BEACON PILOT

Privacy Policy - Beacon Pilot Prompt Bank

Last Updated: August 15, 2025

1. Introduction

Beacon Pilot ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Beacon Pilot Prompt Bank service ("Service").

2. Information We Collect

2.1 Personal Information

When you create an account, we collect:

  • Email address (required for account creation)
  • Name (from OAuth providers or profile)
  • Profile picture (from OAuth providers, if available)
  • Account credentials (encrypted passwords for email/password accounts)

2.2 OAuth Information

When you use OAuth providers (Google, GitHub):

  • Provider account ID (for linking accounts)
  • Access tokens (securely stored for authentication)
  • Basic profile information (name, email, profile picture)

2.3 Usage Information

We automatically collect:

  • Prompt interactions (views, copies, ratings)
  • Search queries (for improving service)
  • Session information (login times, activity duration)
  • Technical information (IP address, browser type, device information)

2.4 Content You Create

  • Prompts you publish (title, description, content, metadata)
  • Ratings and reviews you provide
  • Suggestions you submit
  • Comments and feedback you post

2.5 AI Testing Data

  • Test results from AI model interactions
  • Performance metrics (cost, speed, quality scores)
  • Sample inputs you create for testing

3. How We Use Your Information

3.1 Service Provision

  • Provide and maintain the Service
  • Authenticate your identity
  • Enable prompt sharing and discovery
  • Process your interactions and transactions

3.2 Improvement and Analytics

  • Analyze usage patterns to improve the Service
  • Generate aggregate statistics (anonymized)
  • Optimize search and recommendation algorithms
  • Monitor service performance and reliability

3.3 Communication

  • Send important service updates
  • Respond to your support requests
  • Notify you of account-related activities

3.4 Community Features

  • Display your prompts with attribution (unless you request deletion)
  • Show ratings and contributions you've made
  • Enable collaboration and feedback features

4. Information Sharing and Disclosure

4.1 Public Content

  • Prompts you publish are publicly visible
  • Ratings and reviews are publicly visible
  • Your name/username is shown with your contributions (until account deletion)

4.2 MIT Licensed Content

Important: All prompts you create are automatically licensed under the MIT License and become part of the public domain. This means:

  • Your prompts can be freely used by anyone
  • Commercial use is permitted
  • Attribution is not required (but appreciated)

4.3 Third Parties

We do not sell your personal information. We may share information with:

  • Service providers (hosting, analytics, support services)
  • Legal authorities (if required by law or to protect rights)
  • Business transfers (in case of merger, acquisition, or sale)

4.4 Aggregated Data

We may share anonymized, aggregated data for:

  • Research and academic purposes
  • Industry reports and analytics
  • Service improvement insights

5. Data Retention

5.1 Account Data

  • Personal information is retained while your account is active
  • Login sessions expire based on activity
  • OAuth tokens are refreshed as needed

5.2 Content Data

  • MIT licensed prompts are retained permanently for community benefit
  • Ratings and interactions are retained to maintain data integrity
  • Usage analytics are retained for service improvement

5.3 Deleted Accounts

When you delete your account:

  • Personal information is permanently deleted
  • Account credentials are permanently deleted
  • OAuth connections are severed
  • Prompts remain available but attributed to "Anonymous User"
  • Ratings and interactions become anonymous

6. Your Rights and Choices

6.1 Access and Control

  • View your data through your account dashboard
  • Update your profile information at any time
  • Download your prompts (export functionality)
  • Manage OAuth connections through account settings

6.2 Data Deletion Rights

You have the right to:

  • Delete your account and personal information
  • Request data removal for specific content
  • Withdraw consent for data processing

6.3 Important Notice About Deletion

When you request data deletion:

  • Deleted: Personal information, account data, favorites, session data
  • ⚠️ Preserved: Prompts you created (as "Anonymous User" under MIT license)
  • ⚠️ Preserved: Anonymous ratings and interactions for data integrity

This preservation is necessary because:

  1. Prompts are MIT licensed and become community property
  2. Removing prompts would harm the community knowledge base
  3. Anonymous data helps improve the service for everyone

6.4 Marketing Communications

  • We do not send marketing emails
  • You will only receive essential service communications
  • You can opt out of non-essential emails in your account settings

7. Security Measures

7.1 Data Protection

  • Encryption in transit (HTTPS/TLS)
  • Encrypted password storage (bcrypt hashing)
  • Secure OAuth implementation following industry standards
  • Regular security updates and monitoring

7.2 Access Controls

  • Role-based access for team members
  • Audit logging for administrative actions
  • Regular access reviews and permission updates

7.3 Incident Response

  • Monitoring systems for suspicious activity
  • Incident response plan for data breaches
  • Prompt notification if security incidents occur

8. International Data Transfers

  • Data location: Primarily stored in Canada/North America
  • Cross-border transfers: May occur for service providers
  • Adequate protections: Ensured through contractual safeguards

9. Children's Privacy

  • The Service is not intended for users under 13 years old
  • We do not knowingly collect information from children under 13
  • If we learn of underage use, we will delete the account immediately

10. Cookies and Tracking

10.1 Essential Cookies

  • Authentication cookies (to keep you logged in)
  • Session management cookies
  • Security tokens for CSRF protection

10.2 Analytics

  • Usage analytics (anonymized) to improve the Service
  • Performance monitoring to ensure reliability
  • Error tracking to identify and fix issues

10.3 Your Choices

  • Essential cookies are required for the Service to function
  • Analytics cookies can be controlled through browser settings
  • No advertising cookies are used on our platform

11. Third-Party Services

11.1 OAuth Providers

  • Google OAuth: Subject to Google Privacy Policy
  • GitHub OAuth: Subject to GitHub Privacy Policy
  • We only access basic profile information you authorize

11.2 AI Model Providers

  • OpenAI, Anthropic, Google: Used for prompt testing
  • No personal data is sent to AI providers
  • Only prompt content and test parameters are shared

11.3 Infrastructure Providers

  • AWS: Hosting and database services
  • Content Delivery Networks: For performance
  • All providers are bound by data processing agreements

12. Changes to This Policy

  • Notification: We'll notify you of material changes via email
  • Effective date: Changes take effect 30 days after notification
  • Continued use: Constitutes acceptance of updated policy

13. Regional Privacy Rights

13.1 GDPR (European Users)

If you are in the EU, you have additional rights:

  • Right to rectification of inaccurate data
  • Right to restrict processing in certain circumstances
  • Right to data portability in structured formats
  • Right to object to certain processing activities

13.2 CCPA (California Users)

If you are a California resident:

  • Right to know what personal information we collect
  • Right to delete personal information (with MIT license exceptions)
  • Right to opt-out of sale (we don't sell personal information)
  • Right to non-discrimination for exercising your rights

13.3 Canadian Privacy Laws

  • PIPEDA compliance for personal information handling
  • Reasonable security safeguards for personal data
  • Individual access rights to personal information

14. Data Processing Legal Basis

We process your data based on:

  • Consent: For optional features and communications
  • Contract performance: To provide the Service you requested
  • Legitimate interests: To improve and secure the Service
  • Legal obligations: To comply with applicable laws

15. Contact Information

15.1 Privacy Questions

For privacy-related inquiries:

15.2 Data Subject Requests

For data access, deletion, or correction requests:

15.3 Data Protection Officer

For EU/GDPR related matters:

16. MIT License Reminder

Important Reminder: By using this Service, you acknowledge that all prompts you create will be licensed under the MIT License and will remain available to the community even after account deletion. This is essential for maintaining the collaborative nature of the platform and ensuring that valuable community contributions are preserved.

The MIT License ensures that:

  • The community continues to benefit from shared knowledge
  • Innovation and collaboration can flourish
  • Educational and commercial use are both permitted
  • The platform maintains its value for all users

This Privacy Policy explains our commitment to protecting your personal information while preserving the collaborative, open-source nature of the prompt sharing community. By using the Service, you consent to the collection and use of information as described in this policy.