Last updated January, 2021
We take your privacy seriously
Collection and Use of Personal Information
This Privacy Statement covers our privacy practices with respect to the collection, use, and disclosure of information obtained: (i) through the Locus website at www.locusrobotics.com and our other websites and digital properties that link to, or expressly adopt or refer to, this Privacy Statement (hereinafter, collectively our “Websites”); (ii) in connection with the use of our autonomous robotics solution (the “Subscription Service”) and related support services, including customer success and other professional services (the “Support Services”) that we provide to Customers, and (iii) in connection with human resource functions for our employees and prospective employees, as described below.
For the purposes of this Privacy Statement:
- “Customer” means any entity that purchases a license or subscription to any portion or component of the Services.
- “Customer Data” means the Personal Data uploaded into or otherwise made accessible to any portion of the Services by or for Customer or its Users, as further described below.
- “Services” shall mean, collectively, the Subscription Service and Support Services.
- “User” means an individual authorized by or on behalf of a Customer to access and/or make use of any portion or component of the Services, as further described in the applicable Customer Agreement.
- “Visitor” means a visitor to one of the Websites.
When you interact with the Websites or the Services, you consent to the collection, use and disclosure of information as described in this Privacy Statement. If you do not consent to the terms of this Privacy Statement, do not continue to interact with or use the Websites or the Services.
Due to the global nature of the use of the Websites and Services, our privacy practices may vary among the states, countries and regions in which we operate in order to comply with applicable legal requirements.
PRIVACY SHIELD NOTICE: Locus complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the EU and the United Kingdom and Switzerland to the United States. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles will take precedence. To learn more about the Privacy Shield Framework and to view our certification, please visit https://www.privacyshield.gov. While Locus is certified under the EU-U.S. Privacy Shield Framework, based upon the European Commission’s Decision 2016/1250 of 12 July 2016, we no longer rely on the EU-U.S. Privacy Shield Framework as a basis for transferring data from the European Union to the United States and instead rely on alternative cross-border transfer mechanisms and safeguards. If you have a question about a particular mechanism or safeguard used by Locus, please contact us using the contact information listed at the end of the Privacy Statement below.
For all Visitors, Locus operates as the controller of your Personal Data. The following information applies to the Personal Data collected by Locus from Visitors of our Website. For information with regard to the Cookies we collect on our Visitors, please refer to Cookie Settings below.
What Personal Data do we collect?
The following information reflects Personal Data that we have collected about you over the past 12 months. Personal Data Collected Directly from you
The Personal Data we collect directly from you:
When you access, use and/or interact with our Websites, we directly collect information you voluntarily provide us, such as when you download content or contact us, which includes:
- If you express an interest in obtaining additional information about our services, use our “Contact Us” or similar features, request a demo, or download certain content, we may require that you provide to us your contact information such as your name, job title, company name, phone number, or email address.
- When you register or request further information or services from us or participate in interactive features of our Websites.
- When you report a problem with our Websites.
Personal Data Collected from third parties
Locus may collect and use information we receive from third parties in connection with your use of the Websites. For instance, Locus may use a third party for reporting and analytics to measure the effectiveness of our Websites and marketing efforts, and to identify areas for improvement.
We also obtain business information and your Personal Data (such as your name, title, company name and email) from third party sources, as permitted by applicable law, such as the following:
- information collected by our marketing service providers on our behalf, which are a variety of marketing lead generation service providers, marketing opt-in lists or data aggregators or professional event organizers
- information shared with us by Locus business partners as part of their referral activities
- public databases or other data you may have made publicly available, such as social media posts on professional networks and social media platforms; and
- information shared with us by a third party who recommended you, once you have confirmed your agreement for us to keep and process such data (for the purpose of providing you with updates about Locus’s services).
Personal Data we collect as you navigate through the Websites
As you navigate through the Website, we also collect details about your visits to our Website including, but not limited to, your IP address, usage patterns, traffic data, location data, logs and other communication data and the resources that you access, as well as information about your computer and internet connection, including your operating system, mobile device and browser type.
Cookies and Other Forms of Automated Collection
What is a Cookie?
When you visit our Websites, we, or an authorized third party may place a small text file called a “Cookie” on your computer’s browser directory. Cookies are designed to collect information, which includes Personal Data, about your online activities over time and across different sites.
The following describes how we use different categories of cookies and similar technologies and your options for managing our collection of Cookies.
Different Categories of Locus Cookies:
The Cookies that Locus uses fall into the following categories:
- Necessary: Without these Cookies, we are unable to provide many services needed for the Websites to function (e.g. essential cookies to help protect the security of the Websites). Because these Cookies are required for the Websites to function, you cannot refuse them.
- Performance and Analytics: These Cookies track information about how the Website is being used so we can make improvements and report on the Websites’ performance. These cookies are designed to enhance the function, performance and services on the website, and may track behavior of Visitors for analytics and advertising purposes. These Cookies may either be first party Cookies (set by Locus) or third party Cookies (set by authorized third parties). Our third party Cookies include the use of Google Analytics, Eloqua, Facebook and LinkedIn).
- Functional Cookies: These are Cookies used to enhance the performance of our Websites, and to remember information you entered, and choices you made with respect to our Websites, but are not essential to your use of the Websites. We may use our own technology or third party technology, including Eloqua to provide functional Cookies.
- Advertising Cookies: These third party Cookies are placed by advertising platforms or networks on our Websites in order to track ad performance, and to enable advertising networks to deliver ads that may be relevant to you based upon your activities (referred to as “re-marketing”). For more information on re-marketing, please see “Re-Marketing Activities” below. Locus contracts with third parties such as Facebook, and GoogleAds to support the advertising Cookies’ purpose.
We use third-party pixels or web beacons on our Website to track activity for web analytics and for re-marketing activities. “Re-marketing activities” means that our third parties will continue to show ads to you across the internet but we will not be collecting any identifiable information about you through this remarketing system. The third-party vendors we use will place cookies on web browsers in order to serve ads based on past visits to our Website. This allows us to make special offers and continue to market our services to those who have shown interest in our service.
For more information, visit the help page for your web browser or see http://www.allaboutcookies.org or visit www.youronlinechoices.com for more information about behavioral advertising and online privacy.
To change your cookie settings and preferences for the Website
Please refer to your browser tools for specific instructions. Here are a few of the more popular browsers:
How Do We Use the Personal Data Collected?
We may use Personal Data that we collect about Visitors for the following purposes:
- To protect the security of our Website.
- Enable the sharing of content across various social networks.
- Enhance the function, performance, and services on the Websites.
- To track the behavior of the users on the Websites.
- To present our Websites and their contents in a suitable and effective manner for you and for your computer.
- To diagnose and resolve technical problems with our Website.
- To improve our Websites.
- To provide you with information, products or services that you request from us.
- To notify you about changes to our Websites or obtain any required consent.
- To allow you to participate in interactive features of our Websites, when you choose to do so.
- For industry analysis, benchmarking, analytics, marketing, and other business purposes.
- To track your browsing behavior, such as the pages you visited over time.
How Do We Share the Personal Data Collected?
Subject to any applicable data privacy law, or regulation, we may share, disclose or transfer Personal Data that you provide to us via this Website, to the following third parties:
- To a buyer, investor, new affiliate, or other successor in the event Locus, or any affiliate, group or business unit thereof, undergoes a business transition, such as a merger, acquisition, consolidation, reorganization, divestiture, liquidation or dissolution (including bankruptcy), or a sale or other transfer of all or a portion of any assets of Locus or any affiliates or during steps in contemplation of such activities (e.g., negotiations and due diligence.
- We may also disclose your Personal Data to third parties to:
- Comply with any court order or other legal obligation.
- Protect the rights, property, or safety of Locus or others.
We do not sell, rent or trade information collected through the Website or the Services to third parties.
How long do we keep a Visitor’s Personal Data?
We may retain a Visitor’s Personal Data for the period of time which is consistent with the original purposes of collection, as determined in our sole discretion, and in accordance with our record retention policies. When determining the retention of your Personal Data, we will evaluate the amount, nature, and sensitivity of such Personal Data processed, the potential risk of harm from the unauthorized use or disclosure of your Personal Data, and whether we can achieve the purposes of the processing such personal data through other means, as well as applicable legal requirements. Upon the expiration of the applicable retention period, your Personal Data will be deleted. Any information we are unable to delete entirely from our systems will have measures in place to prevent any further access and use of such data.
For all Customers and Users, Locus operates as the processor of applicable Customer Data. The following information applies to the Personal Data collected by Locus from Customers and Users of our Services. Data subject requests for Customer Data must be made through the applicable Customer as the controller of the Customer Data. Locus will comply with all data subject access requests in accordance with the provisions of the applicable contract between the applicable Customer and Locus.
What Customer Data do we collect?
We collect the following Customer Data from and/or about our Customers and Users (collectively, the “Customer Data”), including:
- General information, including a Customer’s company name and address, and the Customer’s representative’s contact information including name, email address, and telephone number (“General Information”) for billing and contracting purposes.
- Information our Customers and Users submit to us in connection with the use of our Services, including the User ID (can be pseudonymized or anonymized), Name (optional), picture of the user and language preference.
- Server logs in support of the Services, which may contain login and logout times, device identification numbers etc.
We also collect information that is not defined as Personal Data in providing the Services to Customers such as: (1) task data from the Customers’ warehouse management system including Task ID, Task Description, Task Type, Task Location and Quantities associated with the task; (2) performance or statistical data derived and/or generated from the operation of the Service, including pick/activity rates, location of picks/activities and timing of when the work is completed (the “Derived Data”). Such Derived Data may include User IDs if Customer chooses to store and report on Derived Data by User, however, the User ID can be pseudonymized or anonymized. Other than fulfilling specific data processing and/or reporting obligations for our Customers pursuant to Customer Agreements, all of this Derived Data collected, used, and disclosed will be in aggregate form only and will not identify any Customer or its Users, unless otherwise provided in a Customer Agreement.
How do we use Customer Data?
We use Customer Data to provide, maintain and improve the Services, including providing Support Services. Notwithstanding anything else to the contrary in this Privacy Statement, we will not use, disclose, review, share, distribute, transfer or reference any Customer Data except as permitted in the Customer Agreement, or as required by law.
What Cookies do we use with the Services?
- Authenticate your access to the Subscription Service
- Route a browser request to a specific node when multiple nodes are assigned
- Recognize you when you return to the Subscription Service
A User may refuse to accept the “remember me” cookie, which will then require a User to provide their username and password to log into the Subscription Service.
How Do We Share the Personal Data Collected?
As a processor of Customer Data, we only share the Personal Data collected in accordance with the Customer’s instructions, as permitted in the applicable Customer Agreement. Subject to any applicable data privacy and protection law and regulation, we may disclose Customer Data to third parties solely to:
- Comply with any court order or other legal obligation.
- Enforce or apply the terms of the definitive agreement between Customer and Locus pursuant to which the Customer purchased access to any portion or component of the Services (the “Customer Agreement”).
- Protect the rights, property, or safety of Locus, our Customers, Users or others.
We do not sell, rent or trade Customer Data with third parties.
How long do we keep your Personal Data?
We may keep Customer Data for the period of time which is agreed upon in the applicable Customer Agreement.
Communication Preferences and Choices and Accessing and Correcting Your Personal Data
Since each Customer is the controller of the Personal Data submitted to Locus as a processor, Users and such individuals must contact the applicable Customer administrator with any inquiries about how the Customer uses and discloses Personal Data and how to access or correct Personal Data contained in Customer Data. Locus will comply with all obligations agreed to between the relevant Customer and Locus to effectuate any data access rights a User may have with respect to the Locus’s processing of the relevant Personal Data.
Employee and Applicant Information
How Do We Obtain and Use Employee and Applicant Personal Information?
As a controller of our employees’ personal information, we collect personal information and sensitive personal information provided to us by you which may include, without limitation, name, address, email address, date of birth, gender, ethnicity, physical address, phone number, birth date, citizenship, education, employer (current or former), job title, passport number, driver’s license number, spouse or dependents, compensation, personal health information, payment instructions, credit card information, and EEOC data, in each case, collected only for Locus’ legitimate business purposes, including (1) the management and operations of our company, its functions and activities, (2) employee communications, including employee surveys, (3) maintaining a global directory, (4) carrying out obligations under employment contracts and employment, tax and benefits laws, and in connection with other working relationships or arrangements, (5) development and training programs, (6) assessing employee qualifications and performance, (7) managing employee performance, (8) determining employee compensation or payment, (9) managing the employee termination process, and (10) other general human resources purposes. Our European Union and Swiss Employees at the time of their employment are notified in detail how their personal information will be used. Employee information on health, performance evaluations, and disciplinary actions and other sensitive employee matters, whether it is stored manually or electronically, is accessible by other Locus employees only if necessary with respect to legitimate human resource functions or issues, and in accordance with applicable laws. Locus will obtain affirmative consent from an employee before using such employee’s personal information for any purpose other than as described above. Employees may decline to provide this consent, and employees may withdraw their consent at any time.
Employees may choose to voluntarily disclose personal information about family members, in which cases, such personal information shall be treated, for the purposes of this Privacy Statement, the same as an employee’s personal information. Employee personal information is never sold, leased, or rented to any third party.
In accordance with applicable law, employees may have the right to opt-out of disclosing their personal information provided that Locus does not need such personal information for a legitimate business purpose. Employees can contact our Human Resources Team at firstname.lastname@example.org or our Privacy Team at email@example.com if they wish to exercise these rights.
As a controller of our prospective employees’ personal information, we collect personal information and sensitive personal information provided to us by applicants or indirectly from third parties (e.g., LinkedIn, recruitment agencies or referrals from other third-parties) which may include, without limitation, name, address, email address, date of birth, gender, ethnicity, physical address, phone number, birth date, citizenship, education, employer (current or former), title, driver’s license number, spouse or dependents, compensation, payment instructions, and EEOC data only for legitimate business purposes, including (1) the recruiting and hiring of job applicants, (2) performing background checks and verifying references, (3) communications with the applicant, (4) assessing applicant qualifications and performance, (5) determining applicant compensation or payment, (6) other general human resources purposes. For information with respect to any applicable data access rights, please refer to “Your Rights and Choices with Locus as a Controller of your personal data”.
How Do We Share Employee and Applicant Personal Information Collected With Third Parties?
Employee Personal Information
Employee personal information will never be disclosed to third parties except as follows: (1) to those retained by Locus as agents for the purposes set forth above, (2) where required pursuant to an applicable law or regulation, governmental or judicial order, or to protect the rights or property of Locus, (3) where authorized in writing by the employee, and (4) where the employee voluntarily provides personal information and the context makes it clear that such information will be provided to a third party.
Applicant Personal Information
Applicant personal information will only be disclosed to third parties as follows:
- Disclosure to our Service Providers: We use third party service providers to process your personal information to assist us in business and technical operations for applying for employment with Locus. Locus has data processing agreements with such service providers which provide specific instructions for processing and accessing an applicant’s personal information.
- Required Disclosure: We may release personal information about you to comply with a law or a subpoena, bankruptcy proceeding, or similar legal process. Such disclosure may include disclosing personal information about you, such as your name and contact information, to enforce our contractual rights, or to protect the rights and safety of Locus, our Customers, Users, and others, or as is reasonably necessary for litigation purposes.
- Disclosure in Event of Merger/Acquisition/Sale: If Locus is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred to the acquiring entity as part of the transaction, such transfer subject to applicable personal data protections.
How long do we keep your employee personal information?
We may retain an employee’s personal information for the period of time which is consistent with the original purposes of collection, as determined in our sole discretion, and in accordance with our record retention policies; provided, however, that the use of such data is retained in accordance with a legitimate business purpose. When determining the retention of your personal information, we will evaluate the amount, nature, and sensitivity of such personal information processed, the potential risk of harm from the unauthorized use or disclosure of your personal information and whether we can achieve the purposes of the processing such personal data through other means, as well as applicable legal requirements. Upon the expiration of the applicable retention period, your personal information will be deleted. Any information we are unable to delete entirely from our systems will have measures in place to prevent any further access and use of such data.
How long do we keep your applicant Personal Information?
We may retain an applicant’s personal information for the period of time which is consistent with the original purposes of collection, as determined in our sole discretion, and in accordance with our record retention policies. When determining the retention of your personal information, we will evaluate the amount, nature, and sensitivity of such personal information processed, the potential risk of harm from the unauthorized use or disclosure of your personal information and whether we can achieve the purposes of the processing such personal data through other means, as well as applicable legal requirements. Upon the expiration of the applicable retention period, your personal information will be deleted. Any information we are unbale to delete entirely from our systems will have measures in place to prevent any further access and use of such data.
We are committed to resolve any complaints about our collection or use of your personal data. If you would like to make a complaint regarding this Policy or our practices in relation to your personal data, please contact us at: firstname.lastname@example.org. We will reply to your complaint as soon as we can and in any event, within 45 days. We hope to resolve any complaint brought to our attention, however if you feel that your complaint has not been adequately resolved, you reserve the right to contact your local data protection supervisory authority. The services of EU DPAs are provided at no cost to you.
To prevent Personal Data from loss, misuse and unauthorized access, disclosure, alteration or destruction, to maintain data accuracy, and to ensure the appropriate use of Personal Data, we employ administrative, technical and organizational measures that are reasonably designed to help safeguard the information we collect. Only authorized Locus personnel have access to the Personal Data, including server logs and cookie utilization data, that we collect. These individuals are required to follow strict security policies and procedures. Locus may use encryption, secure socket layer, firewall, password protection and other physical and logical security measures to help prevent unauthorized access to such. Locus may also place internal restrictions on who in the company may access data to help prevent unauthorized access to such information.
Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. Therefore, despite our efforts, we cannot guarantee its absolute security. We do not warrant or represent that Personal Data you will be protected against, loss, misuse, or alteration by third parties.
If you use the Websites or the Services, you are responsible for maintaining the confidentiality of any of your access credentials, including any password. You are responsible for restricting access to your computer, and you agree to accept responsibility for all activities that occur under your access credentials. We cannot secure any Personal Data that you release on your own, that you request us to release or that is released through another third party to whom you’ve given access.
Where required under applicable law or by contract, we will notify the appropriate parties or individuals of any loss, misuse and unauthorized access, disclosure, alteration or destruction of Personal Data so that such parties or individuals can take the appropriate actions for the due protection of their rights. If such Personal Data is information of a Locus Customer, we will notify such Customer and coordinate with them regarding any required notices to particular individuals, including any Users. Please report any known or suspected security violations at email@example.com.
Your California Privacy Rights
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Data to third parties for their direct marketing purposes. To learn more about your California privacy rights, please read our CCPA Privacy Notice.
Third Party Websites and Applications
We recognize the importance of protecting the privacy and safety of children. The Websites and Services are not intended for children under 13 years of age. We do not knowingly collect Personal Data from children under 13. Anyone under 13 should not use the Locus Services. If we learn we have collected or received Personal Data from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us as set forth below.
Class Action Waiver
YOU AND WE AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR OUR INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING.
Changes to Our Privacy Statement
Locus reserves the right to update or change this Privacy Statement from time to time. If Locus’s Privacy Statement is updated, we will notify you by posting the new Privacy Statement on this web page and updating the revision date below (and obtain your consent where required). Except where express consent is required by applicable law, Customer Agreements or End User License Agreements, your continued use of the Website and/or Services is deemed to be acceptance of any updates or changes we make to this Privacy Statement. Accordingly, we ask that you review the Privacy Statement periodically for any updates or changes that we may have made.
If you have any questions about this Privacy Statement or our privacy practices contact us at:
Locus Robotics Corporation
301 Ballardvale St.
Wilmington, MA 01887
Attn: Data Privacy