Effective Date : July 10, 2026


This Privacy Policy sets out how we collect, use and protect any information that you give us when you use our platform, our websites and the resources we make available on our websites, such as our guides, videos and more. We refer to our Software, engagements, websites and resources collectively as the “Sparrow services”. This Privacy Policy is part of the broader terms that apply to your use of the Sparrow services, which include (as applicable) the Software-as-a-Service Terms and Conditions published at www.sparrowconnected.com/terms-and-conditions, Terms of Service published at www.sparrowconnected.com/legal/terms-of-service or other signed agreement between you and us. Any capitalized terms that are undefined here have the same meaning as in the Software-as-a-Service Terms and Conditions, as applicable.

We may change this Privacy Policy by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

 

1. OUR APPROACH TO PRIVACY

We’re asking permission to collect your information. Before you access our Software, we ask you for your permission to collect information about you and use it in providing our service. You give us this consent by clicking on a button or other feature saying something to the effect of “I accept,” “I consent”, or “I agree” to the Software-as-a-Service Terms and Conditions. By using the Sparrow services you give us consent to collect your information in connection with your use of those services.

Sparrow minimizes risk by collecting only information that is necessary for processing. The information that we do collect is not highly sensitive (such as financial or health information). The information collected by the Software mainly consists of your name, basic contact or demographic information (location, job title, department, etc...) and comments and reactions as in relation to Client Content. Our website may also collect comments and basic contact and demographic information including your address, postal code and job title. In addition, should there be a security breach, we have procedures in place to promptly notify you and to mitigate potential negative consequences.

Your information belongs to you, we handle it accordingly. Your personal information belongs to you. This means you have the right to withdraw your consent, access your information, correct it, take it back for yourself, or have it erased. This Privacy Policy describes each of these rights in more detail below.

Clients are responsible for your information as well. As a Permitted User, you should be aware that we have a separate contract with a Client for your access to our Software. The Client has choices and control over the data synced to our Software, including your personal information. For example, the Customer may have given us your name and contact information in the first place as part of granting you access to our software. In addition, the Customer can control access to our Software, and modify, use, delete or retain data you may contribute to Client Content. These choices and instructions may result in the access, disclosure, modification or deletion of certain or all of your personal information.

If you are not comfortable providing the information requested by a Client in our Software, you should not provide that information.

Children’s Privacy Protection. We do not knowingly collect personal information from children under the age of majority unless we are performing services for a Client who is responsible for obtaining the appropriate parental or guardian's consent. If we become aware or reasonably believe that we have received personal information of a child under the age of majority without appropriate consent, we will take prompt steps with our Customer to remove such information. If you suspect that we have received the personal information of a child under the age of majority without appropriate consent, please contact us at privacy@sparrowconnected.com.

 

2. WHAT INFORMATION DO WE COLLECT

Within the Sparrow services, information may be collected from Permitted Users, either directly or as a result of your use. This information may include:

  • Your input. Clients may ask Permitted Users to provide or may automatically collect input. These may include your written thoughts or reactions in response to Client Content. This may also include your engagement such as whether you have opened, viewed, or engaged with Client Content. We may also ask you to provide other information, such as general demographic information (for example, your age range) or an answer to a satisfaction question, survey, or interview. This is all input.
  • Your identity. This includes your name, email address, phone number, or other contact information that specifically identifies you as a Permitted User. We may have received it from the Client to grant you access to the Sparrow Services. Where you are a current or prospective customer, this includes contact information provided by you to Sparrow employees or personnel, which may include our support or sales teams.
  • Association information that connects your input to your identity. This is anything that enables someone else to know that specific input came from you personally as a Permitted User.

We also collect the following information:

  • Information collected from Clients. If you are a Permitted User accessing the Sparrow services as a representative of the Client, you provide us with your identity, textual information, attachments such as images or documents or videos, comments and any other information you may include in creating, submitting or otherwise making available to us any Client Content. We may also gain access to certain confidential information, including, but not limited to, the names and email addresses of your Permitted Users, access to personal information or data contained directly in or in input related to Client Content.
  • We may ask you to answer customer experience survey questions to help us assess overall Client satisfaction with the Sparrow Software and gather additional feedback to help us improve our products and services. When participating in an experience survey you may be asked for your consent to contact you by phone or email to provide an opportunity for additional input. Client experience participation is always optional.
  • Information automatically collected by our Software. When you visit, use, or leave our services by clicking links or buttons or other user interface affordances we automatically receive information through our Software and other software that we use to host and manage Sparrow Services.

This kind of information includes:

  • Technical data including the internet protocol (IP) address of your computer or the proxy server that you use to access the services, browser type and version, unique device identifiers and other diagnostic data;
  • Mobile device technical data including device type, unique identifier, IP address, operating system, mobile browser and other diagnostic data;
  • The actions you took in our services, including which Client Content you view or engage with or page visit duration.

Customized Experience and Service Development. We may also gather information about you and other Permitted Users collectively, such as which of our services are used most. We may also collect information about you as a prospective customer during our interactions with you, including business communications such as your industry or which of our services you are interested in purchasing. The data aggregated for these purposes does not contain any identifying information, and in some cases a token is used to anonymize the data.

As part of your use of our website and resources, you may have provided us with the following information:

  • Name and job title;
  • Contact information including email address;
  • Demographic information such as postcode, preferences and interests;
  • Your comments if you are using any commenting features on our website; and
  • Other information relevant to surveys and/or offers.


3. HOW DO WE USE YOUR INFORMATION

Things we need to do with your input. We need to be able to share your input as a Permitted User with the Client, and with other Permitted Users where you share input with publicly visible Client Content. Where Clients have made Client Content publicly visible, other Permitted Users are able to see any comments, reactions or other input you share. In addition, the Leader may choose to or be legally required to make this input public. We also compare your input to the input of others, aggregate your input with the input of others, and analyze and reach conclusions from all of that. This aggregated information is used to analyze trends or patterns in the data.

We may decide NOT to publish your input. Client Content and input may be moderated – meaning your input may be removed. This moderation may be done by us or by the Client. Input may be removed if it is rude or hurtful to a person or group, or if it does not answer the question asked. We (here including the Client) reserve the right to remove a thought for other reasons if we see this to be in the best interest of the Client or other Permitted Users, or if we feel for some other reason that it is important to do so. It is the decision of the Client to remove content (add context for flagging of offensive/harmful content).

In addition, your input will be accessible only for so long as the Client Content is accessible, but may be exported, saved, or otherwise retained outside of our Software by the Client.

What we need to do with your identity. We need to know who has access to our Software, as does the Client. The Client also may need to use your identity to categorize you in order to share Client Content specifically with you as a unique Permitted User or as a member of a demographic segment determined by the Client. Your identity is also used to manage your account access.

What we need to do with association information that connects your input to you. We need to know that particular input has come from you, and we use that information as part of the Sparrow services. When you share input, you are aware of the potential audience. By sharing, submitting or otherwise providing input, you agree that the Client and, where applicable, other Permitted Users will see your input and associate your input to you.

How do we use information automatically collected by our Software. Information collected automatically by our software that can be used to identify you is treated the same as any other identifying information. The specific types of information are explained above. This information may be associated with your identity and input, where the Client has decided to combine this data for engagement metrics on Client Content.

We may use this information to prevent, detect, or investigate abuse or misuse of our software, including spam, fraud, illegal activities, or violations of our Terms of Service.

How do we use aggregated information. We use aggregated information to customize your experience and the experiences of Permitted Users in order to provide you and other Permitted Users a more intuitive experience. The data aggregated for these purposes does not contain any identity information, or uses a token to anonymize the data. We also use information and content that you and other Permitted Users provide to us to conduct research and development for the improvement of our services.

How do we use information collected through our website. We use the information we collect through our website to understand your needs and provide you with a better service, in particular for the following reasons:

  • internal record keeping;
  • improvement of our products and services;
  • sending promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided;
  • delivering targeted advertising to you, working with advertising partners to develop and measure effectiveness; and
  • from time to time, we may also use your information to contact you for market research purposes. We may use the information to customize the website according to your interests.

Our website may allow you to post comments. If you post a comment you grant us the right to display your comment on our website. We may also use your comment, along with your name and other personal information, to identify you in other content including websites and documents with no compensation due to you and with no further requirement for us to seek permission.

How do we use information from prospective customers. We use the information you provide us during our interactions to understand your business needs and assist you during the sales process, including the following reasons:

  • internal record keeping of business communications; and
  • feedback to improve our services and the sales process.

If you have any concern about providing information to us or having such information displayed or otherwise used in any manner permitted in this Privacy Policy and the broader terms, you should NOT visit our Software, websites, or otherwise use our services.

4. WHO CONTROLS AND HAS ACCESS TO YOUR INFORMATION

Who controls your information? The Client (other than for solely website and resource use) and we jointly share control over your information as described in this Privacy Policy.

Affiliates and Subsidiaries. Sparrow is operated by Fulcrum Management Solutions Ltd., our parent company, which acts as the data controller responsible for the collection, use and processing of your information as described in this Privacy Policy. We may share your identity and association information with our affiliates. Affiliates include any other subsidiaries of our parent company. Any information we share with our affiliates will be treated in accordance with this Privacy Policy.

Who has access to your identity information? Within our organization, only authorized personnel have access to your identity information. Authorized personnel are limited to our employees or contractors who have a legal obligation to protect your privacy that is consistent with this Privacy Policy.

From time to time, our personnel may access your information to provide you with technical and administrative support and suggestions on how to improve your experience using the Sparrow services. You may request that your personal information remain private from our support personnel by contacting privacy@sparrowconnected.com.

We at Sparrow don’t share your information, but Clients and other Permitted Users who have access to your information could decide to share it, and we have no responsibility for their actions. Clients may be legally required to share Client Content and input, which may be associated with your identity. As a result, your identity and input may be shared beyond what is contemplated by Sparrow services.

External Processing. We may engage third parties as service providers to process your information and support the delivery of Sparrow services to our Clients. Additional information about our subprocessors can be found at www.sparrowconnected.com/legal/subprocessors.

Compliance with Legal Process and Other Disclosure. We may need to disclose your identity information, including information that connects you to your input, when required by law, subpoena, or other legal process, whether in the United States, Canada, or other jurisdictions. We may also disclose this information if we have a good faith belief that disclosure is reasonably necessary to: (1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce this agreement, investigate and defend ourselves against any third-party claims or allegations, or protect the security or integrity of our services; (3) exercise or protect the rights, property, or safety of our employees, personnel, other Permitted Users or members of the public; or (4) address a credible threat to the life or safety of yourself or others. We attempt to notify Permitted Users about legal demands for their personal information when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority.

Our website may contain links to other websites of interest. Once you have used these links to leave our website, we are not responsible for the protection and privacy of any information which you provide when visiting such sites and such sites are not governed by this Privacy Policy.

Third-Party Service Providers: We may use third-party service providers, including to monitor and analyze the use of Sparrow services and support our marketing efforts. Third-party service providers collect, store, use, process and transfer information about your activity on Sparrow services in accordance with their own privacy policies.

  • Google Analytics: Sparrow services use Google Analytics, a web analytics service which uses cookies and similar tracking technologies to collect and analyze information about how you use our site. Google uses this information to report to us on usage data. Google may also use this data for their own business purposes or transfer this information with other Google services or third parties. You may opt out by installing the Google Analytics Opt-Out Browser Add-on. For more information on how Google uses data collected via our site, please visit google.com/policies/privacy/partners .
  • LinkedIn: Sparrow services uses analytics and advertising services offered by LinkedIn, which uses cookies and similar tracking technologies to collect and analyze information about how you use our site and advertise to you on third-party websites/apps. This processing is carried out on the basis of our legitimate interest in understanding the effectiveness of our marketing efforts, or with your consent where required by applicable law.
  • GIPHY: Sparrow services uses GIPHY to display animated GIF content within the platform. GIPHY content may display targeted advertisements, which use cookies and similar tracking technologies to collect and analyze information about how you use GIPHY in order to advertise to you on third-party websites/apps.
  • For more information about third-party providers and targeting cookies, please see our Cookie Policy.

5. WHERE IS YOUR DATA STORED

We host and access your information in the locations provided in our Subprocessors Page, published at www.sparrowconnected.com/legal/subprocessors.

6. HOW DO WE KEEP YOUR INFORMATION SECURE

We have implemented administrative and technical security safeguards designed to protect the personal information that we collect in accordance with applicable law and industry standards. However, since the Internet is not a 100% secure environment, we cannot ensure or warrant the security of any information that you transmit to us. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

7. HOW LONG DO WE RETAIN YOUR INFORMATION

We retain the information you provide while your access to Sparrow services are ongoing or as needed to provide you services. We may retain your information even after expiration of your License Term in order to maintain your data history if you subsequently re-subscribe or if retention is reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, prevent fraud and abuse, or to enforce our terms. We may retain information, for a limited period, if requested by law enforcement. Our service team may retain information for as long as is necessary to provide support-related reporting and trend analysis. You may request us to permanently delete your information at any time, including at the end of your subscription period.

8. YOUR PRIVACY RIGHTS

Because you own your information, you retain control over it. Among other things, you can:

  • Withdraw your consent to our collection and use of your information at any time.
  • Access your information and, if you wish, obtain a copy of your information.
  • Correct any of your information that is not correct. Changing your mind on how you express input is not a correction. We consider it to be correct at the time you enter it.
  • Have your information erased from our service. However, you acknowledge that the Client may provide us with information about you in the future.

If you want to take any of the above actions, you can contact our customer service or privacy teams with your request, and they will show you how to do it, or will make sure that it gets done for you. If we have to do this manually, our goal is to have it done within 30 days. To exercise these rights, please contact our Data Privacy Officer at privacy@sparrowconnected.com.

For most information, the Client directly syncs data from their systems to our Software. You acknowledge that we may require you to submit any requests relating to the above actions directly to the Client or share your request with the Client.

EEA/UK/SWITZERLAND PRIVACY RIGHTS

Additional privacy rights. If you are a resident of or are located in the European Economic Union (EEA), United Kingdom (UK) or Switzerland, you may have additional rights under the General Data Protection Regulation, UK General Data Protection Regulation or Federal Act on Data Protection (collectively “GDPR”) in addition to those described above.

  • In certain cases, you may request that we restrict our use of your information.
  • Where we rely on our legitimate interests to collect information, you may have the right to object to the use of your information.
  • If you believe we have infringed your rights under the GDPR, you have the right to lodge a complaint with a supervisory authority.
  • You can request to view the essence of our joint controller agreements.

To learn more about your rights, please contact your local data protection authority.

Legal bases for collecting information. We rely on the following legal bases for collecting and using your information that is subject to the GDPR where:

  • We have your consent to do so (for example, by clicking “I accept” or any similar phrase to our Terms or where the Client has obtained your consent before you access Sparrow services).
  • We have a legitimate interest to collect your information that is not overridden by your privacy rights (to improve the Sparrow services or to communicate with you about the Sparrow services).
  • We need your information to perform a contract with you (for example, we may need information to perform our obligations under a contract for the Sparrow services).
  • We have a legal obligation to collect your information (for example, to prevent or investigate illegal behaviour in connection with the use of the Sparrow services).

International Transfers. Under the GDPR, we may only transfer your information out of the European Economic Area, the United Kingdom and Switzerland to other regions if certain protections are in place. The protections we rely on include:

  • Transferring your information to a country that European, British, and Swiss data protection authorities consider to have adequate privacy protections in place (such as Canada)
  • Compliance with the EU-US Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-US Data Privacy Framework Principles (in the case of third-party providers in the US) Standard Contractual Clauses in our agreements with third-party providers.

CALIFORNIA/U.S. PRIVACY RIGHTS

Additional privacy rights. If you are a resident of California or a resident of a U.S. state with similar applicable privacy laws, you may have additional rights under the California Consumer Privacy Act (“CCPA”) or other privacy laws applicable to your use of Sparrow. These rights may include:

  • The right to request details of the categories of personal information that we collect.
  • The right to restrict or object to certain processing.
  • The right to request that we delete your personal information.
  • The right to request information about sharing of personal information with third-party service providers for marketing purposes under the Shine the Light Law (California Civil Code Section 1798).
  • The right not to be discriminated against for exercising your rights under the CCPA or other applicable U.S. privacy laws.

Categories of Personal Information Collected. In the last twelve (12) months, we may collect or may have collected the following categories of “personal information”, as defined in the CCPA, from California residents. Some categories of personal information are only collected if you have provided it to us directly.

  • Category A: Identifiers (includes online identifiers, email addresses, IP addresses etc.)
  • Category B: Personal information categories listed in the California Customer Records statute (including demographic information, employment information etc.)
  • Category F: Internet or similar information (including interactions with Sparrow Services or advertisements)

Sharing of personal information. We do not “sell” your personal information, as “sell” is defined in the CCPA. In the last twelve (12) months we may have shared the categories of personal information listed in the above section with the following third parties:

  • Third-party service providers

Do Not Sell and Targeted Advertising. You have a right to opt out of the sharing of your personal information. To exercise your right, please contact us. The third-party service providers we partner with may have set technology on our Services used to share personal information. Sparrow services do not respond to Do-Not-Track signals. If you would like more information on these third-party providers and how to opt out of the sharing of your personal information, please see our Cookie Policy.

 

CANADA PRIVACY RIGHTS

Additional privacy rights. If you are a Canadian resident, you may have additional rights under applicable law.

  • You may vary your previously provided consent.
  • You can request information about the third parties to which your information has been disclosed.

You also have the right to file a complaint with Data Privacy Authorities in Canada, the US, the EU or other applicable jurisdiction.

9. CHANGES TO OUR PRIVACY POLICY

We may change this Privacy Policy by updating this page. You should check this page from time to time to ensure that you are happy with any changes. If we make a material change to this Privacy Policy, such as changes to how your personal information will be collected or processed, we will notify you.

10. CONCERNS AND HOW TO CONTACT US

If there is a security incident we will immediately take steps to notify you and to mitigate potential negative consequences.

Concerns about privacy. If you have a concern about how we are treating you (and your information), we ask that you contact us at privacy@sparrowconnected.com or at

Fulcrum Management Solutions Ltd.

Suite E, 1990 Columbia Avenue, Rossland, BC, V0G 1Y0.

Canada

If you have a question or concern about your personal information or the use of Sparrow that you feel may not be ethical, please contact privacy@sparrowconnected.com. This address will always go directly to our head Data Privacy Officer.

Questions or concerns?

Please feel free to contact us if you have any questions about Sparrow Connected's Security, Privacy Policy or practices.