This policy describes how Sparrow treats your information, not how other organizations treat your information. If you are using Sparrow in a workplace or on a device or account issued to you by your employer or another organization, that company or organization likely has its own policies regarding storage, access, modification, deletion, and retention of communications and content which may apply to your use of Sparrow. Content that would otherwise be considered private to you or to a limited group of people may, in some cases, be accessible by your administrator. Please check with your employer or administrator about the policies it has in place regarding your communications and related content on Sparrow.
We collect only non-identifying or aggregated information. Here are the types of information we collect or receive:
Billing information. If you purchase a premium version of Sparrow, our third party payment processors will collect and store your billing address and credit card information.
Device information. In addition to log data, we may also collect information about the device you’re using Sparrow on, including what type of device it is, what operating system you’re using, device settings, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on what type of device you’re using and its settings.
Geo-location information. Precise GPS from mobile devices is collected only with your permission. WiFi and IP addresses received from your browser or device may be used to determine approximate location.
Sparrow usage information. This is information about which channels, people, features, content, and links you interact with within Sparrow and what integrations with related services you use.
Service integrations. If you integrate with a service on Sparrow we will connect that service to ours.
Communication content that you send and receive within Sparrow. This includes:
Information from partners or other 3rd parties. Sparrow may receive information from partners or others that we could use to make our own information better or more useful. This might be aggregate level information about which IP addresses go with which postal codes or it might be more specific information about how well an online marketing or email campaign performed.
Cookies are small text files sent by us to your computer and from your computer to us, each time you visit our website. They are unique to your Sparrow account or your browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.
Some cookies are associated with your Sparrow account and personal information in order to remember that you are logged in and which teams you are logged into. Other cookies are not tied to your Sparrow account but are unique and allow us to do site analytics and customization, among other similar things.
Sparrow sets and accesses our own cookies on our company-owned domains. We do not currently recognize or respond to browser-initiated Do Not Track signals as there is no consistent industry standard for compliance
We use your information for the following:
Providing the Sparrow service. We use information you provide to authenticate you and deliver message content to you and from you
Understanding and improving our products. To make the product better we have to understand how users are using it. We have a fair bit of data about usage and we intend to use it many different ways to improve our products, including research. This policy is not intended to place any limits on what we do with usage data that is aggregated or de-identified so it is no longer tied to a Sparrow user.
Investigating and preventing bad stuff from happening. We work hard to keep Sparrow secure and to prevent abuse and fraud.
Communicating with you. Solving your problems and responding to your requests. If you contact us with a problem or question, we will use your information to respond to that request and address your problems or concerns.
In-product communications. We may use the information you provide to contact you through Sparrow. For example, if, after, a few weeks of using Sparrow we notice that your notification setting is set to notify you of all messages, we may send you a message that suggests you change this in case you are getting too many notifications. This is just one example of how we use information about your usage of the product to make suggestions to you.
Email messages. We may send you service and administrative emails, such as when we notice that you are nearing a message or integration limit. We may also contact you to inform you about changes in our services, our service offerings and important service related notices, such as changes to this policy or security and fraud notices. These messages are considered part of the service and you may not opt-out of them. In addition, we sometimes send emails to Sparrow users about new product features or other news about Sparrow. You can opt-out of these at any time.
Also read about data deletion in Sparrow Connected.
Sparrow offers different options for message retention and export to administrators, depending on the level of service they have signed up for. These service levels are likely to change so please see our pricing page to learn more about which features are associated with which level of service.
Message retention setting options vary by service level from very general to very specific. The default for all teams, both free and premium, is that messages are retained for as long as the team exists unless they are deleted by the user or administrators, and that users can edit and delete their own messages at any time. Please see our FAQ for more specific information about what options exist for different team service levels.
Choices for Administrators: Administrators have the ability to manage and change most of the team settings, including message retention settings. Administrators can also deactivate member accounts for their team. Only a primary owner can deactivate or delete an organization account.
Other Choices: Your mobile device may provide you with choices around how and whether location or other data is shared with us. Sparrow does not control these choices, or default settings, which are offered by makers of your browser or mobile device.
There are times when communications and related content and other user information may be shared by Sparrow. This section discusses only how Sparrow may share user information. Organizations that use Sparrow may have their own policies for sharing and disclosure of information. Sparrow may share information.
With consent, to comply with legal process, or to protect Sparrow and our users. When we have your consent or if we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public, any person, or Sparrow; or to detect, prevent, or otherwise address fraud, security or technical issues. If we receive a law enforcement or other third party request for information we will provide prior notice to the subject of the request where we are legally permitted to do so.
Integrations. If you add an integration, Sparrow may share information about you or your team with the provider of the integration. Sparrow is not responsible for how the provider of the integration may collect and use your data.
About you with your organization or team administrator(s). We may share your email address, personalization settings and other data with your organization.
In addition, there may be times when you contact Sparrow to help resolve an issue specific to a team you are a member of. In order to help resolve the issue, we may need to share your concern with your administrator. When possible, we will try to mask or remove any identifying information before sharing these communications.
We may also share aggregated or de-identified information with our partners or others for business or research purposes. For example, we may tell a prospective Sparrow customer the average number of messages sent within a channel in a day or may partner with research firm or academics to explore interesting questions about workplace communications. Again, this policy is not intended to prohibit the disclosure and use of aggregated or de-identified data.
Sparrow takes reasonable steps to protect information you provide to us as part of your use of the Sparrow service from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store and the current state of technology. When you enter sensitive information (such as sign-in credentials) we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. However, no electronic or email transmission or digital storage mechanism is ever fully secure or error free.
To learn more about current practices and policies regarding security and confidentiality, please see our Security Practices; we keep that document updated as these practices evolve over time.
We may change this policy from time to time, and if we do we’ll post any changes on this page. If you continue to use Sparrow after those changes are in effect, you agree to the revised policy. If the changes are material, we may provide more prominent notice or seek your consent to the new policy.