European Privacy Policy

Last updated March, 2021

We take your privacy seriously

The following European Privacy Policy applies to residents of the European Union, the European Economic Area, United Kingdom and Switzerland.

This Notice supplements the information contained in the Locus Privacy Statement

Personal Data and Processing.

For the purposes of this European Privacy Policy:

Personal Data” means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of such natural person; and

Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

PRIVACY SHIELD NOTICELocus complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the EU and the United Kingdom and Switzerland to the United States. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles will take precedence. To learn more about the Privacy Shield Framework and to view our certification, please visit While Locus is certified under the EU-U.S. Privacy Shield Framework, based upon the European Commission’s Decision 2016/1250 of 12 July 2016, we no longer rely on the EU-U.S. Privacy Shield Framework as a basis for transferring data from the European Union to the United States and instead rely on alternative cross-border transfer mechanisms and safeguards. If you have a question about a particular mechanism or safeguard used by Locus, please contact us using the contact information listed at the end of the Privacy Statement below.

Purposes and Legal Bases for Processing Personal Data. As described in the Privacy Shield Principles (, Locus is accountable for personal data that it receives and subsequently transfers to third parties. If third parties that process personal data on our behalf do so in a manner that does not comply with the Privacy Shield Principles, we are accountable, unless we prove that we are not responsible for the event giving rise to the damage. The types of third parties with which we may share your personal data are set out in the sections of this Policy entitled “HOW DO WE SHARE THE PERSONAL DATA.” The categories of personal data Locus may receive, as well as the purposes for which Locus collects and uses the personal data, are set out in other relevant sections of this Policy, including in those entitled “WHAT PERSONAL DATA DO WE COLLECT” and “HOW DO WE USE THE PERSONAL DATA COLLECTED.”

Our legal bases for the processing of Personal Data are: (i) consent or (ii) any other applicable legal bases, such as our legitimate interest in engaging in commerce, offering products and services of value to the customers of the Locus Services, preventing fraud, ensuring information and network security, direct marketing and advertising, and complying with industry practices.

Additional Rights for European Residents. As a resident of the EU or a country following substantially similar legislation regarding the protection of Personal Data, individuals may have one or more of the following additional rights:

Access: To request a copy of the Personal Data we have collected about you by contacting us.

Rectification & Erasure: To request that we rectify or delete any of the Personal Data about you that is incomplete, incorrect, unnecessary or outdated.

Objection: To object, at any time, to Personal Data about you being Processed for direct marketing purposes.

Restriction of Processing: To request restriction of Processing of Personal Data about you for certain reasons, such as, for example, if you consider Personal Data about you collected by us to be inaccurate or you have objected to the Processing and the existence of legitimate grounds for Processing is still under consideration.

Data Portability: To request and receive the Personal Data we have collected about you in a commonly used and machine-readable form.

Right to Withdraw Consent: If Personal Data about you is processed solely based on your consent and not for any other legitimate interest, to withdraw your consent at any time, without affecting the lawfulness of our Processing based on such consent before it was withdrawn, including processing related to existing contracts for our products and services.

Right to Lodge a Complaint with a DPA: If you believe our Processing of Personal Data about you is inconsistent with the applicable data protection laws, to lodge a complaint with your local supervisory data protection authority (“DPA”).

To exercise any of the above listed rights, please contact us as set forth below and provide sufficient details so that we can respond appropriately. We will process any requests in accordance with applicable law and within a reasonable period of time. We may need to verify the identity of the individual submitting a request before we can address such request. If the request relates to data our customers collect and process through the Locus Services, we will refer the request to that customer and will support them in responding to the request.  For Locus customers, certain information may be reviewed, corrected and updated by logging into the Locus Services account and editing the profile information.

Questions and Complaints. In compliance with the Privacy Shield Principles, Locus commits to resolve complaints about our collection or use of your personal data. EU, UK and Swiss users with inquiries or complaints regarding this Policy should first contact us by email at [email protected], or please write to the following address:

Locus Robotics Corporation
301 Ballardvale St.
Wilmington, MA 01887
Attn: Data Privacy

Locus has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to JAMS, an alternative dispute resolution provider located in the United States, at no cost to you. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please visit the website for more information or to file a complaint. If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit:

U.S. Federal Trade Commission Enforcement. Locus’ commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Compelled Disclosures. Locus may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Privacy Shield and Data Protection Contact. Unless otherwise specified, the data “controller” of Personal Data uploaded to the Locus Services is the Locus customer for whom such Services are provided and Locus is the  data “processor” of such Personal Data for such customer. In certain cases, Locus may also be the controller of aggregated, anonymous or pseudonymous data relating to the Locus Services. Our Privacy Shield contact for the Personal Data collected in connection with the Locus Services is:

Attn: Fouad Khalil
Locus Robotics Corporation
301 Ballardvale St.
Wilmington, MA 01887
Attn: Data Privacy
Email: [email protected]