Privacy notice.

Locata is operated by Tech_42 B.V., a Dutch company registered in the Netherlands. Tech_42 is the data controller for personal data collected through this website and through pre-sales communications.

For data-protection questions, contact us at privacy@locata.io.

We collect personal data only when you choose to share it with us. Specifically:

• Demo request form (locata.io/demo): name, organization, role, type of rollout, candidate set size, email, optional phone, optional free-text notes.
• Home page closing form: name, organization, role, type of rollout, email.
• Direct email: any content you send to hello@, security@, press@, privacy@, or legal@locata.io.
• Server logs: IP address, user-agent, and requested URL for every visit. Retained for 30 days for security and operational reasons.

We do not use behavioural advertising cookies. The site uses a first-party analytics setup (Vercel Web Analytics) that does not set tracking cookies or build cross-site profiles.

Form submissions are processed on the basis of your consent (when you submit the form) and our legitimate interest in following up on inquiries about our product. Server logs are processed on the basis of our legitimate interest in keeping the site secure and operational.

• Form submissions: retained for up to 24 months from the date of submission, then deleted unless an active engagement supersedes this retention period.
• Direct email: retained for the duration of the conversation plus the standard business-records period required by Dutch tax and corporate law (typically seven years).
• Server logs: 30 days, then permanently deleted.

We use a small set of EU-resident sub-processors for website hosting, email delivery, and analytics. The current list is available on request to privacy@locata.io and is included in the data-processing agreement for engaged customers.

AI inference providers (Claude, GPT, Gemini) are not exposed to this website's data. They're only used during customer engagements, under explicit data-processing terms.

Under the GDPR, you have the right to:

• Access the personal data we hold about you.
• Rectify incorrect data or complete incomplete data.
• Erase your data (right to be forgotten).
• Restrict or object to specific processing activities.
• Data portability for the data you provided.
• Lodge a complaint with the Dutch Autoriteit Persoonsgegevens.

To exercise any of these rights, email privacy@locata.io. We respond within 30 days.

Personal data collected through this site is processed and stored within the European Economic Area. We do not transfer personal data outside the EEA without explicit consent and appropriate safeguards (Standard Contractual Clauses or equivalent).

We update this notice when our practices change. Material changes are flagged at the top of the page with a new effective date. The previous version is available on request.