Privacy Policy

Introduction

At Beamer ("we," "our," or "us"), we are committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy explains how we collect, use, store, and protect your information when you use our service.

By using our service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

IMPORTANT LEGAL NOTICE: This privacy policy template is provided for development purposes only and MUST be reviewed and approved by qualified legal counsel before production deployment. This template may not be fully compliant with all applicable laws and regulations, including GDPR, CCPA, and other privacy legislation.

Data We Collect

Personal Information

When you create an account, we collect:

• Email address: Used for authentication and account communications
• Password: Stored securely using Firebase Authentication (hashed and encrypted)
• Account creation timestamp: To track your free plan usage and subscription status

Usage Data

When you use our email generation service, we collect:

• Email generation inputs: Your prompts, contact names, and context provided to Reach (NOT the generated email content)
• Usage metrics: Number of emails generated, generation timestamps, subscription tier
• User preferences: Tone preferences, notification settings, context memory settings
• Feedback data: Ratings, comments, and feedback you provide about generated emails

Technical Data

We automatically collect:

• Device information: Browser type, device type (mobile/tablet/desktop), operating system
• Analytics data: Page views, feature usage, session duration (via Mixpanel)
• IP address: For security and fraud prevention purposes

How We Use Your Data

We use your personal data for the following purposes:

Service Delivery

• Authenticate your account and manage your session
• Generate AI-powered email content based on your inputs
• Track your usage against subscription limits (10 free plan monthly, 200 pro plan monthly)
• Process payments and manage subscriptions via Stripe

Product Improvement

• Analyze usage patterns to improve AI output quality
• Use context memory to personalize email generation for your specific use cases
• Collect feedback to enhance product features and user experience
• Monitor system performance and reliability

Communication

• Send transactional emails (password resets, payment confirmations)
• Notify you of usage limits and subscription status
• Send product updates and feature announcements (if you opted in)

Legal Compliance

• Comply with applicable laws and regulations
• Protect against fraud and abuse
• Enforce our Terms of Service

Third-Party Services

We share your data with the following third-party services to operate our platform:

Firebase (Google Cloud Platform)

• Purpose: Authentication, database storage, cloud functions
• Data shared: Email, authentication tokens, usage data, user preferences
• Privacy policy: https://firebase.google.com/support/privacy

OpenAI

• Purpose: AI-powered email generation
• Data shared: Your email generation prompts and context (temporary processing only)
• Data retention: OpenAI does NOT store your data beyond 30 days for abuse monitoring (as of their current policy)
• Privacy policy: https://openai.com/privacy
• Important: We do NOT send the generated email content back to OpenAI

Stripe

• Purpose: Payment processing and subscription management
• Data shared: Email, payment information, subscription status
• Privacy policy: https://stripe.com/privacy
• Note: We do NOT store credit card information (Stripe handles all payment data)

Mixpanel

• Purpose: Product analytics and usage tracking
• Data shared: User ID, page views, feature usage events, device information
• Privacy policy: https://mixpanel.com/legal/privacy-policy

Data We Do NOT Share

• We do NOT sell your personal data to third parties
• We do NOT share the generated email content with any third party (including OpenAI after generation)
• We do NOT use your data for advertising purposes

Data Storage and Security

How Long We Store Your Data

• Account data: Stored until you delete your account
• Email generation inputs: Stored for context memory and product improvement (you can request deletion)
• Generated email content: NOT stored beyond your browser session
• Payment data: Stored by Stripe according to their retention policies
• Analytics data: Aggregated and anonymized after 12 months

Security Measures

We implement industry-standard security practices:

• Encryption in transit: All data transmitted via HTTPS (TLS 1.2+)
• Encryption at rest: Firebase Firestore encrypts all stored data
• Authentication: Firebase Auth with secure password hashing
• Access controls: Firestore security rules restrict data access to authorized users only
• API security: Cloud Functions use authentication tokens and rate limiting

Data Location

Your data is stored on Google Cloud Platform servers. Firebase automatically replicates data across multiple regions for reliability and performance.

Your Rights (GDPR and Privacy Laws)

Under GDPR and other privacy laws, you have the following rights:

Right to Access

You can request a copy of all personal data we hold about you. Contact us at support@beamersoftware.com with the subject line "Data Access Request."

Right to Rectification

You can update your email address and preferences through your account settings.

Right to Erasure (Right to be Forgotten)

You can request deletion of your account and all associated data. This will permanently remove:

• Your account credentials
• Email generation history and context memory
• Usage data and preferences
• Subscription information (after cancellation)

Note: We may retain aggregated, anonymized analytics data for product improvement.

Right to Data Portability

You can request your data in a machine-readable format (JSON). Contact us for data export.

Right to Object

You can object to certain data processing activities, such as:

• Marketing communications (opt-out via account settings)
• Analytics tracking (limited opt-out available)

Right to Withdraw Consent

You can withdraw consent for data processing at any time by deleting your account.

How to Exercise Your Rights: Email support@beamersoftware.com with your request. We will respond within 30 days as required by GDPR.

Cookies and Analytics

Essential Cookies

We use essential cookies for:

• Authentication (Firebase session tokens)
• Security (CSRF protection)

Analytics Cookies

We use Mixpanel for product analytics to understand:

• Which features are most used
• Where users encounter difficulties
• Conversion rates and user engagement

You can opt out of analytics tracking by enabling "Do Not Track" in your browser, though this may limit our ability to improve the product.

No Third-Party Advertising Cookies

We do NOT use advertising cookies or allow third-party ad networks to track you on our platform.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

• Changes in our data practices
• New features or third-party integrations
• Legal or regulatory requirements

When we make material changes:

• We will update the "Last updated" date at the top of this page
• We will notify you via email if you have an active account
• Continued use of our service after changes constitutes acceptance

We encourage you to review this Privacy Policy periodically.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

• Email: support@beamersoftware.com
• Subject line: "Privacy Inquiry"
• Response time: We aim to respond within 48 hours

For GDPR-specific requests (access, deletion, portability), please use the subject line "GDPR Request" for priority handling.

Data Protection Officer: For EU users, our data protection inquiries are handled by the same contact above.