Privacy Policy

Last Updated: March 15, 2017

Sherlock designs and manufactures GPS antitheft and tracking devices and tools, that allows Users to locate their bike in every moment and retrieve it in case of theft.

These solutions consists of an electronic device, produced by Sherlock and sold on its Website, and its related service provided by the mobile app, available on the app stores.

This privacy policy (the “Privacy Policy”) applies of this website, apps and products and / or services related to it, in relation to the processing of personal data of users / visitors (Users) who consult, and is provided pursuant to section. 13 of Legislative Decree no. 196/2003 ( “Privacy Code”).

This privacy policy (“Privacy Policy”) applies to our website www.sherlock.bike (“Website”), our products and services ( “Sherlock Products “), available at our Website,  our software (” Sherlock Software”) and our mobile app for iOS and Android (” Sherlock App” or “App”). These devices, Website, software and app are collectively referred to herein as “Services Sherlock”.

The Data manager and Website owner is:

Sherlock srl

c.so Castelfidardo 30 / A

10129 Torino

e-mail: support@sherlock.bike

Sherlock may occasionally and unilaterally change this Privacy Policy, according to any improvement in Sherlock services, or to technological and legislative developments. Any changes will become effective only when the new version of this Privacy Policy will be published on the Sherlock Website.  All visitor of the Website (“Users”) can refer to the “Last Update” date shown at the beginning of this page, to know the latest version of this Privacy Policy. In order to secure the Users’ consent, if required by law, Any changes will be notified to the Users  by mail or through other means, otherwise will be posted on the Website, before the change becomes effective.

Sherlock is constantly striving to protect Users’ personal data; however, no data transmission on   Internet can be considered absolutely safe, thus Sherlock is not responsible of the security of any data provided by the Users. All Users’ personal data are exclusively transmitted at their own risk.

What data does Sherlock collect?

When activating  a Product, creating o logging into your account on the App, subscribing to a newsletter, or contacting our support staff, Sherlock can collect a series of personal data (“Personal Information”) which eventually may include name, postal address, telephone number and e-mail. All Personal Data may be collected and / or treated by Sherlock srl in Italy or in another EU member State, according to EU Directive 95/46 / EC

Visit to our Website

Sherlock collects data from all Users who visit the Website, even if they doesn’t have an account.

When a User visits the Website, Sherlock collects data from industry-standard registers that store information about the visit, such as: the type of browser, the operating system, the URL of the page from which the visit has been redirected, the actions taken and the IP address of the visited pages, and other similar information.

Sherlock uses all the data collected to provide pertinent information about Users’ location, to enhance the experience of visiting the Website and to verify if the Website is working correctly.

Sherlock also collects cookies data. To verify the complete list of the used cookies and how to use it, please see our Cookies Policy.

When activating a Sherlock Product

When activating a Sherlock Product, Users must downloads the Sherlock App on their smartphone, (at least, compatible with iOS 9 and Android 4.4.) and create a Sherlock App Account by entering their data, such as: full name, email address, type of bike owned, city of domicile / residence. These information will be used by Sherlock to generate statistics and, above all, to create the bike passport which could be shared with the law enforcement  in case of theft.

When Creating a Sherlock Account

To access the data collected and shared by the Sherlock Product to our App, Users must create a mobile App account (”Sherlock App Account”). When creating a Sherlock App Account, some personal data are required, including email address and date of birth.

To purchase our products from the Sherlock Store, Users must create an account on the Website (” Sherlock Website Account”). When Creating a Sherlock Website Account, some personal data are required, including email address and date of birth.

Sherlock App Account and Sherlock Website Account are two different account and they’re not connected to each other, even if they belong to the same User.

Users may also create an Account on our App or our Website using different credentials, as well through their social media login credentials, (i.e. Facebook or Google+ credentials). In this case, the system sends an authorization request to the social media, provided by the User, in order to access to the basic information of the social media account, i.e.: name, profile picture and friends list.

Users can stop sharing this information with Sherlock at any time, by removing all access authorization to their personal account on the social media .

When adding information to the account

At any time, Users can customize the Sherlock interface, on the App, adding extra information to the Sherlock App Account, including: photo to customize the profile or photo of the bike owned. These data are collected by Sherlock and stored with the other information of the Sherlock App Account.

When syncing a Sherlock Product

When syncing a Sherlock Product with the App, all data about the rides are transferred from the Product to our server. These data are stored and used to provide the Sherlock Services. Each time a sync occurs, we also log data about the transmission. Some examples of the log data are the sync time and date, device battery level, and the IP address used when syncing.

When activating location services

In order to determine the Users’ location, Sherlock collects data, including: GPS signals, device sensors, Wi-Fi access points, and the IDs of the cell towers. We store this information together with the other Sherlock Account data to provide location services. By using a map service, all information about the Users’ location are sent to the service in order to display the location on the map; however map services are not allowed, by contract, to share or use such data for other purposes.

When purchasing in the Sherlock Store

If Users are logged in their Sherlock Website Account while purchasing a Product in the Sherlock Store,  the purchase order is associated to the User’ Sherlock Website Account. We store the shipping address information in order enhance the order processing by our partners. Sherlock never view or share, nor stores in any way Users’ credit card information or other similar data. All payment information are managed by a service provided by third parties.

Requests for assistance

When Sherlock receive a request for assistance, the data shown in the request (i.e.: name, email address and any additional data) are stored on our servers, in order to provide the requested assistance and improve the service.

Our assistance service could be contacted through the social network, (i.e Twitter or Facebook); However, Sherlock is not responsible and does not guarantee in any way the confidentiality of the information shared by these channels.

Use of the data

Data Processing

Sherlock process all personal data collected by using electronic or automated systems, assuring security and confidentiality of all data collected, in accordance with the provisions of the Privacy Code.

Sherlock may use the Users’ personal data for the following purposes:

  1. Use by Sherlock. Sherlock may use Users’ personal data: (a) for statistical or marketing purposes, including measurement and understanding of the common trends to the customers (b) for operational purposes, including location of Users’ devices or other activities for the purpose of improving and protecting our services; (C) to alert Users about any changes to the Privacy Policy, and (d) for any other purpose described in this Privacy Policy or required by regulations or lawsuits.
  2. Customer Support. When Users interact with our customer service by e-mail, phone or in person, Sherlock may collect: personal information pertinent to the situation, including: name, mailing address, telephone number and contact preferences; information about purchased Sherlock products, including: serial numbers, purchase date and (if applicable) event logs useful for diagnosing performance problems for products or applications; information relating to a support or a service issue. Sherlock will use this information to provide customer service and product support.
  3. Purchasing. If Users are logged in their Sherlock Website Account while purchasing a Product in the Sherlock Store, the purchase order is associated to the User’ Sherlock Website Account. We store the shipping address information in order enhance the order processing by our partners. If you are not logged into your account at the time of purchase, we do not associate that data with your Fitbit account, however we save the data so that we can provide customer service related to the purchase.
  4. Promotions If the User adheres to prize events or promotions activated by Sherlock, all information provided will be used for processing purposes. In case of conflicts, related to the processing of personal information, terms and conditions of these prize events or promotions will prevail on the provisions of this Privacy Policy.

Data shared with third parties

Sherlock does not sell data to third parties that allow the Users’ identification; however Sherlock may share such data with its partners, in de-identified and aggregated form, or for the sole purpose of providing its Services

Data that could identify the User

Personal identifiable information are data that includes the name or another User ID that can be traced back to the name, postal address or email or other information that personally identifies a User. Sherlock will share this data only under the following circumstances:

  1. With the Police: in case of thief of the Users’ bicycles;
  2. With companies engaged in providing services to Sherlock like: process orders, emails or credit card management. These companies are obliged by contract to protect all personal data received from Sherlock.
  3. When disclosure is reasonably necessary to comply with a law, regulation, or legal proceedings. In this case, Sherlock will do its best to provide Users with notice in advance by email, unless Sherlock is prohibited by a court order from doing so or where the request or legal process is directly related to a regulatory investigation. In the latter case, Sherlock will ensure User that any information disclosed is treated as confidential.
  4. If Sherlock believes that disclosure is necessary in order to prevent serious and imminent damage to persons or property, or to prevent fraud, or to protect the safety of Sherlock and User data services.
  5. If it is necessary in connection with the sale, merger, bankruptcy, sale of assets or reorganization of our company, your PII can be sold or transferred as part of that transaction as permitted by law. The promises in this Privacy Policy will apply to your data as transferred to the new entity.

Data that does not personally identify the User

Sherlock may sell or share aggregate data, not identifying, that does not identify the identity of the Users, co

No partner or the general public. In providing this information, Sherlock will take all legal and technical measures to ensure that the data do not allow to trace the identity of utenti.Dati for which the User gives consent to the sharing Users can agree to share their data with third parties . Sherlock is not responsible for the data processing carried out by third parties. Once provided consent to the sharing of data with third parties, the processing of such data falls within the Privacy Policy of such third parties. You should carefully review the privacy policy of any third party and you can revoke your consent to sharing with third parties at any time.

Data Retention

Sherlock store the Users’ personal data of only for the necessary time to providing of its services, unless a longer period of storage is required by law.

After this period, Users’ personal data will be processed anonymously.

How to change data

The data provided to Sherlock through the Website or the App may be edited in the User preferences. By removing User data from the Account, they will not be visible to the User anymore, who will no longer able to use the Sherlock Services. The backups of the User data will remain stored by Sherlock, on its servers.

How to deactivate the Sherlock Account

Users can deactivate the Sherlock Account by contacting our customer service. In this case, the personal identification data will be removed from the Service, including, among others, email address, and any customizations. Backup copies of this data will be removed from Sherlock server based upon an automated schedule, which means it may persist in our archive for a short period of time. Sherlock may continue to use Users’ aggregated and de-identified data.

Can you opt-out of receiving Sherlock emails?

Users can opt-out of receiving Sherlock emails by changing the notification preferences in your account settings or unsubscribing via the “Unsubscribe” link present in all emails sent by Sherlock. The Opting-out of these emails will not end transmission of important service-related emails that are necessary to your account maintenance or to use the Sherlock Services.

Users rights

At any time Users may exercise their rights under sect. 7 of the Italian Privacy Code – which for convenience is reproduced in full below – in order to obtain confirmation of the existence or not of their personal data, to know their content and origin, verify its accuracy or request its integration updating, or correction. Under the same provision the User may also request cancellation, transformation into anonymous form or blocking of data processed in violation of the law, and oppose any case, for legitimate reasons, their treatment. Requests should be addressed Sherlock, in acting as the controller, at the addresses indicated in this statement ut supra.

Section 7

(Right to Access Personal Data and Other Rights)

  1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in

intelligible form.

  1. A data subject shall have the right to be informed
  2. a) of the source of the personal data;
  3. b) of the purposes and methods of the processing;
  4. c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
  5. d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); and
  6. e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
  7. A data subject shall have the following rights:
  8. a) to obtain updating, rectification or, where interested therein, integration of the data;
  9. b) to obtain erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
  10. c) to obtain certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
  11. A data subject shall have the right to object, in whole or in part,
  12. a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
  13. b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.

Sherlock policy with respect to children

Our services are not intended for persons under 13 years. In compliance with the Italian laws and the UN Convention on the Rights (Convention on the Rights of the Child – CRC) of 11.20.1989, If we learn that we have collected the Personal Information from a child under 13, we will take steps to delete the information as soon as possible. Users who eventually are aware of a User under the age of 13 using a Sherlock Website or App are invited to contact us at support@sherlock.bike.