additional steps as required by applicable law.
How to Contact Us
Please direct any questions or comments about this Policy or our privacy practices to: shaury@stanford.edu.
Protecting your private information is our priority. Here's a summary of our commitments to you:
We never sell your data.
No mobile information will be sold or shared with third parties for promotional or marketing purposes
We never advertise in Sherpa.
We don’t own the content you add to Sherpa.
We use the latest security industry best practices to protect you.
We are transparent about our practices and will notify you if things change.
We are compliant with FERPA
This Statement of Privacy applies to www.sherpalabs.co and the Sherpa platform, and governs data collection and usage. For the purposes of this Privacy Policy, unless otherwise noted, all references to Sherpa include www.sherpalabs.co, the Sherpa platform, and all other applications provided by Sherpa Labs, Inc. By using the Sherpa website, you consent to the data practices described in this statement.
Our Commitment
to Protecting Childrens' Privacy
Everyone at Sherpa takes the privacy of students and children extremely seriously. We do not offer our services directly to students or children. When Sherpa is used by an educational institution, students and families may interact with Sherpa only under the direction and control of the institution, and Sherpa acts as a ‘school official’ under FERPA.
SMS to Families
Sherpa utilizes AI-powered SMS agents to facilitate communication between families and educational institutions regarding attendance. These agents operate under strict privacy controls:
Data Use and Transparency:
The AI SMS agents process limited data such as attendance records and general academic performance to send personalized messages and alerts.
Families are informed at the beginning of interactions that they are communicating with an AI-powered agent. They are given clear Opt-In instructions in compliance with the TCPA.
Families may voluntarily provide information through SMS (such as reasons for absences). Sherpa processes this information solely for the purpose of routing it to the appropriate school personnel, in accordance with FERPA.
Families may opt-out of communications at any time following clear instructions provided in each message.
All data from interactions are handled according to our data retention policy, ensuring data is not held longer than necessary.
Communications through AI SMS agents are secured and encrypted to protect family privacy.
When Sherpa is used by an educational institution, the institution may provide Sherpa with student information necessary to deliver the Services, such as attendance records, contact information for parents or guardians, and other relevant educational data. Sherpa processes this information solely for the purpose of providing the Services under the direction of the institution.
Sherpa’s AI-powered SMS agents assist with communication and data collection, but all attendance decisions, interventions, and determinations are made by authorized school personnel. Sherpa does not make attendance decisions or take disciplinary action.
How we use your personal information
To operate our Services
Provide, operate, maintain, secure, and improve our Services.
Provide you with customer service.
Communicate with you about our Services, including by sending you announcements, updates, security alerts, and support and administrative messages.
Understand your needs and interests, and personalize your experience with our Services and our communications.
Respond to your requests, questions, and feedback.
Research and development
Sherpa does not use personal information to train general-purpose AI models. We may use de-identified or aggregated data to improve the performance, safety, and accuracy of our Services.
Compliance and Protection
Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
Protect our, your or others’ rights, privacy, safety, or property (including by making and defending legal claims).
Audit our internal processes for compliance with legal and contractual requirements and internal policies.
Enforce the terms and conditions that govern our Services.
Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
Sherpa retains personal information only for as long as necessary to provide the Services or as required by the educational institution. Unless otherwise directed by a school, Sherpa deletes or de-identifies student information within 12 months of collection.
Sherpa is not a covered entity or business associate under HIPAA. Any health-related information shared by families (such as doctor’s notes) in connection with attendance is treated as an “education record” under FERPA, not as protected health information under HIPAA.
Breach Policy
In the unlikely event that Sherpa comes to suspect a breach of the robust protective measures we have in place with respect to the data we collect, we will carry out an expeditious assessment of whether someone has, in fact, obtained unauthorized access to your protected data. For purposes of this policy, a breach is any unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information that we maintain.
If we determine that a breach has occurred, or even if we conclude that it’s reasonably likely to have taken place, we will immediately send you notice setting forth the following information:
Date of the breach;
Types of information subject to the breach;
A description, in clear and plain language, of the nature of the breach, what occurred, and all reasonably likely consequences of the breach;
Steps we are taking and those proposed to be taken to address the breach (including, where appropriate, any measures to mitigate its possible adverse effects).
The name and contact information of a designated Sherpa representative that you can contact to discuss the matter further, ask questions, request further information, etc.
Should your use of Sherpa be part of a formal arrangement with a school district or other educational agency (regardless of whether your relationship with that institution is as a student, teacher, administrator, staff member, or something else), we will also provide the same notice via email and telephone to those person(s) designated by the district/agency for receipt of such information. In such an instance, you may receive notice of the breach described above directly from the district/agency on our behalf.
In either case, and regardless of whether we determine that a breach has actually occurred or not, we will adhere to all national, state and local data breach regulations applicable to the impacted user(s), which may include providing notice to legal authorities, as mandated by the laws of your country and/or regional/local jurisdiction.
Changes to this Statement
Sherpa reserves the right to change this Privacy Policy from time to time. We will notify you about significant changes in the way we treat personal information in the following ways:
Sending a notice to your primary email address, and to authorized account administrators in the case of minors
Placing a prominent notice on our site and our applications, and requiring your acknowledgement in order to proceed with use
Updating any privacy information on this page.
Your continued use of the Site and/or Services available through this Site after such modifications will constitute your: (a) acknowledgment of the modified Privacy Policy; and (b) agreement to abide and be bound by that Policy.
How we share your personal information
Other authorized users of the Services. We may share certain of your personal information with other users of the Services, to the extent those users belong to the same educational institution as you. For example, teachers will be able to view their own students’ completed assignments and conversations through the AI chatbot.
Service providers. We may share your personal information with third-party companies and individuals that provide services on our behalf or help us operate our Services (such as lawyers, bankers, auditors, insurers, customer support, hosting, analytics, email delivery, marketing, and database management).
Authorities and others. We may disclose your personal information to law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transfers. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution. In such a case, we will make reasonable efforts to require the recipient to honor this Privacy Policy.
Your choices
Access, update, or delete your account information. You can request for your personal information, or that we delete your account by emailing us at shaury@stanford.edu. Please note that (1) we may have to retain some information after your account is deleted, to comply with legal obligations, to protect the safety and security of our community or our Services, or to prevent abuse of our terms and (2) we may retain anonymous data after you delete your account, in order to improve the operation of our Services.
Other sites, mobile applications, and services
Our Services may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.
Security
Please note that any information you send to us electronically, while using the Services or otherwise interacting with us, may not be secure when it is transmitted to us. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us. Please be aware though that, despite our best efforts, no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” Any information you transmit to us you do at your own risk.
Changes to this Privacy Policy
We may modify this Privacy Policy from time to time in which case we will update the effective date at the top of this Privacy Policy. If we make material changes to the way in which we use information we collect, we will use reasonable efforts to notify you (such as by emailing you at the last email address you provided us, by posting notice of such changes on our website, or by other means consistent with applicable law) and will take additional steps as required by applicable law.
How to Contact Us
Please direct any questions or comments about this Policy or our privacy practices to: shaury@stanford.edu.
Conversation Breeds Understanding
Conversation Breeds Understanding
Take a glimpse at the future of the classroom
Begin your first Conversation