Using our Web site constitutes your acceptance of the terms set forth herein. In particular, you consent to our collection, use and disclosure as described below. Due to the fact that this policy may be amended at any time, please review this page when you are notified that the terms of use has changed through email notification. When you browse our Web site, you do so anonymously. While we do not collect personal information when you browse, your computer may automatically provide us with certain information, including information about your computer’s operating system, IP address and browser type, as well as your access date and time and your referring and exiting URLs. Any information which your computer provides us when you browse our Web site may be used by Locarto and/or its agents solely for internal purposes. Locarto does reserve the right to disclose any information that it obtains through the Web site to appropriate governmental or regulatory authorities, if required by law or by any governmental or law enforcement agency. From time to time, Locarto may offer additional services through separate Web sites linked to this Web site. Such linked Web sites may be subject to alternative terms of use, including use of your personal information. Your use of any such services shall constitute your acceptance of such alternative terms of use. Unless otherwise stated, such alternative terms of use shall apply to supplement this Privacy Policy and Disclaimer. The materials contained on this Web site are provided for general information purposes only. Neither Locarto nor its agents accept any responsibility for any loss that may arise from reliance on information contained on this site. Locarto reserves the right to remove and/or update any or all information from the Web site at any time without notice. Permission is given for the downloading and temporary storage of one or more of these pages for the purpose of viewing on a personal computer or other electronic device. The contents of this site are protected by copyright and, apart from the permission stated, the reproduction, permanent storage, or retransmission of the contents of this site is strictly prohibited without prior express written consent of Locarto AS.


The following outlines how Locarto AS uses and protects the personal information we receive. We have always been and continue to be committed to protecting and keeping secure any and all personal details we receive, and have confirmed our compliance with the General Data Protection Regulation (GDPR) in regards to our own collection of your personal information. If you provide information by which you can be identified, it will be used only in accordance with our Privacy Policy. We will update this policy occasionally and publish the revised policy on this web page.

Information we collect:

We collect contact information and other details submitted by you via our website forms and by emails sent to our domain. This is currently Name, Place of birth, Date of birth, Address, Phone Number, Email Addresses, Website, Facebook, Instagram and Linkedin. This information will only be used for producing pdf’s of your CV and you will be able to control what to publish and what not to publish by choosing what to fill into the form. When doing business with us or inquiring about our products and services, we collect information in relation to any transaction or any inquiry submitted by any method of communication. We collect information you give us in person at art fairs, places of business, or anywhere else. When you are browsing our website, we may collect your IP address, device type, device operating system, browser type, general location, and language. We are not able to identify website visitors personally if personal information is not submitted via our website forms.

Why we collect this information

To provide you with information that may be of interest to you For our own internal record keeping To perform obligations we have with you as a customer or partner Our processing of the personal information we collect is a necessary part of running our business. Collection of data in each above case is in our legitimate business interest (including marketing our services) or for performing our business obligations.

How we protect your information

We are committed to keeping your information secure. We have implemented appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect in order to prevent unauthorized access or disclosure. We are required to retain certain types of personal information in order to fulfill our business obligations, such as financial records relating to purchases and ongoing subscriptions. We will retain your personal information on our systems for as long as it is in our legitimate interest to do so. We will not sell, distribute, or lease your personal information to third parties unless we have your permission or are required by law to do so. The personal information you provide to us may be shared with third-party companies, agents, contractors, service providers or affiliated companies if this is reasonably required by us to provide you with our services, respond to inquiries, or for any of the purposes described in this notice.

Data Processors

The following are the third-party vendors that we utilize to process personal data and/or to provide services to our customers, with a brief description of the nature of their implementation, and a link to their privacy policies and/or statements of GDPR compliance: Amazon (AWS) Database and file storage and backup services. (Privacy Shield certified and GDPR compliant)

Your rights

If you receive communications from us and would like to see the personal data we hold about you (known as a Subject Access Request) please email. We will supply the information within one month. We will only refuse requests that are manifestly unfounded or excessive; in such cases the the requesting party will be informed within one month. If you believe that any information we are holding on you is incorrect or incomplete, or wish us to remove information that we are not obligated to retain, please email us. We will promptly correct any information found to be incorrect.


If you subscribe to our email newsletter, we will not use the personal information you provide (name and email address) for any other purpose. You have the option of unsubscribing from our newsletters at any time, using the ‘unsubscribe’ link provided in each email.


Locarto complies with applicable local laws on our business-related use of data customers may provide to us. This ensures that we meet the applicable standards set out in such laws. In addition, we apply our own Data Stewardship Principles. These are guided by the essential value that the data entrusted to us belongs to our customers and the entities for whom our customers have entered information in their Locarto databases. Founders of Locarto’ values and approach to privacy and data protection has served the art market successfully for more than 12 years. We believe that Locarto’s implementation of GDPR allow us to earn our customers’ trust. During the normal course of business, our customers may provide Locarto the following types of data or other types of data about them and/or their institution: information about them, their employees, agents, advisors, or freelancers. This may include name, title, job title, employer, home and/or work address, email address, telephone number, or other information disclosed by them, their employees, agents, advisors, or freelancers. Customers additionally may provide Locarto data about their customers, prospects, professional contacts and suppliers, or their employees, agents or freelancers, which may include but is not limited to: name, title, job title, employer, home and/or work address, email address, telephone number, transactions data, and interests. Additionally, through the normal course of business, customers may provide Locarto electronic files, images, documents, databases and other physical materials that are solely used to serve them as client for the purposes of our client / vendor relationship. Our main data storage locations are in the Ireland and USA. However, as a global company, data are accessed from various locations by our global teams and our trusted partners. The GDPR does not preclude EU personal data being stored (or otherwise processed) in the USA, as long as there is a data transfer mechanism in place approved by the European Commission. One such approved data transfer mechanism is the EU-US Privacy Shield regime. Locarto complies with and uses vendors who are certified by the Privacy Shield scheme.