This page provides a summary of the important information that you need to consider when evaluating Beacon from a data protection perspective.
- Controller Data is data about you as a Beacon customer. For example your name, work email address, and job title. Beacon acts as a data controller for this data.
- Processor Data is any data that you store in your Beacon database. It could be data about your donors, members, or beneficiaries. Beacon acts as a data processor for this data.
All of your processor data stays in the UK
At Beacon we use Amazon Web Services (AWS) infrastructure based in London to host our databases and servers securely in the cloud. All data and processing is hosted in London. One notable exception is Beacon's Smart Bcc functionality, which, for now, uses an AWS server based in Ireland.
Everything that would be covered by a DPA is baked directly into our terms and conditions
We have a Data Processing Schedule in our terms and conditions which covers how we store and process your Processor Data. By agreeing to our terms and conditions you'll agree to the Data Processing Schedule and there is no need to sign a separate DPA.
We don't sign separate DPAs
To ensure no inconsistent or additional terms are imposed on us beyond that reflected in our standard terms and conditions, we cannot agree to sign customers’ DPAs. As a small team we also can’t make individual changes to our DPA since we don't have a legal team on staff. Any changes to the standard DPA would require legal counsel and a lot of back and forth discussion that would be cost prohibitive for us. We aim to keep the cost of Beacon reasonable, and custom DPAs would prevent us from doing that.
We use a variety of tools to process Controller Data
We also use tools to process Processor Data
Our sub-processors page describes the tools that we use to process the data that you store in your Beacon database (your Processor Data). Processor data will never leave the EU unless you use one of the optional sub-processors, and Processor data will never leave the UK unless you use our Smart Bcc functionality.