Privacy
Last updated 2026-07-14 · Private beta — current product behavior; this notice may change as testing evolves.
PostBeacon turns your product URL into a launch plan. That means it handles your product’s page text, the profile built from it, and — if you use the workspace — the results you type in. This page says plainly where each piece lives, which vendors see it, and how to get it out or delete it.
The short version
- Not signed in? Your draft lives in your browser’s localStorage, not on our servers. Clear it any time with “Clear local draft”.
- Signed in? Projects are saved to our database (Supabase) in rows only your account can read.
- Your page text, profile, plan context and anything you paste to the copilot are sent to your primary AI model to generate output. If the primary model is unavailable, PostBeacon may retry with another configured provider. During this beta that can include DeepSeek, which processes data in China and does not clearly exclude training use; avoid confidential material.
- We never post to any platform for you, set no advertising cookies, and don’t use your content to train models or build cross-user datasets.
- You can export everything as JSON and delete a project or your whole account from inside the app.
- In-app action reminders are automatic. Event emails are off unless you explicitly enable them, and can be switched off from the workspace.
What we handle, where it lives
| Data | Where | Why | Kept | How to delete |
|---|---|---|---|---|
| Anonymous draft (URL, profile, strategy, drafts, experiments, product memory) | Your browser's localStorage — never our servers | So you can close the tab and resume | Until you clear it | “Clear local draft” on the start step, or clear browser data |
| Account identity (email, optional Google sign-in, display name) | Supabase (auth) | Sign-in and project ownership | Life of your account | Delete account |
| Saved projects (profile, fact ledger, strategy, generated content, calendar) | Supabase, in rows only you can read (row-level security) | Your launch plans, saved across devices | Until you delete the project or account | Delete project (×) or delete account |
| Workspace data (experiments, outcomes/metrics you type, tasks, audit log, product memory) | Supabase, same owner-only rules | The publish → measure → learn loop | With its project | Deleting the project cascades all of it |
| Prompts to the AI model (page text, profile, plan context, pasted feedback) | Sent to your primary model; on availability/credit/rate-limit failure, another configured provider (including DeepSeek during this beta) may receive the retry | Generating your profile, strategy, content and copilot answers | Not stored by us; the provider retains per its API policy (see table below) | Provider-side, per its policy |
| Copilot chat transcripts | Your browser session only | The conversation you're having | Gone when the panel session ends — never long-term memory by design | Automatic |
| Usage metering (plan, launches used, daily calls) | Supabase | Private-beta usage limits and abuse prevention | Life of your account | Delete account |
| Server logs & analytics | Vercel platform logs (IP, path); Vercel Web Analytics (cookieless, aggregated) | Operations, security, aggregate traffic | Vercel platform defaults | Ages out automatically |
AI models and your data
Generation starts on the primary model you pick. Prompts include your page’s extracted text, the profile, relevant plan context, and text you paste to the copilot. If that provider is unavailable, out of credit, rate-limited, misconfigured, or cannot return usable structured output, PostBeacon may retry the same prompt with another configured provider. A failed provider may already have received the first attempt. During this beta, automatic fallback can include DeepSeek and China processing. We don’t store chat transcripts; each provider retains API data per its own policy:
| Model | Region | Published API policy (as we read it) |
|---|---|---|
| OpenAI | US | API data isn't used to train models by default; retained up to ~30 days for abuse monitoring. |
| DeepSeek | China | Data is processed in China and training use isn't clearly excluded — avoid confidential material with this model. |
Where a provider’s policy doesn’t clearly exclude training use, we never make it the default and we label it in the model picker. If your product is still confidential, don’t paste anything you wouldn’t want retained. During this beta, DeepSeek may also be used as the disclosed automatic fallback; avoid confidential material.
What we deliberately don’t do
- No auto-posting. PostBeacon never holds your social accounts’ credentials and never publishes on your behalf — you copy and post.
- No training on your content, no cross-user aggregation. Your plans and outcomes are used only to serve you. If we ever want to learn from anonymized outcome data in aggregate, that will be a separate, explicit, revocable opt-in — de-identified and only computed over large cohorts — and off by default.
- No ad tech. Analytics are cookieless and aggregated (Vercel Web Analytics). We don’t sell or share personal information for advertising.
Your controls
- Clear local draft — on the start step, removes the anonymous draft from your browser.
- Export my data — in the app’s “Data & privacy” menu: downloads your account’s projects, experiments, outcomes, tasks and plan status as one JSON file.
- Delete a project — the × beside a saved project; its experiments, outcomes and tasks are deleted with it.
- Delete my account — in “Data & privacy”: removes your projects, workspace data, usage records and the account itself. If a deployment can’t perform a full deletion, the app says so instead of pretending.
Residual copies can persist briefly in encrypted database backups until those backups age out on the vendor’s schedule.
Retention
This deployment automatically deletes signed-in projects untouched for 30 days (and internal webhook receipts of the same age). Anonymous drafts are on your device and are never touched by us.
Vendors and transfers
The full list of vendors that touch data, what each sees, and when, is on the data-vendors page. Hosting is on Vercel (US); if you’re outside the US your data is processed there and by the model provider’s region shown above.
Changes
We’ll update this page as the product evolves and bump the date at the top; material changes will be visible in the app. During the private beta, please tell us if this page does not match what the product actually does.
Questions or requests about your data: privacy@postbeacon.app. © 2026 PostBeacon · postbeacon.app