Beacon
Sign in

Legal

Privacy Policy

Last updated: June 20, 2026

Overview

Beacon is an SEO, AEO (Answer Engine Optimization), and AI-visibility audit and reporting service operated by Space Co ("SP-CE", "we", "us"), a company operating in the United States and Canada. This Privacy Policy explains what information we collect, how we use it, how we share it, and the choices you have. It applies to the Beacon web application and related services.

Beacon is currently available in closed beta to SP-CE clients only. Accounts are created for clients by an administrator, and you sign in passwordlessly with a one-time code sent to your email. We do not offer public self-service sign-up.

Information we collect

We collect the following categories of information:

  • Account information: your name and email address, used to authenticate you and to send transactional messages such as sign-in codes and a notice when your report is ready.
  • Audit data: the website URL(s) you ask us to analyze and the publicly available content of those pages, which we crawl to score technical SEO, content, and AI discoverability.
  • Data from services you connect: when you choose to connect an integration (Google Search Console, Google Business Profile, Google Analytics, or Bing Webmaster Tools), we access data from that service on your behalf to populate your reports. Details for Google services are in the next section.
  • Usage and device data: standard log information (such as IP address, browser type, and pages viewed) used to operate, secure, and improve the service.

Google user data we access

If you connect a Google account, you grant Beacon read-only access to specific data via Google OAuth. We request the minimum scopes needed for the features you enable, we never modify your Google data, and you can disconnect at any time. Specifically:

  • Google Search Console (scope: webmasters.readonly) — we read your verified sites and search-performance metrics (search queries, clicks, impressions, average position, and indexed-page counts) to show how your site performs in Google Search inside your Beacon report.
  • Google Business Profile (scope: business.manage) — for local businesses, we read your business profile information (such as categories, location, and reviews) to provide local-SEO and visibility insights. We do not post, edit, or delete anything on your profile.
  • Google Analytics (scope: analytics.readonly) — we read aggregated traffic and engagement metrics, including referral sources, so we can show the traffic your site receives — including visits referred by AI answer engines such as ChatGPT and Perplexity — alongside your visibility scores.

How we use information

We use the information we collect only to:

  • provide, maintain, and display the audits, reports, and dashboards you request;
  • generate the metrics, comparisons, and recommendations shown in your reports;
  • authenticate you, secure your account, and notify you about your reports and account;
  • operate, troubleshoot, and improve the reliability and quality of the service.

Limited Use of Google user data

Beacon's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

In particular: we use Google user data solely to provide and improve the user-facing features described in this policy; we do not sell Google user data; we do not use it for advertising; we do not transfer it to others except as necessary to provide or improve those features, to comply with applicable law, or as part of a merger or acquisition; and we do not allow humans to read it unless we have your affirmative consent, it is necessary for security or to comply with law, or the data has been aggregated and anonymized. We do not use Google user data to develop, improve, or train generalized or non-personalized AI and/or machine-learning models.

How we share information

We do not sell your personal information or your Google user data. We share information only in these limited circumstances:

  • Service providers (subprocessors): we use trusted vendors for cloud hosting and database storage that process data on our behalf under contractual confidentiality and security obligations.
  • Audit and analysis providers: to produce your report we send non-Google inputs — such as your public website content, your brand name, and competitor names — to data and AI providers (for example, our SEO data provider and large-language-model providers used to summarize findings). We do not send your Google account data to these providers.
  • Legal and safety: we may disclose information if required by law or to protect the rights, safety, and security of our users or the service.
  • Business transfers: information may be transferred as part of a merger, acquisition, or sale of assets, subject to this policy.

Data retention and deletion

We retain information for as long as your account is active or as needed to provide the service, then delete or anonymize it within a reasonable period unless a longer period is required by law.

You may disconnect any integration at any time from the Integrations area of the app. Disconnecting revokes Beacon's access and deletes the stored access and refresh tokens for that integration. You may also request deletion of your account and associated data by emailing us at the address below.

Revoking access

In addition to disconnecting an integration inside Beacon, you can review and revoke Beacon's access to your Google account at any time from your Google Account permissions page at https://myaccount.google.com/permissions.

Security

We protect your information using industry-standard safeguards. Integration credentials (OAuth access and refresh tokens) are encrypted at rest using AES-256-GCM, and all data is transmitted over encrypted connections (TLS). Access to production systems is restricted to authorized personnel. No method of transmission or storage is completely secure, but we work to protect your information and to limit access to it.

International users

Beacon is operated from the United States and Canada, and your information is processed there and in the locations where our service providers maintain facilities. By using the service you understand that your information may be processed in these locations, which may have different data-protection laws than your own.

Children

Beacon is a business tool and is not directed to children under 16, and we do not knowingly collect personal information from them.

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the date below and, where appropriate, notify you. Your continued use of the service after an update means you accept the revised policy.

Contact us

If you have questions or requests regarding this policy or your data, contact us at hello@sp-ce.co.