Legal

Privacy Policy

Last updated: template — pending legal review.

Sherpsy is a household operating system. This policy explains what we collect, why, and the choices you have. We wrote it to be read.

What we collect

Account details from your chosen sign-in provider (name, email), the content you add to your household (calendar events, lists, chores, assets, utilities), and basic device information for notifications. We collect the minimum needed to run the features you use.

What we cannot see

Vital Vault contents are end-to-end encrypted on your device before they reach us. We store only ciphertext, salts, and wrapped keys — we cannot read your vault. Contact matching for lending uses a one-way hash; your address book never leaves your device.

How we use data

To provide the service, sync your household across devices, send the notifications you opt into, and check your assets against public recall databases. We do not sell your data.

Children

Children's accounts are created and consented to by a household admin. On a child's session, no behavioral advertising and no third-party analytics run, and background location is never collected. This is enforced in the product, not just promised here.

Third parties

We rely on infrastructure and service providers (hosting, database, email, error monitoring, and, for recall data, NHTSA and the CPSC). Recall information from those agencies may be incomplete or delayed; confirm with the manufacturer before relying on it.

Your choices

You can edit or delete your content at any time. Deleting your account is a real deletion — a short grace period, then a hard purge of your data and stored files, including from object storage.

Contact

Questions about this policy? Reach us at privacy@sherpsy.com.

This document is a working template for the marketing site and is not yet legal advice. It will be reviewed and finalized with counsel before launch.