EmailShepherd
View demo

EmailShepherd Privacy Policy

Sheepish Software Ltd, trading as EmailShepherd ("EmailShepherd", "we", "us"), is a company registered in England and Wales (company number 16254830). This privacy policy explains how we collect and use the personal data we hold, whether you visit our website, enquire about or use our product, or contact us.

We may collect your personal data because you provide it to us directly, or because your employer or a colleague is our customer and sets up an account for you to use EmailShepherd. In those cases, we are the controller of your personal data and this policy applies.

Alternatively, we may receive your personal data through the product because one of our customers has entered your details into their account. In those cases, we are the processor of your personal data and only process it in accordance with that customer's instructions; you should contact that customer about how your data is used.

Topics

  • What data do we collect?
  • How will we use your data?
  • What is our lawful basis?
  • How do we store your data?
  • Retention
  • Who do we share your data with?
  • Marketing
  • What are your data protection rights?
  • Cookies
  • Privacy policies of other websites
  • Changes to our privacy policy
  • How to contact us
  • How to contact the appropriate authority

What data do we collect?

By personal data we mean any information that identifies you, such as your name, email address, telephone number, or IP address. This website is not intended for children and we do not knowingly collect data relating to children.

Data you provide to us

From time to time you may provide personal data to us. This may be because you:

  • use our website;
  • enquire about, register for, or use our product or services;
  • apply for a job with us;
  • provide services to us as a supplier or contractor;
  • subscribe to receive product-update or marketing emails from us; or
  • otherwise contact us with queries, comments, or complaints.

Some personal data must be provided so that we can fulfil your request, for example to provide our services to you, and we will make this clear at the point we collect it. Where we need personal data by law or under a contract with you and you do not provide it, we may be unable to provide the product or service, in which case we will let you know.

All personal data you provide to us must be true, complete, and accurate. If you provide inaccurate or false data and we suspect or identify fraud, we may record and report this. When you contact us by email, we may keep a record of the correspondence, and we may keep a record of any telephone call we have with you.

Data we automatically collect about you

When you use our website or product, we automatically collect certain information about your device and activity, which may include:

  • technical information about your device, such as device type, browser, or operating system;
  • your preferences and settings, such as time zone and language; and
  • how long you used the website or product and which features you used.

Data we collect from connected third-party services

Where you choose to sign in or authenticate through a third-party service (such as a single sign-on provider), we receive basic account and profile information from that service to set up and secure your access, such as your name and email address.

Data we receive from others

Your employer or a colleague may provide personal data relating to you (for example, your email address) so that an account can be created for you. We may also receive personal data about you from our service providers, for example our payment or security providers, particularly in connection with any misuse of the product. If you apply for a job with us, we may receive personal data about you from your previous employer or other references.

How will we use your data?

EmailShepherd collects your data so that we can:

  • Create and administer your account and provide the product to you.
  • Take payment and manage billing.
  • Respond to your enquiries and provide customer support, including investigating and resolving issues.
  • Contact you about our products where you have asked us to or where we are otherwise permitted to (see "Marketing").
  • Operate and secure the service, and meet our legal and accounting obligations.

What is our lawful basis?

We only use your personal data where we have a lawful basis to do so, and which basis applies depends on why we collected the data. The bases we rely on are:

  • Consent — where you have given it, for example when you opt in to receive marketing or product-update emails from us. You can withdraw consent at any time.
  • Performance of a contract — to set up and run customer accounts, take payment, and provide the product.
  • Legal obligation — to comply with legal requirements, in particular keeping financial and accounting records.
  • Legitimate interests — our legitimate business interests in the normal running of our business, where these do not materially impact your rights, freedom, or interests.

How do we store your data?

We store your personal data securely using appropriate technical and organisational measures.

Some or all of your personal data may be stored or transferred outside the United Kingdom (UK) or European Economic Area (EEA), for example where our service providers are based outside the UK or EEA. Where this happens, your personal data is only transferred to countries recognised as providing adequate protection, or under approved safeguards such as the UK's International Data Transfer Agreement (IDTA) or Addendum, or the European Commission's Standard Contractual Clauses. Contact us if you require further information on the specific mechanism used.

Retention

We keep your personal data only as long as necessary for the purposes set out in this policy and to meet our legal obligations, after which it is deleted. Where we process personal data as a processor on a customer's instructions, we retain it in accordance with that customer's instructions.

Who do we share your data with?

We may share your personal data with service providers and sub-contractors we appoint to perform functions on our behalf and in accordance with our instructions, including IT service providers, payment providers, accountants, auditors, and lawyers. We provide them only with the personal data they need to provide their service to us, and we require them to protect it and to use it only for that purpose.

We may disclose your personal data where required to comply with applicable laws or regulations, or to protect the rights, property, or safety of others.

We may also share your personal data in connection with, or during negotiations of, any merger, acquisition, financing, or restructuring of our business, in which case we will notify affected users.

Marketing

We may send you information about our products and services where you have asked to hear from us or where we are otherwise permitted to. You can opt out of our marketing at any time using the unsubscribe link in any marketing email or by contacting us. Opting out of marketing does not stop necessary transactional or account-related messages.

What are your data protection rights?

Every user is entitled to the following:

  • The right to access – you can request copies of your personal data.
  • The right to rectification – you can ask us to correct inaccurate or incomplete data.
  • The right to erasure – you can ask us to delete your personal data, under certain conditions.
  • The right to restrict processing – you can ask us to restrict processing of your data, under certain conditions.
  • The right to object to processing – you can object to our processing of your data, under certain conditions.
  • The right to data portability – you can ask us to transfer your data to another organisation or to you, under certain conditions.

To exercise any of these rights, contact us at privacy@emailshepherd.com.

You will not normally have to pay a fee to exercise any of these rights. We may charge a reasonable fee, or decline to act, if a request is clearly unfounded, repetitive, or excessive.

We may ask you for information to confirm your identity before acting on a request. This is a security measure to make sure personal data is not disclosed to anyone who has no right to receive it.

We aim to respond to all valid requests within one month. If your request is complex or you have made several, it may take longer, in which case we will let you know.

If we process your data only as a processor on a customer's instructions, you will need to contact that customer to exercise your rights. If you contact us, we will notify the customer and assist them as required.

Cookies

We only use cookies that are essential for the normal functioning of our website and product, such as keeping you signed in. We do not use advertising or tracking cookies.

Privacy policies of other websites

Our website may contain links to other websites. This privacy policy applies only to our website, so if you follow a link to another website you should read their privacy policy.

Changes to our privacy policy

We keep our privacy policy under regular review and place any updates on this page. This privacy policy was last reviewed on 18 May 2026.

How to contact us

If you have any questions about this privacy policy, the data we hold about you, or you would like to exercise a data protection right, contact us:

Email: privacy@emailshepherd.com

Post: Sheepish Software Ltd, Suite E Ground Floor Profile West, 950 Great West Road, Brentford, United Kingdom, TW8 9ES

How to contact the appropriate authority

If you wish to make a complaint or feel we have not addressed your concern satisfactorily, you can contact the Information Commissioner's Office (ICO).

Website: ico.org.uk

Helpline: 0303 123 1113