Shergroup Digital uses a small number of trusted third-party platforms to deliver the digital marketing services we provide to our clients. These are our “sub-processors” — companies who handle some of the data our clients trust us with, in service of the work we are paid to do.
We list them here, openly, because we believe a client (and a prospective client) is entitled to know which platforms touch their data before they engage us. The list below is the same list that appears in our Data Processing Addendum (DPA), which is the contract that governs how we handle personal information on a client’s behalf.
Each of the platforms below was chosen for one of three reasons: it is the established standard for its category, it integrates cleanly with the rest of our stack, or its security and data-handling practices are independently verifiable. We do not switch sub-processors casually — changes are notified to active clients in advance under our DPA.
All of our sub-processors are bound by data-protection terms at least as protective as our own. Where a sub-processor is based outside the United Kingdom or European Economic Area, we rely on the EU Standard Contractual Clauses or the UK International Data Transfer Agreement to protect personal data in transit.
This list covers the production services we use — the platforms involved in delivering work for clients. It does not include the internal productivity tools we use to run our business (email, document storage, accounting, etc.), which are governed by our own internal policies and our DPA.
WP Engine hosts websites we build for our clients. When a visitor uses one of those websites — fills in a form, browses pages, makes a purchase — their interaction passes through WP Engine’s infrastructure. Privacy: wpengine.com/legal/privacy
ActiveDemand is the platform we use to manage client contact lists, send email campaigns on behalf of clients, and run marketing automation. When a client engages us to run their email marketing or to manage their CRM, we use ActiveDemand to do so. Privacy: activedemand.com/privacy
RampedUp provides business contact data we use for prospecting, list-building and seeding new email programmes. The information involved is publicly available business contact data — name, role, company, business email — not personal-life information. Privacy: rampedup.io/privacy-policy.
We use Google Analytics 4 to measure website performance, Google Search Console to track search visibility, and Google Ads to run paid search campaigns where clients have engaged us to do so. Privacy: policies.google.com/privacy
Where a client engages us to run paid social advertising, we use Meta’s advertising platform to deliver and measure those campaigns on Facebook and Instagram. Privacy: facebook.com/privacy/policy
Where a client engages us to run paid B2B advertising on LinkedIn, we use LinkedIn’s advertising platform to deliver and measure those campaigns. Privacy: linkedin.com/legal/privacy-policy
If we add, change or remove a sub-processor, we update this page first. Active clients are notified by email under the terms of our DPA, with at least fourteen (14) days’ notice before the change takes effect. Clients who object to a new sub-processor on reasonable data-protection grounds may raise that with us in writing within the notification period.
This page should be considered the current authoritative list at the date shown at the top. The change log below records prior versions.
If you have a question about any of the sub-processors above — or about how we handle personal information more generally — please contact us
Shergroup Global Consulting LLC d/b/a “Shergroup Digital”
Suite 200, 1420 Celebration Boulevard, Celebration, FL 34747, USA
Phone: +1 407 545 7337
Email: hub@shergroup.com