Privacy Policy
Last updated: 2025-04-04
Introduction
The platform at localhero.ai (the "Platform") and the translation management service LocalHero.ai (the "Service") is operated by Andersson-Larsson Holding AB with company registration no. 559254-7078 ("we", "us", "our").
This Privacy Policy contains information about how we collect and process Personal Data that we get access to when users visit our Platform or use the Service. This Privacy Policy also contains information about the storage of Personal Data, deletion of Personal Data, legal basis for the Processing of Personal Data and Data Subject's rights according to GDPR. We handle Personal Data in accordance with the GDPR and any subordinate legislation and regulation implementing the GDPR which may apply (the "Data Protection Requirements") in accordance with the principle of accountability.
This Privacy Policy is reviewed annually and updated as needed. The latest version is always publicly available at localhero.ai/privacy.
Definitions
All references to "Personal Data", "Processing", "Data Subject", "Sub-processor", "Personal Data Breach", "Supervisory Authority" and any other capitalized terms not defined herein shall have the same meaning in this Privacy Policy as stated in article 4 of the GDPR.
- Service: LocalHero.ai, a translation management service.
- GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
- SCC: Commission implementing decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.
- Platform: localhero.ai.
- CLI: Command Line Interface tool for LocalHero.ai.
How We Collect Personal Data
We most usually receive Personal Data when we enter into an agreement; through the users' use of the Service or access to our Platform; when the user authenticates using GitHub; when the user contacts us by e-mail; or in connection with registration to any newsletter from us.
What Personal Data We Collect
We try to work primarily through the principle of purpose limitation and data minimization regarding the storage of Personal Data, by only Processing Personal Data that is necessary, adequate and relevant for each individual purpose.
Personal Information
- When a user signs in using GitHub, we collect and store: name, email address, and GitHub user ID.
- Organization names associated with user accounts.
- Project settings including source language, target languages, translation preferences, style guides, and other configuration data.
Usage Information
- Translation content and keys that users submit for translation.
- Project structure and organization information.
- We collect anonymized usage information using Plausible Analytics to analyze how users interact with our service. This data is anonymized and cannot be traced back to individual users.
- Error tracking data using Honeybadger to identify and resolve technical issues.
Why We Process Personal Data and the Legal Basis for the Processing of Personal Data
The legal basis we mainly base the Processing of Personal Data on is "Contract". This legal basis gives us the right to Process Personal Data in order to fulfill our obligations under a contract with the Data Subject.
If the Data Subject has consented to the Personal Data Processing, through voluntary active approval to the Processing, we may Process the Personal Data on the legal basis of "Consent". A given consent can be revoked at any time and in such cases the Processing of the Personal Data shall cease, but this only applies if the Personal Data is no longer necessary for us to Process in order to fulfill our obligations under a contract or other legal obligations.
We have the right to Process Personal Data if we have a legal obligation to do so, for example according to the Swedish Bookkeeping Act (1999:1078). In such cases, only necessary Personal Data will be Processed. Personal Data that is part of any necessary accounting documentation is stored for as long as the law requires.
We have the right to Process Personal data, based on the legal basis "Legitimate interests", in order to for example market the Service, provide good support, improve our services, the Platform or the Service etc. However, sensitive Personal Data is never Processed on this legal basis. The Data Subjects always have the right to object in writing if the Data Subject do not want us to use their Personal Data for marketing. We have the right to Process Personal Data on this legal basis in order to comply with applicable law, demand payment for a past due claim, report a debt or protect our rights/property and to prevent crimes.
How We Use Your Information
- To provide and maintain our translation service
- To process your payments through our payment processor
- To process translation content through AI models and generate translations
- To send you service updates and notifications
- To improve our service and develop new features
- To respond to your requests and support inquiries
AI Processing of Translation Content
Our service uses AI models to process and generate translations for the content you submit. The AI processing is applied only to the translation content itself, not to personal data. The results of these translations are stored in our application database. We do not use personal data for AI training purposes.
It's important to note that while we use Microsoft Azure and AWS for AI/LLM inference (processing translation content), we do not transfer or store any personal data on these platforms. These services are used exclusively for processing translation content, and personal user data remains stored on our main application hosted on Render.com (EU-based).
Storage of Personal Data
We store and Process Personal Data according to the principle of integrity and confidentiality. Our main application and database are hosted on Render.com, with servers located in the European Union.
The Personal Data associated with a user account (like the user's name and email) is needed to make the Service work, and will be stored for the entire time you are a customer/user. The data for translations, including content, project settings, and configuration, are saved until projects are deleted by users or as long as you are a customer.
Our service undergoes regular backups of stored data. Backup storage is saved for up to thirty (30) days. The backup files are stored securely within our cloud infrastructure.
We store Personal Data as long as it's needed and necessary to fulfill the purposes for which the Personal Data was collected. If it is necessary for us to comply with applicable legislation, we may store Personal Data for a longer period for that purpose. Personal Data that is no longer needed will be deleted according to the principle of storage limitation.
CLI Tool Data Processing
Our Command Line Interface (CLI) tool processes local translation files and sends only the translation content to our API. The CLI tool does not collect any additional personal data beyond what is necessary for authentication and providing the translation service.
Data Storage and Security
We implement appropriate technical and organizational measures to protect your data. Your personal information is stored securely in our main application hosted on Render.com, with servers located in the European Union. Microsoft Azure and AWS are only used for AI inference processing of translation content, not for storing personal data.
Third-Party Services
We use trusted third-party services for:
- Payment processing (Polar.sh/Stripe)
- Authentication (GitHub OAuth)
- Analytics (Plausible Analytics)
- Error tracking (Honeybadger)
- Email communications (Mailjet)
- Cloud hosting (Render.com for hosting our main application and storing data; Microsoft Azure and AWS only for AI translation processing)
Sub-processor and Transfer of Personal Data
We have the right to engage Sub-processors to fulfill the obligations under the agreement between us and the Data Subject. We engage Sub-processors as part of the delivery of the Service and Platform. This means that we may disclose Personal Data to Sub-processors, to fulfill our obligations under the Agreement, applicable legislation, legal obligations, to safeguard our legal interests or to detect and prevent technical or security issues with the Service. The Data Subjects are entitled to request a complete overview on which Sub-processors that are involved in the Processing of the Data Subjects Personal Data.
The Data Subjects Rights
The Data Subjects have certain rights according to GDPR regarding the Processing of their Personal Data. The Data Subjects have the right to:
- information about what Personal Data that is being Processed and to whom it is shared.
- access the Personal Data that is being Processed.
- ask for modifications of the Personal Data.
- withdraw a previously given consent for the Processing of Personal Data for a specific purpose.
- object to the Processing of the Personal Data.
- object to automated Processing of the Personal Data and to a decision based on an automated processing.
- be forgotten and to ask for the deletion of Personal Data.
- transfer the Personal Data to another controller (data portability).
- submit complaints to us, or the Swedish Authority for Privacy Protection which is the Supervisory Authority or other equivalent regulatory authority in the data subject's state.
- get information about any Personal Data Breach concerning the Personal Data of the data subject.
You may contact us if you request any of the above-mentioned rights, regarding your Personal Data. However, some of the rights apply only in certain situations.
Deletion of Stored Personal Data
To delete stored personal data about you from our systems, please send an email to hi@localhero.ai. After the authenticity of the request has been verified, all data related to you will be deleted within 30 days.
Security Measures
We certify that our activities and security measures are conducted in a manner that ensures compliance with the provisions and requirements of the GDPR regarding adequate protection of Personal Data Processing (according to the principle of integrity and confidentiality). All our internal registers and systems that contain Personal Data are password protected. We have also developed internal routines for employees with access to the databases containing Personal Data, in order to protect the data, and only authorized employees with a direct need for access to the Personal Data in order to perform their tasks have access to them. We also work according to the data protection principles (Article 5 GDPR) and ensure that our employees are aware of the principles.
Personal Data Breach
All Personal Data Breaches will be documented internally and reported to the Swedish Authority for Privacy Protection within 72 hours, when it is required according to the GDPR.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
How to Contact Us
You are always welcomed to contact us, if you have any questions regarding this Privacy Policy or our Processing of Personal Data. You can send us a message at hi@localhero.ai, and we will try our best to resolve your concerns and answer your message without undue delay.