Privacy Policy

When you sign up for Beacon we collect the email address you use to create an account, the display name you provide, and any credentials you paste into the Beacon vault to connect third-party apps (Slack, Mailchimp, Stripe, etc.).

When your AI client calls Beacon, we log the tool name, the connected app the call routed to, the response status, and how long the call took. We do not log tool arguments or response bodies — those can contain customer data and we treat them as yours, not ours.

Credentials you save to the vault are encrypted at rest using AES-256-GCM. They are decrypted in memory only for the duration of a single tool call. We do not copy decrypted credentials to disk or to logs.

Beacon is hosted on Vercel (United States) and stores persistent data in Vercel Blob. Outbound calls to third-party APIs (e.g. Slack, Mailchimp) are made directly from Beacon to those providers using the credentials you've authorized.

We do not sell your data, and we do not share it with advertisers.

You can export or delete your workspace at any time from the dashboard, or by emailing the support address below. EU/UK residents may exercise their rights under GDPR — including data portability and the right to be forgotten — by contacting us. California residents have additional rights under CCPA.

Beacon uses a single HMAC-signed session cookie to keep you signed in. We do not use third-party tracking cookies or analytics that share personal data.

Beacon is intended for use by adults in a business context. We do not knowingly collect data from anyone under 16.