← Back to Beacon

Privacy Policy

Last updated: April 2026

1. Who we are

Beacon is a CV delivery platform that lets professionals share trackable CV links with recruiters and hiring managers. This policy explains what data Beacon collects, why, and how it is used.

2. Data collected when viewing a CV

When you open a Beacon CV link, the following data is automatically collected and shared with the CV owner:

  • Country— derived from your IP address via Vercel's infrastructure. Your raw IP address is not stored.
  • Device type— desktop, tablet, or mobile, inferred from your browser's user agent string.
  • Referrer — the URL you navigated from, if any (e.g. LinkedIn, an email client).
  • Screen dimensions — your screen and viewport size.
  • Section engagement — which sections of the CV you scrolled into, and how long you spent on each one.
  • Scroll depth — how far down the page you scrolled.
  • Session ID — a randomly-generated identifier created in your browser for this visit. It is not linked to your identity and is not stored in a cookie.

No personal identifiers (name, email, or login) are collected from people viewing a CV. Your raw IP address is used only for rate limiting and country lookup, and is not persisted to our database.

3. Why we collect this data

This data is collected on behalf of the CV owner under the legal basis of legitimate interest. The CV owner has a legitimate interest in understanding whether their CV has been viewed and which sections a reader found most relevant — in the same way that a website owner tracks visitors to improve their content. Analytics data is only accessible to the CV owner and is not sold or shared with third parties.

4. Data retention

Analytics events are retained for as long as the CV owner maintains their account. When a CV owner deletes their account, all associated analytics data is deleted. When a specific CV or link is deleted by the owner, its associated events are also deleted.

5. Cookies and tracking

Beacon does not use cookies to track CV viewers. The session identifier used for analytics is generated in your browser's memory for a single visit and is not persisted to a cookie or local storage.

6. Your rights

If you are in the EU/EEA or UK, you have the right to request access to or deletion of any data we hold about your visit. Because we do not collect personal identifiers from CV viewers, it may not be possible to locate records associated with a specific individual. To submit a request, contact us at the address below with the CV link URL you visited and the approximate date and time.

7. Data for registered users

If you create a Beacon account, we additionally store your email address, profile information, and CV content. This data is held in Supabase (EU region) and is used solely to provide the service. You can delete your account and all associated data at any time from the Settings page.

8. Sub-processors

Beacon uses the following third-party services to provide the platform:

  • Vercel — hosting and edge network (provides country from IP)
  • Supabase — database and authentication
  • ClickHouse — analytics event storage
  • Upstash — rate limiting and email debouncing
  • Resend — transactional email delivery

9. Contact

For privacy-related questions or data requests, please contact us via the Beacon website. We aim to respond to all requests within 30 days.