# Privacy Policy
**Last updated:** April 23, 2026
## 1. Introduction
Beacon ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website and use our services.
## 2. Information We Collect
### 2.1 Account Registration
When you create an account, we collect:
- Email address
- Full name (optional)
- Password (encrypted)
### 2.2 OAuth Authentication
If you sign in with Google, we receive:
- Email address
- Full name
- Avatar/profile picture (if available)
We do not store your Google password or OAuth tokens on our servers beyond what Supabase requires for session management.
### 2.3 Learning Data
As you use Beacon, we collect:
- Your quiz scores and section progress
- Bookmarks and saved items
- Notes and custom questions you create
- Team membership and shared content
## 3. How We Use Your Information
We use your data solely to:
- Provide and improve the Beacon learning platform
- Track your learning progress
- Enable team collaboration features
- Send essential transactional emails (account verification, password reset)
- Comply with legal obligations
**We do not:**
- Sell or share your data with third parties
- Use your data for marketing or advertising
- Create user profiles for data brokers
- Share your learning data with other users without permission
## 4. Data Storage & Security
- Your data is stored securely in Supabase (cloud database with encryption)
- Passwords are hashed using industry-standard encryption
- We use HTTPS for all data transmission
- Access to your data is controlled by role-based access controls
## 5. Data Retention
Your data is retained for as long as your account is active. When you delete your account:
- Your account and all associated data are permanently deleted immediately
- No backups or logs of your personal data are retained beyond standard infrastructure backups (typically 30 days)
## 6. Your Rights (GDPR & Similar Laws)
If you are located in the EU or a jurisdiction with similar data protection laws, you have the right to:
### Right of Access (Art. 15)
Request a copy of all your personal data in machine-readable format via your account settings or by contacting us.
### Right to Erasure (Art. 17)
Request deletion of your account and all associated data. This can be done directly in your account settings under "Delete Account."
### Right to Data Portability (Art. 20)
Export your data in a standard format (JSON) via your account settings.
### Right to Object (Art. 21)
We do not use your data for automated decision-making or profiling. If you have concerns, please contact us.
### Right to Rectification (Art. 16)
You can update your profile information at any time in your account settings.
To exercise any of these rights, contact us at **allen@gradientsearchgroup.com**.
## 7. Third-Party Services
### Google OAuth
By signing in with Google, you agree to Google's Privacy Policy. We do not control Google's data practices.
### Supabase
Beacon uses Supabase for authentication and database hosting. See [Supabase Privacy Policy](https://supabase.com/privacy).
## 8. Cookies & Session Management
We use cookies for:
- Session management (to keep you logged in)
- Authentication (Supabase auth cookies)
- Basic analytics (if enabled)
You can delete these cookies anytime by logging out or clearing your browser cookies.
## 9. Data Breaches
If we discover a security breach affecting your personal data, we will:
- Notify affected users without undue delay
- Provide information on what happened and steps to take
- Document the incident and report to relevant authorities if required
## 10. Children's Privacy
Beacon is not intended for children under 13. We do not knowingly collect data from children under 13. If we become aware of such collection, we will delete the account and data.
## 11. Policy Changes
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy and updating the "Last updated" date. Your continued use of Beacon constitutes acceptance of the updated policy.
## 12. Contact Us
For privacy questions, data requests, or concerns:
**Email:** allen@gradientsearchgroup.com
We aim to respond to all data requests within 14 days.
---
**Beacon — Built by Gradient Search Group**
← Back