This page provides a summary of the important information that you need to consider when evaluating Beacon from a data protection perspective.
At Beacon we use Amazon Web Services (AWS) and Google Cloud Platform (GCP) infrastructure based in the UK to host our databases and servers securely in the cloud. All data and processing is hosted in the UK. One notable exception is Beacon's Smart Bcc functionality, which, for now, uses an AWS server based in Ireland.
We have a Data Processing Schedule in our terms and conditions which covers how we store and process your Processor Data. By agreeing to our terms and conditions you'll agree to the Data Processing Schedule and there is no need to sign a separate DPA.
To ensure no inconsistent or additional terms are imposed on us beyond that reflected in our standard terms and conditions, we cannot agree to sign customers’ DPAs. As a small team we also can’t make individual changes to our DPA since we don't have a legal team on staff. Any changes to the standard DPA would require legal counsel and a lot of back and forth discussion that would be cost prohibitive for us. We aim to keep the cost of Beacon reasonable, and custom DPAs would prevent us from doing that.
Our sub-processors page describes the tools that we use to process the data that you store in your Beacon database (your Processor Data). Processor data will never leave the EU unless you use one of the optional sub-processors, and Processor data will never leave the UK unless you use our Smart Bcc functionality.