Get the free guide to choosing a charity CRM


Privacy for Humans

All of the important points about privacy and data protection at Beacon, written with humans in mind.

This page provides a summary of the important information that you need to consider when evaluating Beacon from a data protection perspective.

We'll talk about two kinds of data here because sometimes Beacon is a Data Controller of your data and sometimes Beacon is a Data Processor of your data:

  • Controller Data is data about you as a Beacon customer. For example your name, work email address, and job title. Beacon acts as a data controller for this data.
  • Processor Data is any data that you store in your Beacon database. It could be data about your donors, members, or beneficiaries. Beacon acts as a data processor for this data.

All of your processor data stays in the UK

At Beacon we use Amazon Web Services (AWS) infrastructure based in London to host our databases and servers securely in the cloud. All data and processing is hosted in London. One notable exception is Beacon's Smart Bcc functionality, which, for now, uses an AWS server based in Ireland.

Everything that would be covered by a DPA is baked directly into our terms and conditions

We have a Data Processing Schedule in our terms and conditions which covers how we store and process your Processor Data. By agreeing to our terms and conditions you'll agree to the Data Processing Schedule and there is no need to sign a separate DPA.

We don't sign separate DPAs

To ensure no inconsistent or additional terms are imposed on us beyond that reflected in our standard terms and conditions, we cannot agree to sign customers’ DPAs. As a small team we also can’t make individual changes to our DPA since we don't have a legal team on staff. Any changes to the standard DPA would require legal counsel and a lot of back and forth discussion that would be cost prohibitive for us. We aim to keep the cost of Beacon reasonable, and custom DPAs would prevent us from doing that.

We use a variety of tools to process Controller Data

Section 5 of our privacy policy describes the tools that we use to process your Controller Data. Only Controller Data is sent to these tools, not your Processor Data. For example, we may share your email address with Mailchimp so that we can send you our newsletters.

We also use tools to process Processor Data

Our sub-processors page describes the tools that we use to process the data that you store in your Beacon database (your Processor Data). Processor data will never leave the EU unless you use one of the optional sub-processors, and Processor data will never leave the UK unless you use our Smart Bcc functionality.

Beacon Privacy Policy

Beacon Sub-processors

Beacon Terms and Conditions

Beacon Cookies Policy


Contact Us

It'd be great to hear from you! To reach out, fill in your details below and we'll get back to you.


Register for webinar

To join this webinar, please enter your details below and we'll send you details on how to join.