🍪 We use cookies

    We use cookies to improve your experience on our website, analyse traffic, and for marketing purposes. By clicking "Accept All", you consent to our use of cookies. You can also customise your preferences or reject non-essential cookies. Learn more

    Loc.ai
    Sign inStart free

    Data Processing Addendum (DPA)

    Version: 1.0

    Effective Date: 17 January 2026

    This Data Processing Addendum ("DPA") forms part of the Master Subscription Agreement ("Agreement") between Loc.ai Ltd ("Processor") and the Customer ("Controller").

    1. Definitions

    • "Personal Data", "Controller", "Processor", "Processing", and "Data Subject" shall have the meanings given in the UK GDPR / EU GDPR.
    • "Services" means the Loc.ai:Control platform (control.locai.co.uk) and related services provided under the Agreement.

    2. Scope and Purpose

    The Processor will process Personal Data on behalf of the Controller solely to provide the Services in accordance with the Agreement and the Controller's documented instructions.

    Details of Processing:

    • Subject Matter: Management of edge computing devices and AI model deployment.
    • Duration: The term of the Agreement plus any period required for data deletion.
    • Nature & Purpose: Storage of device logs, IP addresses, and user account data to enable platform functionality.
    • Categories of Data: Device identifiers (UIDs), IP addresses, system logs, and user account information (names, emails) associated with the Controller's workspace.
    • Data Subjects: The Controller's employees, contractors, and device users.

    3. Processor Obligations

    Loc.ai agrees to:

    1. Confidentiality: Ensure that persons authorized to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
    2. Security: Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption of data in transit and access controls.
    3. Breach Notification: Notify the Controller without undue delay after becoming aware of a Personal Data Breach affecting the Controller's data.
    4. Assistance: Taking into account the nature of the processing, assist the Controller (at the Controller's expense) in responding to requests from Data Subjects exercising their rights (e.g., access, deletion).

    4. Sub-processors

    The Controller authorizes the Processor to engage sub-processors to assist in providing the Services. The Processor shall maintain a list of sub-processors and shall notify the Controller of any intended changes concerning the addition or replacement of sub-processors, giving the Controller an opportunity to object to such changes.

    5. International Transfers

    If the Processor transfers Personal Data out of the UK or EEA to a country not recognized as providing an adequate level of data protection:

    • UK Transfers: Such transfers shall be governed by the UK International Data Transfer Agreement (IDTA).
    • EU Transfers: Such transfers shall be governed by the Standard Contractual Clauses (SCCs) approved by the EU Commission.

    6. Deletion or Return of Data

    Upon termination of the Agreement, the Processor shall, at the choice of the Controller, delete or return all Personal Data to the Controller, unless applicable law requires storage of the Personal Data.

    7. Contact

    For questions regarding this DPA, please contact us at: privacy@locai.co.uk

    Sign up now and get increased data, storage & nodes — Free increased data, storage & nodes — completely free. Sign up →