Our Privacy Policy

We understand the value and importance of your personal information. Our job is to protect and secure that information for you, and we take that very seriously.

Last update 1 November, 2021

Data controller
Sherpa Technology Pte Ltd of 101B Telok Ayer Street #03-02 Singapore 068574 a limited liability company registered and incorporated under the laws of Singapore, is the controller of any personal data that we collect about you.

This statement is issued on behalf of Sherpa Technology Pte Ltd and all entities forming a part of the Sherpa Group whether as subsidiaries, affiliates or parents. When we refer to “we”, “us”, “our” or “Sherpa” in this Statement, we are referring to the relevant entity in the Sherpa Group responsible for processing your data. We will let you know which entity will be the controller for your data when you obtain any of our services.

“Protection Score” means any protection score we provide to you via the Site.

“Site” means www.sherpascore.com and any mobile applications or similar devices, channels or applications operated by or on behalf of us.

If you need to get in contact with us, please email us at support@sherpascore.com.

Purpose of this policy
The purpose of this policy is to:

  • set out the type of personal data Sherpa will collect from you and how we will use your personal information
  • the basis on which any personal data is processed by Sherpa
  • make you aware of how Sherpa will handle your personal data
  • clarify Sherpa’s obligations under applicable data protection regulations with regards to processing your personal data lawfully and responsibly
  • inform you of your data protection rights.

We process your personal data in an appropriate and lawful manner, in accordance with applicable data protection regulations and the General Data Protection Regulation EU 2016/679 (“GDPR”) which is in force as of 25 May 2018.

This statement should be read in conjunction with any other Privacy Notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.

What data we collect and how we collect it
We may collect personal information by you:

  • completing an enquiry form or answering questions via the Site
  • corresponding with us by post, phone, email or otherwise
  • requesting marketing to be sent to you
  • giving us some feedback.

That information may include details such as:

  • your name, email address, telephone number
  • your marketing and communication preferences.

When you visit the Site, we may also collect information including:

  • technical information, including the IP address used to connect your computer to the Internet, your login information, browser type and version, the full Uniform Resource Locators (URL), clickstream to, through and from the Site (including date and time) as well as other information regarding your experience on the Site such as page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page
  • information about your location. We may determine your location through your IP address and, when accessing the Site through a mobile device, by using the data that we collect from that device. This includes information about the wireless networks or cell towers near your mobile device at the time of access.

Where we are collecting or processing further information we may provide you with separate Privacy Notices informing you about how and why we are using your personal data.

Personal information about other people
If you provide us with information about another person (for example a family member), you should ensure that they are aware of the contents of this Privacy Policy. To the extent the personal data is not a special category of data, we may process that personal data on the basis of performance of a contract, in order to comply with any legal obligations or because it is in our legitimate interests. Where the personal data is a special category of data, we will require a consent form to be signed by the relevant person unless there is a valid legal basis for processing that personal data falling within the definition of special category of personal data.

Sensitive personal data
Some of the information that we may ask you to provide to us could be a special category of personal data, as defined in the GDPR, namely personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

We use any personal data about you or others for specific stated purposes including to comply with applicable laws and regulations and to provide you with services described on the Site. To the extent permitted, processing of that data will be based on applicable data protection legislation. Otherwise, we will request your explicit consent to do so.

How will we use your personal data?
To ensure that we provide the best experience for you that we are able to, we may use your information to:

  • provide to and discuss with you any services or information described on the Site
  • facilitate the provision of services which you request
  • develop our products, services, systems and relationship with you and record your preferences
  • market to you (but see ‘Your Rights’ below)
  • comply with our legal and regulatory obligations
  • undertake research and keep statistics
  • detect and prevent fraud and crime in furtherance of our legitimate interest.

We will also use your data for the following purposes:

  • administer our Site and for internal operations, including troubleshooting and in order to keep the Site safe and secure
  • improve the Site to ensure that content is presented in the most effective manner for you
  • ensure that content displayed on the Site is presented in a user-friendly manner
  • distinguish you from other users of the Site

We may also use your information in anonymised form, meaning it is not possible to identify who you are, to analyse the use of the Site, and consumer attitudes to our products, services and marketing.

We will never sell your personal information to third parties.

Legal basis for processing
We shall only process your personal data to the extent necessary for us to be able to provide the services we offer and / or for the purposes indicated in this statement.

We may also process your personal data on the basis of any legitimate interest or in order to comply with any legal obligations at law. This may include the exercise of defence of legal claims or in order to comply with an order of any court, tribunal or authority or police authority.

Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending marketing communications to you. For further information on how we provide you with choices around the use of your personal data for marketing and advertisement purposes, please see below.

Sharing of Data
We may disclose your personal data to any of our international offices / companies that form part of Sherpa, and which may act as joint data controllers or data processors to the company which will be the data controller for your data when you obtain our services and / or may provide administration, controls, information or reporting services. All Sherpa companies respect the security of your personal data and treat it in accordance with the applicable law (including the GDPR) and apply the security measures and safeguards described below.

We may need to share personal data with certain authorities and regulatory bodies.

We may also be under a duty to disclose or share your personal data to comply with any legal obligation, judgment or order from a court, tribunal or authority. We may also disclose your data to enforce any licence agreement we may enter with you, or to protect our rights, property or safety, or that of other users of the Site. This includes exchanging information with other companies and organizations for the purposes of fraud detection and prevention.

Overseas transfer of data
To ensure we can provide services to you, we may from time to time need to share your information with entities outside the European Economic Area. If we do, we will ensure that it is subject to the provisions of the GDPR and applicable data protection legislation, it is kept securely and is only used for the purposes for which it was provided. We will continue to comply with our obligation to adequately protect and secure your personal information.

For this purpose, we will transfer your personal data in accordance with the standard contractual clauses (European Commission: Model contracts for the transfer of personal data to third countries) to ensure it is transferred securely and in compliance with data protection legislation, including the GDPR.

Data security
We will ensure that appropriate security measures are taken against unlawful or unauthorized processing of personal data, and against the accidental loss of, or damage to, personal data.

The transfer of information between the Site and your device is protected with TLS1.2 end-to-end encryption protocol or newer technologies as they become available provided they are supported by your browser. All personal data is stored in a secure server environment that uses a firewall and other advanced technology to protect against interference or unauthorized access. Usernames and passwords are issued to persons authorized to access the personal data who are bound by confidentiality not to disclose any data.

No method of transmission of data is one hundred percent (100%) secure and absolute security cannot be guaranteed.

Storage of Your Data
We shall only store your data as long as is strictly necessary for the purposes for which it was collected e.g. to provide you our services or for the purposes of satisfying any legal, accounting or reporting requirements. In any case, retention of data shall not exceed 10 years from the date of termination or completion of the services. This period of retention enables us to use the data for defending potential legal claims, taking into account the applicable limitation periods under relevant laws, as well as, if applicable, to comply with anti-money laundering / know your client laws and regulations, anti-bribery / corruption laws and regulations, insurance laws, accounting and tax laws, applicable to certain jurisdictions in which we operate.

To the extent possible, we anonymize the data we hold about you when it is no longer necessary to identify you from that data.

Your Rights
You are entitled to exercise the following rights under the GDPR:

  • Right to Access Information– you have the right to request information as to whether or not your personal data is being processed by Sherpa, as well as information as to how and why it is processed, by sending an email to support@sherpascore.com. You shall receive one (1) electronic copy free of charge via email. We may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, in which case we may also refuse to comply with your request.
  • Right to object– we may from time to time contact you with suggestions on how you can limit any protection gaps you may have with special offers etc. You may contact us at any time by email to support@sherpascore.com to ask us not to process your personal data for such marketing purposes. Similarly, you may ask us not to process your personal data for other marketing purposes e.g. you receiving information from us about upcoming events, newsletters and publications, and your data will no longer be processed for such purposes.
  • Right to withdraw consent– you have the right to withdraw your consent to this statement, and the processing practices described, at any time by sending an email to support@sherpascore.com. This will not affect the lawfulness of processing which we carried out on the basis of your consent before its withdrawal. Withdrawal of consent will result in us having to terminate our services immediately.
  • Right to rectification– you have the right to obtain rectification of any inaccurate personal data about you that we have processed, update any data which is out-of-date and the right to have incomplete personal data completed, including by means of a supplementary statement.
  • Right to erasure– you have the right to obtain the erasure of personal data we have concerning you when your personal data is no longer required where:
    • you withdraw your consent to us processing your personal data
    • your personal data no longer needs to be processed
    • your personal data has been unlawfully processed.
  • Right to restriction of processing– you have the right to restrict our processing activities where:
    • you contest the accuracy of personal data, for a period enabling Sherpa to verify the accuracy of that personal data
    • our processing is deemed unlawful, and you oppose the erasure of your personal data and request restriction of its use instead
    • we no longer need your personal data for the purposes stated in this statement, but you require it for the establishment, exercising or defending of legal claims
    • you have objected to our processing pending the verification whether the legitimate grounds of our processing activities overrode those pertaining to you.
  • Right of data portability– you shall have the right to receive your personal data in a structured and machine-readable format and transmit this data to another Controller (as defined in the GDPR).
  • Right to complain to a supervisory authority– you have the right to lodge a complaint at any time to the competent supervisory authority in your jurisdiction on data protection matters. We would, however, appreciate the opportunity to deal with your concerns before you approach a supervisory authority, so please contact us in the first instance.

Other Websites

We may introduce you to other advisers or product providers via the Site, or you may be able to access other websites via links on the Site.

Please note that your data may be handled differently by those other persons, and will be subject to their policies and rules. You should consult their privacy policy accordingly and satisfy yourself in that regard. Sherpa cannot accept any accept any liability for any use of your data by those other persons or websites.

What Are Cookies
Like most professional websites, the Site uses cookies, which are tiny files that are downloaded to your computer, to improve your experience. A cookie enables the Site to remember users that have already visited. Without a cookie, every time you open a new web page you would be treated like a completely new visitor.

You can also find further information on cookies and local storage at the following websites.

Disabling Cookies
You can prevent the use of cookies by adjusting the settings on your browser (see your browser Help function to do this). But please be aware that disabling cookies will also disable certain functionality and features of the Site. We recommended that you do not disable our cookies.

Many browsers allow you to browse privately whereby cookies are automatically erased after you visit a site.

How we use cookies
We use cookies for a variety of reasons. They include persistent cookies and session cookies. A persistent cookie helps us recognize you as an existing user, so it’s easier to return to our Site or interact with our services without signing in again. After you sign in, a persistent cookie stays in your browser and will be read when you return to our Site. Session cookies only last for as long as the session (usually the current visit to a website or a browser session).

We also use analytics cookies. These cookies track information about how the Site is being used so that we can make improvements and report our performance. We might also use analytics cookies to test new ads, pages or features to see how users react to them. Analytics cookies may either be first party cookies or third party cookies.

Third Party Cookies
We may also use cookies provided by trusted third parties. Third party analytics are used to track and measure usage of the Site and may track things such as how long you spend on the Site or which pages you visited to help us understand how we can improve the Site for you. Also, as we sell products it’s important for us to understand statistics about how many of the visitors to our Site make a purchases, and to help us accurately make business predictions and to monitor our advertising and PR costs to ensure the best possible price for you.

Changes To This Policy
We may, over time, need to modify this Privacy Policy. If we do, we will publish any changes on the Site so that you are aware of them, and let you know when those changes will take effect. We will also let you know your rights if you object to any of those changes.

By visiting the Site and providing your information to us, you consent to its use on the terms set out above.


Looking to learn more about Sherpa or chat to the team? Let’s get you booked in for a demo.

All rights reserved 2022. Copyright © Sherpa Technology PTE. LTD.

Registered office 101B Telok Ayer Street #03-02, Singapore 068574
Registered in Singapore, no. 201932287K

Looking to learn more about Sherpa or chat to the team? Let’s get you booked in for a demo.

All rights reserved 2021. Copyright © Sherpa Technology PTE. LTD.

Registered office 101B Telok Ayer Street #03-02, Singapore 068574
Registered in Singapore, no. 201932287K

We have big news!

Sherpa is now HYKE, a global decision support company. Check out the HYKE website to learn more about what HYKE means and where we are going: www.letshyke.com

Looking to learn more about HYKE’s individual coverage products? Close this window and keep reading about the Score.

This will close in 20 seconds