Main menu

Privacy policy

Your privacy is important to us

Here at Loco we think privacy should be important to everyone. We won't treat you in any way we'd be unhappy being treated ourselves.

The data controller for Loco is White Interactive Ltd. We are a UK company and take the UK's data protection laws very seriously. If you have any questions about your privacy on our website or our treatment of your data, you can reach our data protection officer via the contact form or by emailing support at this domain.

Anonymous data

If you're not logged into a Loco account, we don't collect any personally identifiable data.

Your IP address and user agent are temporarily stored in our server logs. We don't do anything with this data except if we have to analyse it for traffic problems. Log files are deleted after ten days, and from all backups ten days after that. No permanent record of your page views is kept on our own servers after these logs are deleted.

We use Google Analytics to monitor our web traffic and help us improve our product's performance. This data is safeguarded by Google's own privacy policies. See the cookies section below for more about Google and how to opt out of your data being collected.

We don't make any attempts to "fingerprint" anonymous visitors, nor track them outside of our website. We don't carry any advertising, nor work with any affiliates.

Personal data

If you register for a Loco account we store your email address and your name if you provided it. This is for the purposes of the core functionality of the Loco service and if we need to contact you about your account. We also store your country, language and time zone preferences. This is partly for our own statistics and partly to provide specific Loco functionality.

We won't share, sell or distribute any of your personal details.

We won't move your data outside of our own servers except when necessary for the explicit purpose of providing our service to you. For example: if we send you an email, your address may pass through a third party service. See more about email contact below.

Your name and email address are visible to us and to any Loco users who have added you to their project teams. We do not display your email address to anyone who did not already possess it, but your name and profile picture will be visible to all team members.

If someone invites you to Loco by giving us your details we will immediately send you an invitation email informing you of this. We keep a record of your invitation which includes your name, but your email address will be hashed so we can't use it. It's impossible for us to contact you until you choose to activate your account, but you can request we delete this record completely by replying to your invitation email.

If you subscribe to any of Loco's paid services we will store your billing address including postcode. This is required for processing payments and also for our tax records. We may have to store some of this data for legal reasons even if you close your account. See our terms of use in relation to this.

All sensitive payment information like credit card numbers is held by our payment provider. We have no access to credit card numbers.

Account activity

When you log into your Loco account we store your IP address, user agent, the time you signed in, and (if possible) the time you sign out. This log is stored in our database, but it is deleted if your account is closed. Your project team members will be able to see when you last logged in, but we will never reveal your IP address or any details about your browser to any other users.

More specific activity (such as what you translated and when) is stored for the purpose of project activity feeds. Only users added to your project teams can see this information. This data is destroyed when the containing project is deleted.

We log page views and certain actions via Google Analytics while you're logged in to your dashboard. We analyse this so we can see which features are the most popular, and which ones are not being used. We don't send any personally identifiable data to Google beyond the browser information and IP address Google collects according to its own policies.

Uploaded content

If you have a Loco Account you will probably be entering or uploading your own content to our servers. We store this for the sole purpose of providing you with the service. We do not sell, share or otherwise distribute your content in any way except to provide your Loco project teams with the access they've been granted by project administrators.

Text content is stored on our own servers in a database, but uploaded files and translation backups are stored with Amazon Simple Storage Service. Both are inaccessible to anyone outside of your project team.

Single sign-on

Loco uses third party APIs to provide entirely optional single sign-on (SSO) functionality.

Using these SSO service providers via Loco requires you grant us access to your account with the service provider via the provided user flow, ("Connecting") which means we never see your password. We will only retrieve and store the data required to provide you with our service, which includes the same personal data as above, including your name, email address, profile picture, language and regional preferences.

We may also store the access credentials for a given service you've granted. You can revoke these at any time via the service provider and also via your Loco account dashboard. We do not use these access credentials to routinely analyse or profile you.

Email contact

Once you register for a Loco account, there are broadly two types of email we may send you:

  1. Transactional emails sent only to you, such as password resets, payment alerts, or other information relating directly to your account.

    When sending this type of email we may use our preferred third party sending service Amazon SES. This involves your email address being passed securely to Amazon for the purpose of delivery.

  2. News about upcoming changes or to ask your opinion about new features. These may be sent to many Loco users at once, but we do so very rarely.

    When sending emails in bulk we may use a third party service such as MailChimp for delivery. When you register with your email address we will add you to a single mailing list for this purpose. Any emails sent to you via this list will carry an unsubscribe link which you can use to permanently opt out of all bulk correspondence in future.

Note that we don't store any email addresses until we can verify that the person able to receive the mail has created a Loco account. Until email addresses have been verified they're stored on our system as an irreversible hash. This allows us to perform verification, but makes them otherwise useless. This way we can't hold your address unless you gave it to us yourself.

Destroying your data

If you ask us to close your account all your personal data and content will be removed permanently from all sources we control except for any historical payment information that we're obliged to keep for tax or legal reasons.

See our terms of use in relation to handling and destroying your data.

Use of cookies

Loco sets cookies in your browser from the first time you visit our website. Our cookies are not intended to invade your privacy or identify you personally. The cookies we set are for the following purposes:

  1. to keep you logged in to your account after signing in;
  2. to remember user preferences between page views;
  3. to establish 'returning visitors' in Google Analytics;
  4. to provide the optional 'stay signed in' feature;
  5. to process payments without access to your card number;
  6. to remember that you've been notified about cookies.

If you don't know what cookies are, detailed information can be found at

Session cookies

These cookies don't persist after you log out of your account or close your browser (they are 'session cookies') and should be deleted by your web browser when it exits.

( 1. ) Logging into Loco is not possible without accepting a session cookie named sessid. This identifier is stored in our database in order to provide the core functionality of the Loco service. It cannot be used to track your activity on other websites.

( 2. ) Various session cookies are used to remember user preferences between page views. Deleting these cookies from your computer will have no serious detrimental affect to the functionality of Loco. They are for your convenience.

Persistent cookies

These cookies are "persistent" meaning they are not deleted when you close your browser, although they have expiry dates after which your browser will delete them automatically.

( 3. ) Google Analytics sets first party cookies on behalf of our Internet domain. These cookies persist for up to two years if you don't clear them from your browser. If you don't want Google Analytics cookies to collect your data, Google provide an opt-out method in the form of a browser add-on

( 4. ) If you choose to use the stay signed in feature, our servers will set a cookie with a one year life span. If you don't want this cookie to be set, don't tick the "stay signed in" checkbox when you log in. It's entirely optional.

( 5. ) Our payment provider (Stripe) sets cookies on your computer when you initiate a purchase. These cookies are accessed only by Stripe and are subject to their own privacy policy. Deleting these cookies from your computer will have no affect on Loco's functionality once a purchase has been completed or cancelled and they will never contain your credit card number.

( 6. ) By continuing to use our website you've given us consent to store these cookies. We note this by setting a cookie called cc. It may live up to one year in your browser, during which time your consent remains granted.

Deleting cookies

Cookies may have been set by our website before you had a chance to read this document, but you can delete them. To delete cookies from your computer follow these instructions for your specific browser.

It's perfectly safe to delete any of the cookies set by the Loco website. The worst that can happen is you'll get logged out.

Refusing cookies

It's not possible to use the Loco website without our servers attempting to set cookies, but you can block them via your browser.

Blocking cookies will have no detrimental effect when you're logged out of your account, but blocking some cookies will prevent you from logging in or operating your account dashboard. You may wish to use a browser add-on like Privacy Badger, which will help you block non-essential cookies while allowing essential cookies to be accepted.

Third parties

From time to time pages on the Loco website may include content from third parties which may also set third party cookies. The setting of third party cookies is subject to the providers' own privacy policies. Although we select these third parties carefully and sparingly, we have no control over the cookies they set.

Third party cookies are never sent back to the Loco website, because your browser should only send them to their originating domain. This means we have no access to the data they contain, nor any power to remove or modify them.

If you are worried about the presence of third parties, we recommend you block third party cookies completely via your browser settings. Blocking third party cookies will not prevent any core functionality of the Loco service from operating.

If you think a third party is behaving in a way that undermines our high standards of privacy, please let us know and we will consider removing them.