Legal

Privacy Policy

Last Updated May, 2024

We take your privacy seriously

This Privacy Policy describes the personal data that we collect, how we obtain the data, how we may use or disclose that data, the security measures we have in place to protect this data, and the rights you have with respect to this data.

If you are a resident of California or the European Union (EU), European Economic Area (“EEA”), and UK, you may be entitled to certain individual rights under the California Consumer Privacy Act of 2018 [as amended by the California Privacy Rights Act of 2020 (“CPRA”)] (collectively, “CCPA”), or the General Data Protection Regulation (“GDPR”) and the UK Data Protection Act 2018 respectively. Please see our California Privacy Notice or EU/UK Privacy Notice for your rights and how to exercise them for users located in California and the EEA and UK.

Collection and Use of Personal Information

This Privacy Policy covers our privacy practices with respect to the collection, use, and disclosure of information obtained: (i) through the Locus website at www.locusrobotics.com and our other websites and digital properties that link to, or expressly adopt or refer to, this Privacy Policy (hereinafter, collectively our “Websites”); (ii) in connection with the use of our autonomous robotics solution (the “Subscription Service”) and related support services, including customer success and other professional services (the “Support Services”) that we provide to Customers.

Please note that data collected in connection with human resource functions for our employees and prospective employees are covered by our Employee and Applicant Employee Privacy Notice.

For the purposes of this Privacy Policy:

“Customer” means any entity that purchases a license or subscription to any portion or component of the Services.

“Customer Data” means the Personal Data uploaded into or otherwise made accessible to any portion of the Services by or for Customer or its Users, as further described below.

“Services” shall mean, collectively, the Subscription Service and Support Services.

“User” means an individual authorized by or on behalf of a Customer to access and/or make use of any portion or component of the Services, as further described in the applicable Customer Agreement.

“Visitor” means a visitor to one of the Websites.

When you interact with the Websites or the Services, you consent to the collection, use, and disclosure of information as described in this Privacy Policy.  If you do not consent to the terms of this Privacy Policy, do not continue to interact with or use the Websites or the Services. 

Due to the global nature of the use of the Websites and Services, our privacy practices may vary among the states, countries, and regions in which we operate in order to comply with applicable legal requirements.

European and UK Residents:  Please see our EU/UK Privacy Notice for residents of the European Union, the European Economic Area, United Kingdom or Switzerland.

Website

For all Visitors, Locus operates as the controller of your Personal Data. The following information applies to the Personal Data collected by Locus from Visitors of our Website.  For information with regard to the Cookies we collect on our Visitors, please refer to Cookie Settings below.

What Personal Data Do We Collect?

We may collect the following categories of Personal Data about you which are described in more detail below: (A) Personal Data we collect directly from you, (B) Personal Data collected from third parties, (C) Personal Data we collect as you navigate through our Websites, and (D) Personal Data collected through cookies and other forms of automated collection.

Personal Data We Collect Directly from You

When you access, use, and/or interact with our Websites, express an interest in obtaining additional information about our services, request a demo, or download certain content, we directly collect information you voluntarily provide to us, which includes:

Your contact information such as your name, job title, company name, phone number, or email address.

Communications with us, preferences, and other information such as any messages, opinions, and feedback that you provide to us, your User preferences (such as in receiving updates or marketing information), and other information that you share with us when you contact us directly (such as for customer support services); and

Additional Information as otherwise described to you at the point of collection or pursuant to your consent.

Personal Data Collected from Third Parties

Locus may collect and use information we receive from third parties in connection with your use of the Websites.  For instance, Locus may use a third party for reporting and analytics to measure the effectiveness of our Websites and marketing efforts, and to identify areas for improvement.

We also obtain business information and your Personal Data from third-party sources, as permitted by applicable law, such as the following:

information collected by our marketing service providers on our behalf, which are a variety of marketing lead generation service providers, marketing opt-in lists or data aggregators or professional event organizers;

information shared with us by Locus business partners as part of their referral activities;

public databases or other data you may have made publicly available, such as social media posts on professional networks and social media platforms; and

information shared with us by a third party who recommended you once you have confirmed your agreement for us to keep and process such data (for the purpose of providing you with updates about Locus services).

This Privacy Policy only applies to Personal Data collected by our Websites. We are not responsible for the privacy and security practices of other websites or social media platforms or the information they may collect (which may include IP address). You should contact such third parties directly to determine their respective privacy policies. Links to any other websites or content do not constitute or imply an endorsement or recommendation by us of the linked website, Social Media Platform, and/or content.

Personal Data We Collect as You Navigate Through the Websites

As you navigate through the Websites, we also collect details about your visits to our Websites including, but not limited to, your IP address, usage patterns, traffic data, location data, logs and other communication data and the resources that you access, as well as information about your computer and internet connection, including your operating system, mobile device and browser type.

Cookies and Other Forms of Automated Collection

What is a Cookie?

A “cookie” is a unique numeric code that we transfer to your computer so that we can keep track of your interests and/or preferences and recognize you as a return Visitor to the Websites. We may use cookies, log files, pixel tags, web bugs, web beacons, clear GIFs, Local Storage Objects (LSOs) such as HTML5 and Flash or other similar technologies to collect information about the ways you interact with and use the Websites, to support and enhance features and functionality, to monitor performance, to personalize content and experiences, for marketing and analytics, and for other lawful purposes.

When you visit our Websites, we, or an authorized third party may place a small text file called a “cookie” on your computer’s browser directory. Cookies are designed to collect information, which includes Personal Data, about your online activities over time and across different sites.

Session-based cookies exist only during one session and disappear from your computer when you close your browser or turn off your computer. Persistent cookies remain on your computer or device after you close your browser or turn off your computer. You can control the use of cookies at the individual browser level, but choosing to disable cookies may limit your use of certain features or functions on our Websites.

The following describes how we use different categories of cookies and similar technologies and your options for managing our collection of cookies.

Different Categories of Locus Cookies

The cookies that Locus uses fall into the following categories:

Necessary: Without these cookies, we are unable to provide many services needed for the Websites to function (e.g., essential cookies to help protect the security of the Websites). These cookies are required for the Websites to function, so they are the only category of cookies you cannot refuse.

Performance and Analytics: These cookies track information about how the Website is being used so we can make improvements and report on the Websites’ performance. These cookies are designed to enhance the function, performance, and services on the website, and may track behavior of Visitors for analytics and advertising purposes. These cookies may either be first-party cookies (set by Locus) or third-party cookies (set by authorized third parties). Our third-party cookies include the use of Google Analytics, Eloqua, Facebook, and LinkedIn).

Functional Cookies: These are cookies used to enhance the performance of our Websites and to remember information you entered, and choices you made with respect to our Websites, but are not essential to your use of the Websites. We may use our own technology or third-party technology, including Eloqua to provide functional cookies.

Advertising Cookies: These third-party cookies are placed by advertising platforms or networks on our Websites in order to track ad performance, and to enable advertising networks to deliver ads that may be relevant to you based upon your activities (referred to as “re-marketing”). For more information on re-marketing, please see “Re-Marketing Activities” below. Locus contracts with third parties such as Facebook and GoogleAds to support the advertising cookies’ purpose.

How Do We Use Cookies?

The cookies we collect help us facilitate a safe interaction for you on our Websites, enhance the function, performance and services on the Websites, provide social media features, and analyze our Website traffic. We also allow authorized third parties to use cookies to enhance your use of our Websites with social media, advertising, and our analytics partners. We use both session-based and persistent cookies on our Websites.

Re-Marketing Activities

We use third-party pixels or web beacons on our Websites to track activity for web analytics and for re-marketing activities. “Re-marketing activities” means that our third parties will continue to show ads to you across the internet, but we will not be collecting any identifiable information about you through this remarketing system. The third-party vendors we use will place cookies on web browsers in order to serve ads based on past visits to our Websites. This allows us to make special offers and continue to market our services to those who have shown interest in our service.

For more information, visit the help page for your web browser or see http://www.allaboutcookies.org or visit www.youronlinechoices.com for more information about behavioral advertising and online privacy.

Please refer to your browser tools for specific instructions. Here are a few of the more popular browsers:

Google Chrome Firefox Safari Microsoft Edge

How Do We Use the Personal Data Collected?

We may use Personal Data that we collect about Visitors for the following purposes:

To protect the security of our Websites.

Enable the sharing of content across various social networks.

Enhance the function, performance, and services on the Websites.

To track the behavior of the Users on the Websites.

To present our Websites and their contents in a suitable and effective manner for you and for your computer.

To diagnose and resolve technical problems with our Websites.

To improve our Websites.

To fulfill contracts we have with you.

To provide you with information, products, or services that you request from us.

To respond to your inquiries and questions and provide customer service.

To notify you about changes to our Websites or obtain any required consent.

To allow you to participate in interactive features of our Websites, when you choose to do so.

To manage, improve, and foster relationships with third-party service providers, including vendors, suppliers, and parents, affiliates, subsidiaries, and business partners.

For industry analysis, benchmarking, analytics, marketing, and other business purposes.

To track your browsing behavior, such as the pages you visited over time.

To comply with our Terms & Conditions.

To comply with any applicable laws and regulations and respond to lawful requests.

For any other purposes disclosed to you at the time we collect your Personal Data and/or pursuant to your consent.

YOUR CHOICES

Marketing Communications. If you do not want to receive marketing and promotional emails from us, you may click on the “unsubscribe” or “Update Subscription Preferences” links in emails we send you to unsubscribe and opt out of marketing email communications or see “Contact Information” below for more information.

Text Messages.  You may sign up to receive text messages from Locus or third-party service providers on behalf of Locus (e.g., text message marketing).  By using our Websites or Services, signing up for text messaging services or otherwise opting in to receive text messages (opting in via short code or entering your phone number into an on-site collection widget), you agree that you have provided Locus or its third-party service providers with prior express written consent to be contacted by text message, including recurring automated promotional and personalized marketing text messages.

By providing prior express and/or prior express written consent, you agree to receive text messages under the Telephone Consumer Protection Act and related state laws, including by the use of an automatic telephone dialing system (“ATDS”) to deliver text messages to the mobile phone number which you provided to Locus.  While you consent to receive messages sent using an ATDS (or “autodialer”), the foregoing shall not be interpreted to suggest or imply that any or all of Locus mobile messages are sent using an autodialer.  We will use the Personal Data provided by you in connection with the text messaging services in accordance with this Privacy Policy.  Your consent is not a condition of any purchase or use of our Websites and Services and your consent to be contacted as described is voluntary.  The number of text messages you receive may vary based upon the text messaging service(s) you sign up for.  Message and data rates may apply.

You may revoke your consent and opt out to discontinue text messages at any time.  If you no longer want to receive text messages from us, reply STOP (or as otherwise instructed).

Opting Out of Direct Marketing by Third Parties. To exercise choices regarding the marketing information you receive, you may also review the following links:

You may opt out of tracking and receiving tailored advertisements on your mobile device by some mobile advertising companies and other similar entities by downloading the App Choices app at www.aboutads.info/appchoices.

You may opt out of receiving permissible targeted advertisements by using the NAI Opt-out tool available at http://optout.networkadvertising.org/?c=1 or visiting About Ads at http://optout.aboutads.info.

You can opt out of having your activity on our Websites made available to Google Analytics by installing the Google Analytics opt-out add-on for your web browser by visiting: https://tools.google.com/dlpage/gaoptout for your web browser.

You may also exercise applicable data subject rights as laid out in the EU/UK Privacy Notice or the  CCPA Privacy Notice.

How Do We Share or Disclose the Personal Data Collected?

Subject to any applicable data privacy law, or regulation, we may share, disclose, or transfer Personal Data that you provide to us via the Websites, to the following third parties:

Third-Party Service Providers.  We may share your Personal Data with third-party service providers that perform certain functions or services on our behalf (such as to host the Websites, manage databases, perform analyses, process credit card payments, provide customer service, or send communications for us). These third-party service providers are authorized to use your Personal Data only as necessary to provide these services to us. In some instances, we may aggregate Personal Data we collect so third parties do not have access to your identifiable Personal Data to identify you individually.

Disclosure of Information for Legal and Administrative Reasons.  We may disclose your Personal Data without notice: (i) when required by law or to comply with a court order, subpoena, search warrant, or other legal process; (ii) to cooperate or undertake an internal or external investigation or audit; (iii) to comply with legal, regulatory, or administrative requirements of governmental authorities (including, without limitation, requests from the governmental agency authorities to view your Personal Data); (iv) to protect and defend the rights, property, or safety of us, our subsidiaries and affiliates, and any of their officers, directors, employees, attorneys, agents, contractors, and partners, and the consumers generally; (v) to enforce or apply our Terms & Conditions; and (vi) to verify the identity of an individual.

Business Transfers. Your Personal Data may be transferred, sold, or otherwise conveyed (“Conveyed”) to a third party where we: (i) merge with or are acquired by another business entity; (ii) sell all or substantially all of our assets; (iii) are adjudicated bankrupt; or (iv) are liquidated or otherwise reorganize.

Information Shared with our Subsidiaries and Affiliates. We may share your Personal Data with our subsidiaries and affiliates.

De-Identified or Aggregated Data. We may share your Personal Data on an aggregated basis for any purpose in which your specific Personal Data is blinded, masked, or otherwise not identifiable.

With Your Consent. We may share Personal Data consistent with this Privacy Policy with your consent.

Categories of Information Sold

We may sell the below categories of Personal Data. For purposes of this Privacy Policy, “sell,” “sold,” or “sale” means the disclosure of Personal Data for monetary or other valuable consideration but does not include, for example, the transfer of Personal Data as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.

Category of Information	Examples of Personal Data Disclosed
Identifying Information	Name, mailing address, email address, phone number, date of birth, and other identifiers.
Payment Information	Your name and billing totals for payment and invoice processing. Note that we use third-party payment processors to facilitate your payments and do not store your payment card information.
Usage and Technical Information	Information about your interaction with our Websites and content on third-party sites or platforms, such as social networking sites (e.g., IP address; browsing history; search history; device information; information about User’s interaction with Websites such as scrolling, clicks, and mouse-overs via cookies, pixel tags, web beacons, transparent GIFs; browser information; operating system and platform; geolocation information; User content (e.g., photos, videos, audio, images, social media /online posts, first-party works).

How Long Do We Keep a Visitor’s Personal Data?

We may retain a Visitor’s Personal Data for the period of time which is consistent with the original purposes of collection, as determined in our sole discretion, and in accordance with our record retention policies.  When determining the retention of your Personal Data, we will evaluate the amount, nature, and sensitivity of such Personal Data processed, the potential risk of harm from the unauthorized use or disclosure of your Personal Data, and whether we can achieve the purposes of the processing such Personal Data through other means, as well as applicable legal requirements.  Upon the expiration of the applicable retention period, your Personal Data will be deleted.  Any information we are unable to delete entirely from our systems will have measures in place to prevent any further access and use of such data.

Services

For all Customers and Users, Locus operates as the processor of applicable Customer Data. The following information applies to the Personal Data collected by Locus from Customers and Users of our Services.  Data subject requests for Customer Data must be made through the applicable Customer as the controller of the Customer Data.  Locus will comply with all data subject access requests in accordance with the provisions of the applicable contract between the applicable Customer and Locus.

What Customer Data Do We Collect?

We collect the following Customer Data from and/or about our Customers and Users (collectively, the “Customer Data”), including:

General information, including a Customer’s company name and address, and the Customer representative’s contact information including name, email address, and telephone number (“General Information”) for billing and contracting purposes.

Information our Customers and Users submit to us in connection with the use of our Services, including the User ID (can be pseudonymized or anonymized), name (optional), picture of the User and language preference.

Server logs in support of the Services, which may contain login and logout times, device identification numbers etc.

We also collect information that is not defined as Personal Data in providing the Services to Customers such as: (1) task data from the Customers’ warehouse management system including Task ID, Task Description, Task Type, Task Location and Quantities associated with the task; (2) performance or statistical data derived and/or generated from the operation of the Service, including pick/activity rates, location of picks/activities and timing of when the work is completed (the “Derived Data”).  Such Derived Data may include User IDs if Customer chooses to store and report on Derived Data by User, however, the User ID can be pseudonymized or anonymized. Other than fulfilling specific data processing and/or reporting obligations for our Customers pursuant to Customer Agreements, all of this Derived Data collected, used, and disclosed will be in aggregate form only and will not identify any Customer or its Users, unless otherwise provided in a Customer Agreement.

How Do We Use Customer Data?

We use Customer Data to provide, maintain, and improve the Services, including providing Support Services. Notwithstanding anything else to the contrary in this Privacy Policy, we will not use, disclose, review, share, distribute, transfer, or reference any Customer Data except as permitted in the Customer Agreement, or as required by law.

What Cookies Do We Use with the Services?

When you use the Subscription Service, we use cookies to:

Authenticate your access to the Subscription Service.

Route a browser request to a specific node when multiple nodes are assigned.

Recognize you when you return to the Subscription Service.

A User may refuse to accept the “remember me” cookie, which will then require a User to provide their username and password to log into the Subscription Service.

How Do We Share the Personal Data Collected?

As a processor of Customer Data, we only share the Personal Data collected in accordance with the Customer’s instructions, as permitted in the applicable Customer Agreement.  Subject to any applicable data privacy and protection law and regulation, we may disclose Customer Data to third parties solely to:

Comply with any court order or other legal obligation.

Enforce or apply the terms of the definitive agreement between Customer and Locus pursuant to which the Customer purchased access to any portion or component of the Services (the “Customer Agreement”).

Protect the rights, property, or safety of Locus, our Customers, Users, or others.

How Long Do We Keep Customer Data?

We may keep Customer Data for the period of time which is agreed upon in the applicable Customer Agreement.

Communication Preferences and Choices Regarding Your Personal Data

Since each Customer is the controller of the Personal Data submitted to Locus as a processor, Users and such individuals must contact the applicable Customer administrator with any inquiries about how the Customer uses and discloses Personal Data and how to access or correct Personal Data contained in Customer Data.  Locus will comply with all obligations agreed to between the relevant Customer and Locus to effectuate any data access rights a User may have with respect to Locus’s processing of the relevant Personal Data.

For further information on how to exercise your rights, please see the section above titled “Your Choices” as well as our separate EU/UK Privacy Notice or CCPA Privacy Notice.

International Transfers

Your information may be transferred by us, our affiliates and/or third parties outside the country in which you are located, including the United States. Such countries may not offer the same level of protection as in other parts of the world in terms of data protection and privacy regulations. By providing us with your information and confirming your consent, you agree to such transfer and/or processing. When we transfer your data outside of the EU/EEA, we will ensure that your data is transferred and processed securely in a manner which provides a degree of protection of your Personal Data similar to the EU/EEA. For further information, please see our EU/UK Privacy Notice for residents of the European Union, the European Economic Area, United Kingdom, or Switzerland.

Complaints

We are committed to resolving any complaints about our collection or use of your Personal Data. If you would like to make a complaint regarding this Policy or our practices in relation to your Personal Data, please contact us at: privacy@locusrobotics.com. We will reply to your complaint as soon as we can and in any event, within forty-five (45) days. We hope to resolve any complaint brought to our attention, however if you feel that your complaint has not been adequately resolved, you reserve the right to contact your local data protection supervisory authority. The services of EU DPAs are provided at no cost to you.

Data Retention

We will retain information for as long as needed to provide you with goods and services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. In accordance with our routine record keeping, we may delete certain records that contain information you have submitted to us. We are under no obligation to store such information indefinitely and disclaim any liability arising out of, or related to, the destruction of such information.

Security Statement

To prevent Personal Data from loss, misuse and unauthorized access, disclosure, alteration, or destruction, to maintain data accuracy, and to ensure the appropriate use of Personal Data, we employ administrative, technical, and organizational measures that are reasonably designed to help safeguard the information we collect. Only authorized Locus personnel have access to the Personal Data, including server logs and cookie utilization data, that we collect. These individuals are required to follow strict security policies and procedures. Locus may use encryption, secure socket layer, firewall, password protection and other physical and logical security measures to help prevent unauthorized access to such. Locus may also place internal restrictions on who in the company may access data to help prevent unauthorized access to such information.

Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. Therefore, despite our efforts, we cannot guarantee its absolute security. We do not warrant or represent that Personal Data you provide will be protected against loss, misuse, or alteration by third parties.

If you use the Websites or the Services, you are responsible for maintaining the confidentiality of any of your access credentials, including any password. You are responsible for restricting access to your computer, and you agree to accept responsibility for all activities that occur under your access credentials. We cannot secure any Personal Data that you release on your own, that you request us to release or that is released through another third party to whom you’ve given access.

Where required under applicable law or by contract, we will notify the appropriate parties or individuals of any loss, misuse and unauthorized access, disclosure, alteration, or destruction of Personal Data so that such parties or individuals can take the appropriate actions for the due protection of their rights. If such Personal Data is information of a Locus Customer, we will notify such Customer and coordinate with them regarding any required notices to particular individuals, including any Users. Please report any known or suspected security violations at privacy@locusrobotics.com..

Your California Privacy Rights

If you are a California resident, the CCPA and California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Data to third parties for their direct marketing purposes, among other rights. To learn more about your California privacy rights, please read our CCPA Privacy Notice.

Third-Party Websites and Applications

The Website or Services may link to other websites or resources that are not owned or controlled by Locus (“External Websites”). Such links do not constitute an endorsement by Locus of those External Websites. You acknowledge that Locus is providing these links to you only as a convenience, and further agree that Locus is not responsible for the content of such External Websites. Your use of External Websites is subject to the terms of use and privacy policies located on the applicable External Website. We encourage you to be aware when leaving our Websites or Services and to read the privacy statements of External Websites that collect your Personal Data.

Children’s Privacy

We recognize the importance of protecting the privacy and safety of children. The Websites and Services are not intended for children under thirteen (13) years of age. We do not knowingly collect Personal Data from children under thirteen (13). Anyone under thirteen (13) should not use the Locus Websites or Services. If we learn we have collected or received Personal Data from a child under thirteen (13) without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under thirteen (13), please contact us as set forth below.

“Do Not Track” Signals

We [do not] support “Do Not Track.” Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable “Do Not Track” by visiting the “Preferences” or “Settings” page of your web browser. Do Not Track is different from Global Privacy Controls (“GPC”), which may notify websites of consumers’ privacy preferences regarding the sale or sharing of personal Information, or the use of sensitive personal information.

Difficulty Accessing Our Privacy Policy

Individuals with disabilities who are unable to usefully access this Privacy Policy or our separate EU/UK and California Privacy Notices online may contact us to inquire how they can obtain a copy of such policies in another, more easily readable format.

Changes to Our Privacy Policy

Locus reserves the right to update or change this Privacy Policy from time to time. If Locus’ Privacy Policy is updated, we will notify you by posting the new Privacy Policy on this web page and updating the revision date above (and obtain your consent where required). Except where express consent is required by applicable law, Customer Agreements or End User License Agreements, your continued use of the Websites and/or Services is deemed to be acceptance of any updates or changes we make to this Privacy Policy.  Accordingly, we ask that you review the Privacy Policy periodically for any updates or changes that we may have made.