©2024 Beacon Apps Ltd. All Rights Reserved. 4-6 New Inn Broadway, London EC2A 3PR
This page provides a summary of the important information that you need to consider when evaluating Beacon from a data protection perspective.
We'll talk about two kinds of data here because sometimes Beacon is a Data Controller of your data and sometimes Beacon is a Data Processor of your data:
At Beacon we use Amazon Web Services (AWS) and Google Cloud Platform (GCP) infrastructure based in the UK to host our databases and servers securely in the cloud. All data and processing is hosted in the UK. One notable exception is Beacon's Smart Bcc functionality, which, for now, uses an AWS server based in Ireland.
We have a Data Processing Schedule in our terms and conditions which covers how we store and process your Processor Data. By agreeing to our terms and conditions you'll agree to the Data Processing Schedule and there is no need to sign a separate DPA.
To ensure no inconsistent or additional terms are imposed on us beyond that reflected in our standard terms and conditions, we cannot agree to sign customers’ DPAs. As a small team we also can’t make individual changes to our DPA since we don't have a legal team on staff. Any changes to the standard DPA would require legal counsel and a lot of back and forth discussion that would be cost prohibitive for us. We aim to keep the cost of Beacon reasonable, and custom DPAs would prevent us from doing that.
Section 5 of our privacy policy describes the tools that we use to process your Controller Data. Only Controller Data is sent to these tools, not your Processor Data. For example, we may share your email address with Mailchimp so that we can send you our newsletters.
Our sub-processors page describes the tools that we use to process the data that you store in your Beacon database (your Processor Data). Processor data will never leave the EU unless you use one of the optional sub-processors, and Processor data will never leave the UK unless you use our Smart Bcc functionality.