We collect contact information and other details submitted by you via our website forms and by emails sent to our domain. This is currently Name, Place of birth, Date of birth, Address, Phone Number, Email Addresses, Website, Facebook, Instagram and Linkedin. This information will only be used for producing pdf’s of your CV and you will be able to control what to publish and what not to publish by choosing what to fill into the form. When doing business with us or inquiring about our products and services, we collect information in relation to any transaction or any inquiry submitted by any method of communication. We collect information you give us in person at art fairs, places of business, or anywhere else. When you are browsing our website, we may collect your IP address, device type, device operating system, browser type, general location, and language. We are not able to identify website visitors personally if personal information is not submitted via our website forms.
To provide you with information that may be of interest to you For our own internal record keeping To perform obligations we have with you as a customer or partner Our processing of the personal information we collect is a necessary part of running our business. Collection of data in each above case is in our legitimate business interest (including marketing our services) or for performing our business obligations.
We are committed to keeping your information secure. We have implemented appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect in order to prevent unauthorized access or disclosure. We are required to retain certain types of personal information in order to fulfill our business obligations, such as financial records relating to purchases and ongoing subscriptions. We will retain your personal information on our systems for as long as it is in our legitimate interest to do so. We will not sell, distribute, or lease your personal information to third parties unless we have your permission or are required by law to do so. The personal information you provide to us may be shared with third-party companies, agents, contractors, service providers or affiliated companies if this is reasonably required by us to provide you with our services, respond to inquiries, or for any of the purposes described in this notice.
The following are the third-party vendors that we utilize to process personal data and/or to provide services to our customers, with a brief description of the nature of their implementation, and a link to their privacy policies and/or statements of GDPR compliance: Amazon (AWS) https://aws.amazon.com/compliance/gdpr-center/ Database and file storage and backup services. (Privacy Shield certified and GDPR compliant)
If you receive communications from us and would like to see the personal data we hold about you (known as a Subject Access Request) please email. We will supply the information within one month. We will only refuse requests that are manifestly unfounded or excessive; in such cases the the requesting party will be informed within one month. If you believe that any information we are holding on you is incorrect or incomplete, or wish us to remove information that we are not obligated to retain, please email us. We will promptly correct any information found to be incorrect.
If you subscribe to our email newsletter, we will not use the personal information you provide (name and email address) for any other purpose. You have the option of unsubscribing from our newsletters at any time, using the ‘unsubscribe’ link provided in each email.
Locarto complies with applicable local laws on our business-related use of data customers may provide to us. This ensures that we meet the applicable standards set out in such laws. In addition, we apply our own Data Stewardship Principles. These are guided by the essential value that the data entrusted to us belongs to our customers and the entities for whom our customers have entered information in their Locarto databases. Founders of Locarto’ values and approach to privacy and data protection has served the art market successfully for more than 12 years. We believe that Locarto’s implementation of GDPR allow us to earn our customers’ trust. During the normal course of business, our customers may provide Locarto the following types of data or other types of data about them and/or their institution: information about them, their employees, agents, advisors, or freelancers. This may include name, title, job title, employer, home and/or work address, email address, telephone number, or other information disclosed by them, their employees, agents, advisors, or freelancers. Customers additionally may provide Locarto data about their customers, prospects, professional contacts and suppliers, or their employees, agents or freelancers, which may include but is not limited to: name, title, job title, employer, home and/or work address, email address, telephone number, transactions data, and interests. Additionally, through the normal course of business, customers may provide Locarto electronic files, images, documents, databases and other physical materials that are solely used to serve them as client for the purposes of our client / vendor relationship. Our main data storage locations are in the Ireland and USA. However, as a global company, data are accessed from various locations by our global teams and our trusted partners. The GDPR does not preclude EU personal data being stored (or otherwise processed) in the USA, as long as there is a data transfer mechanism in place approved by the European Commission. One such approved data transfer mechanism is the EU-US Privacy Shield regime. Locarto complies with and uses vendors who are certified by the Privacy Shield scheme. https://privacyshield.gov/