Your data is in safe hands

Simply put, keeping your data secure is the most important thing we do at Beacon. Here’s what that looks like in practice.
SECURITY
Iron-clad security features
You won’t find a more security-conscious CRM than Beacon. That’s why our solution is robust, scalable and dependable.
World-class infrastructure
Beacon is hosted on Amazon's AWS and Google's infrastructure. The same systems power organisations across the globe, from Netflix to NASA.
A UK-based system
Unlike other providers, our infrastructure is based entirely in the UK. We don't store your data abroad.
Real time monitoring
Our automated systems constantly monitor user activity, blocking any access that looks suspicious.
Private cloud hosting
Rest easy knowing your data is held behind a closed network, on servers based in the UK, that are not accessible to the public.
Two-factor authentication 
Provide extra login security by requiring confirmatory authentication using your mobile phone.
Security certificate
All communications between your browser and Beacon's website and mobile apps are encrypted via HTTPS.
Everything encrypted
All sensitive data including contact information, payment records, passwords and API keys are encrypted at rest.
Session management 
Monitor logins by IP address, location, time, browser and operating system and revoke access to prevent unauthorised access to your Beacon account.
Controlled access
Set fine-grained roles and permissions so your users only gain access to the data and features they need to carry out their work.
Sign in with Google & Microsoft
Often called 'SSO', sign into your Beacon account using Google or Microsoft. Safe, secure, simple!
ISO 27001
We're committed to providing the safest home possible for our customers data. That's why we're undergoing ISO 27001 certification, the most highly-regarded global standard.
Penetration testing
We regularly put our systems to the test, hiring independent security experts to try and find potential vulnerabilities so we can patch them up.
Your data and Beacon AI
Unlike free tools like ChatGPT, Beacon AI doesn't use your data to train public AI models. It also never leaves the UK, so you're always on the right side of GDPR. Find out more here.
Daily backups
Your entire CRM is automatically backed up every day, with records stored for 30 days.
Credit card processing
Beacon's card processing uses Stripe, which is secure and PCI compliant. Card details are never stored on our servers.
Keeping your data secure is the most important thing we do at Beacon.
David Simpson
Chief Technology Officer @ Beacon
On call policy
Our engineers work hard to keep Beacon running all of the time. We have an on-call policy for engineers just in case.
Reliable and transparent
We are fully transparent about Beacon’s performance. You can view our live system status, subscribe for updates, and view our entire uptime history here.
GDPR
Stress-free GDPR compliance
Used well, the GDPR can build trust with your supporters, and keep your data clean & compliant. Beacon was designed from the ground up to help you do this.
Consent tracking
Securely store contact & marketing preferences, uploaded consent forms and other compliance information.
Right to be forgotten
In Beacon, you can delete anyone's data permanently, along with all of their associated information and file attachments.
UK hosting
All of your data is stored securely in the UK, hosted by Amazon Web Services.
Audit logs
We keep a complete history of all changes made to a record, and who made the change, so you get the full picture on how Beacon is being used.
Data filtering
You can filter and segment data in the way you like. Build targeted lists based on consent date, marketing preferences, and more.
Right to access
You can easily download anyone's data from Beacon and send straight to the requester.
Discover what’s possible with a modern charity CRM.