Last updated: March 2026

Privacy Policy

Locac.io is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

The data controller is Julien Glorieux, publisher of the Locac.io platform.

Address: 39 rue Jean-Baptiste Baudin, 21000 Dijon — France

Contact: contact@locac.io

2. Data Collected

We collect the following data:

• Identity: first name, last name, email address, password (encrypted).

• Property data: address, description, photos, rates.

• Payment data: processed directly by Stripe. Locac.io stores no banking data.

• Browsing data: browser type, pages visited (via Vercel Analytics, cookie-free).

• Technical data: error reports sent to Sentry when issues occur.

3. Purposes and Legal Bases

• Contract performance (Art. 6.1.b GDPR): account management, booking and payment processing.

• Legitimate interest (Art. 6.1.f GDPR): service improvement, error detection (Sentry), anonymous audience measurement (Vercel Analytics).

• Legal obligation (Art. 6.1.c GDPR): invoice and accounting data retention.

4. Data Recipients

• Stripe Inc. (payment processing)

• Sentry (technical error reports)

• Fly.io (server hosting) — 321 N Clark St Suite 2550, Chicago, IL 60654, USA

• Vercel Inc. (CDN hosting and cookie-free analytics) — 340 S Lemon Ave #4133, Walnut, CA 91789, USA

• Cloudflare Inc. (anti-spam CAPTCHA)

No data is sold or transferred to third parties for commercial purposes.

5. Retention Periods

• Account data: retained for the duration of your subscription, deleted within 30 days of cancellation.

• Billing data: retained 10 years per French legal obligations.

• Error reports (Sentry): retained 90 days.

• Vercel analytics data: aggregated and non-identifiable, retained 12 months.

6. Your Rights

Under GDPR you have the right to access, rectify, erase, and port your data, as well as the right to object to processing. Contact us at contact@locac.io. You may also file a complaint with your local supervisory authority.

7. Security

We implement appropriate technical and organisational measures to protect your data: password encryption, HTTPS connections, restricted access controls.

8. Policy Updates

We may update this policy at any time. In case of material changes, you will be notified by email. The current version is always the one published on this page.