Notice to Customers 

Lokalise complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information transferred from the European Union to the United States. Lokalise has satisfied the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this document and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view certification, please visit: https://www.privacyshield.gov/

 

EU-U.S. and Swiss-U.S. Privacy Shield Policy 

Last Updated:  March 05, 2020

Lokalise, Inc. (“Lokalise”, “we”, “our” or “us”) has subscribed to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (collectively, “Privacy Shield”). Lokalise adheres to the Privacy Shield Principles including the Supplemental Principles, (collectively, the “Privacy Shield Principles”) for Personal Data received from entities in the European Economic Area (the “EEA”) and Switzerland.

This Lokalise Privacy Shield Policy (the “Privacy Shield Policy”) and our Privacy Policy describe the privacy practices that we implement for Personal Data received from the EEA or Switzerland in reliance on the Privacy Shield. This Privacy Shield Policy uses terms which are defined in the Privacy Policy.

If there is any conflict between the terms in this Privacy Shield Policy and the Privacy Shield Principles as concerns the Personal Data received under the Privacy Shield, the Privacy Shield Principles shall govern to the extent of the conflict. To learn more about the Privacy Shield program, visit: www.privacyshield.gov, and to view our certification, please visit: https://www.privacyshield.gov/list.

Privacy Shield Principles

1. and 2. Notice and Choice

Our Privacy Policy describes how we use Personal Data we receive from different sources. This Privacy Shield Policy describes how we process Personal Data covered by the Privacy Shield.

If you are our Customer, Lokalise may act as an agent for you in relation to the Personal Data that you provide or make available to Lokalise. Lokalise usually will not have a relationship with your Authorized Users (as defined in the Terms of Service), customers or end-users. Here, the Customer is responsible for ensuring that its Authorized Users customers or end-users are provided with appropriate notice and choice with respect to their Personal Data.

In its role as a controller, and as required by applicable law, Lokalise generally offers individuals in the EU and Switzerland (together: “EEA/CH Consumers”) the opportunity to choose whether their Personal Data may be (a) disclosed to third-party controllers or (b) used for a purpose that is materially different from the purposes for which the information was originally collected or subsequently authorized by the relevant EEA/CH Consumer. To the extent required by the Privacy Shield Principles, Lokalise obtains opt-in consent for certain uses and disclosures of sensitive data. EEA/CH Consumers may contact Lokalise as indicated below regarding the Lokalise’s use or disclosure of their Personal Data. Unless Lokalise offers EEA/CH Consumers an appropriate choice, Lokalise uses Personal Data only for purposes that are materially the same as those indicated in this Policy.

3. Data Integrity and Purpose Limitation

We only collect Personal Data that is relevant to providing our Services. We process Personal Data compatible with us providing the Services or as otherwise notified to you. We take reasonable steps to ensure that the Personal Data received under the Privacy Shield is needed for Lokalise’s Services and is accurate, complete and current.

4. Accountability for Onward Transfers

This Policy and our Privacy Policy  describe how Lokalise shares Personal Data.

Except as permitted or required by applicable law and in accordance with Lokalise’s role as a controller or processor, Lokalise provides EEA/CH Consumers with an opportunity to opt out of sharing their Personal Data with third-party controllers. Lokalise requires third-party controllers to whom it discloses the Personal Data of EEA/CH Consumers to contractually agree to (a) only process the Personal Data for limited and specified purposes consistent with the consent provided by the relevant EEA/CH Consumer, (b) provide the same level of protection for Personal Data as is required by the Privacy Shield Principles, and (c) notify Lokalise and cease processing Personal Data (or take other reasonable and appropriate remedial steps) if the third-party controller determines that it cannot meet its obligation to provide the same level of protection for Personal Data as is required by the Privacy Shield Principles.

Lokalise may disclose Personal Data to trusted third parties, as indicated in the Privacy Policy, without offering an opportunity to opt out. Lokalise requires that its agents and service providers who have access to Personal Data within the scope of this Privacy Shield Policy provide the same level of protection as required by the Privacy Shield Principles. We ensure that our agents process Personal Data received under the Privacy Shield in a manner consistent with our obligations under the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.

We may also need to disclose Personal Data in response to lawful requests by public authorities, for law enforcement or national security reasons, or when such action is necessary to comply with a judicial proceeding or court order, or when otherwise required by law. We do not offer an opportunity to opt out from this category of disclosure.

Lokalise shall remain liable under the Privacy Shield Principles if its agent processes your Personal Data in a manner inconsistent with the Privacy Shield Principles, unless Lokalise proves that it is not responsible for the event giving rise to the damage.

5. Data Security

We use reasonable and appropriate physical, electronic and administrative safeguards to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data and the risks involved in processing that information.

6. Access to Personal Data

Our Privacy Policy explains how you may access and/or submit requests to review, correct, update, suppress or delete Personal Data. You can ask to review and correct Personal Data that we retain about you by sending a written request to: privacy@lokalise.com. We may limit or deny access to Personal Data where providing such access is unreasonably burdensome, expensive under the circumstances, or as otherwise permitted by the Privacy Shield Principles.

When Lokalise acts on behalf of its Customers, Lokalise will assist all Customers in responding to individuals exercising their rights under the Privacy Shield Principles.

If you are an Authorized User, customer or end-user of our Customer, please contact the Customer directly with your request to access or limit the use or disclosure of your Personal Data. If you contact us with the name of the Customer to which you provided your Personal Data, we will refer your request to that Customer and support them in responding to your access request.

7. Recourse, Enforcement and Dispute Resolution

If you have any questions or concerns, please write to us at the address listed below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the Privacy Shield Principles.

For complaints from EU/CH Consumers that cannot be resolved directly by us, we have chosen to cooperate with EU data protection authorities (the "DPAs") and the Swiss Federal Data Protection and Information Commissioner (the "FDPIC"), respectively, and comply with the information and advice the DPAs and the FDPIC may provide in relation to such unresolved complaints (as further described in the Privacy Shield Principles). Please contact us in order to be directed to the relevant DPA or FDPIC contacts.

Lokalise has further committed to cooperating with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.

In the event that we are unable to resolve your concern, EU Consumers may contact the American Arbitration Association and CH Consumers may contact JAMS, which provide an independent third-party dispute resolution body based in the United States. They will investigate and assist you free of charge. A binding arbitration option may also be available to you in order to address residual complaints not resolved by any other means. Lokalise is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC”).

Contact Information

If you have any questions regarding this Privacy Shield Policy, please contact us by email at: privacy@lokalise.com, or please write to the following address:

Lokalise, Inc. 
2035 Sunset Lake Road, Suite B-2,
Newark, Delaware DE 19702, USA
Attention: Lokalise DPO

Changes to this Privacy Shield Policy

This Privacy Shield Policy may be changed from time to time, consistent with the requirements of the Privacy Shield, our Privacy Policy and any applicable personal data protection laws. You can determine when this Privacy Shield Policy was last revised by referring to the “Last Updated” date at the top of this page.