Beacon | Trust and Data Security

SECURITY

Iron-clad security features

You won’t find a more security-conscious CRM than Beacon. That’s why our solution is robust, scalable and dependable.

ISO 27001:2022 certified

We're committed to providing the safest home possible for our customers data. That's why we've undergone ISO 27001:2022 certification, the most highly-regarded global standard for data security. Our auditors are UKAS accredited.

World-class infrastructure

Beacon is hosted on Amazon's AWS and Google's infrastructure. The same systems power organisations across the globe, from Netflix to NASA.

A UK-based system

Unlike other providers, our infrastructure is based entirely in the UK. We don't store your data abroad.

Real time monitoring

Our automated systems constantly monitor user activity, blocking any access that looks suspicious.

Private cloud hosting

Rest easy knowing your data is held behind a closed network, on servers based in the UK, that are not accessible to the public.

Two-factor authentication

Provide extra login security by requiring confirmatory authentication using your mobile phone.

Security certificate

All communications between your browser and Beacon's website and mobile apps are encrypted via HTTPS.

Everything encrypted

All sensitive data including contact information, payment records, passwords and API keys are encrypted at rest.

Session management

Monitor logins by IP address, location, time, browser and operating system and revoke access to prevent unauthorised access to your Beacon account.

Controlled access

Set fine-grained roles and permissions so your users only gain access to the data and features they need to carry out their work.

Sign in with Google & Microsoft

Often called 'SSO', sign into your Beacon account using Google or Microsoft. Safe, secure, simple!

Penetration testing

We regularly put our systems to the test, hiring independent security experts to try and find potential vulnerabilities so we can patch them up.

Your data and Beacon AI

Unlike free AI tools, like ChatGPT, Beacon AI doesn't access your data, and doesn't use it to train public AI models. Your data never leaves the UK, so you're always on the right side of GDPR. Find out more here.

Daily backups

Your entire CRM is automatically backed up every day, with records stored for 30 days.

Credit card processing

Beacon's card processing uses Stripe, which is secure and PCI compliant. Card details are never stored on our servers.

GDPR

Stress-free GDPR compliance

Used well, the GDPR can build trust with your supporters, and keep your data clean & compliant. Beacon was designed from the ground up to help you do this.

Consent tracking

Securely store contact & marketing preferences, uploaded consent forms and other compliance information.

Right to be forgotten

In Beacon, you can delete anyone's data permanently, along with all of their associated information and file attachments.

UK hosting

All of your data is stored securely in the UK, hosted by Amazon Web Services.

Audit logs

We keep a complete history of all changes made to a record, and who made the change, so you get the full picture on how Beacon is being used.

Data filtering

You can filter and segment data in the way you like. Build targeted lists based on consent date, marketing preferences, and more.

Right to access

You can easily download anyone's data from Beacon and send straight to the requester.

Discover what’s possible with a modern charity CRM.

Try for free Contact sales