Book Demo
Login

Privacy Policy

AdBeacon Privacy Policy

Updated: October 3, 2025

AdBeacon, Inc. (“AdBeacon,” “we,” “us,” “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our websites, use our products and services, and interact with us (collectively, the “Services”).

  • For personal information we collect from website visitors, prospects, account admins, and billing contacts, AdBeacon acts as a controller/business (GDPR/CPRA terminology).
  • For personal information we process on behalf of customers about their end users (e.g., shoppers, subscribers) through the Services, AdBeacon acts as a processor/service provider, and processes such data only on the customer’s documented instructions and our Data Processing Addendum (“DPA”).

If you do not agree with this Policy, do not access or use the Services.

1. Contacting Us

  • Email: support@adbeacon.com
  • Mail: AdBeacon, Inc., 31280 Oak Crest Drive, Westlake Village, CA 91361, ATTN: Privacy

2. What We Collect

We collect personal information in these categories (examples may vary by product/feature):

  • Identifiers & Contact: name, email, phone, postal address, company, title, account IDs, IP address, device IDs.
  • Account & Commercial: subscription tier, orders, billing and payment info (for admins only), support history.
  • Online Activity/Technical: log files, device/browser type, pages viewed, timestamps, referral URLs, approximate location (from IP), cookie IDs, SDK/pixel events.
  • Integration/Platform Data (Customer-Directed): event and conversion data flowing from your connected platforms (e.g., ecommerce, ad platforms) that you instruct us to process.
  • Inferences/Preferences: product interests, feature usage, communication preferences.
  • Sensitive Data: we do not seek to collect sensitive personal information from consumers; if any is processed (e.g., for account security), we use/disclose it only for permitted, limited purposes and not for inferring characteristics.

Sources. You (forms, account setup), your devices/browsers (cookies/SDKs), your connected platforms and tools (where you enable integrations), our service providers (e.g., fraud prevention, analytics), and publicly available sources.

3. How We Use Personal Information (Purposes & Legal Bases)

Purposes. To:

  • Provide, operate, secure, and support the Services; fulfill contracts; authenticate; prevent fraud/abuse.
  • Set up and manage accounts, subscriptions, and billing; provide customer support and training.
  • Measure and improve performance; develop new features; debug and fix issues.
  • Communicate about service updates, security notices, and administrative messages.
  • Comply with legal obligations (tax, accounting, lawful requests).

Legal bases (EEA/UK/Switzerland, when AdBeacon is controller).

  • Contract (Art. 6(1)(b)): to provide the Services you request.
  • Legitimate interests (Art. 6(1)(f)): to secure, improve, and market our Services (balanced with your rights).
  • Consent (Art. 6(1)(a)): for non-essential cookies/marketing where required; you can withdraw consent.
  • Legal obligation (Art. 6(1)(c)): e.g., tax/recordkeeping.

When AdBeacon is a processor/service provider, we process data solely on your instructions and our DPA.

4. Cookies, Pixels, SDKs & Preferences

We use cookies and similar technologies to run the Services (“strictly necessary”) and—where you consent—to measure usage and improve performance.

  • In the EU/UK, we do not set non-essential cookies until you opt in via our banner.
  • You can manage choices anytime via our Cookie Preferences link in the footer.
  • We honor Global Privacy Control (GPC) where applicable.
  • Learn more in our Cookie Policy (lists categories, purposes, and key third-party providers).

Your browser may offer “Do Not Track” (DNT); our Services currently do not respond to DNT signals, but we do honor GPC signals for sale/share opt-out where required by law.

5. California Privacy (CCPA/CPRA)

Service-provider posture. For personal information we process on your behalf about your end users, AdBeacon acts as your service provider: we do not sell or share personal information, do not use it for cross-context behavioral advertising, do not combine it with data from other customers except as permitted to provide/improve the Services, and bind our subprocessors to the same restrictions.

Notice at Collection (summary).

  • Categories: identifiers; commercial/account; internet/network activity; geolocation (coarse); inferences; professional data; financial/billing (admins only).
  • Sources: you/your devices; your connected platforms; service providers.
  • Purposes: operate Services; security/fraud; debugging; analytics; support; billing; legal compliance.
  • Retention: see Section 9 (by category).
  • Disclosure for business purposes to: cloud hosting, analytics, support, anti-fraud, payment processors, and—only on your instructions—integrated platforms you connect.
  • Sale/Share: We do not sell or share personal information as defined by CPRA.
  • Sensitive PI: not used beyond permitted, limited purposes; never to infer characteristics.

Your CPRA rights: access/know, delete, correct, data portability, opt-out of sale/share (not applicable—we do not sell/share), limit use/disclosure of sensitive PI, and non-discrimination. Submit requests to support@adbeacon.com. We will verify your identity (e.g., account email verification). You may use an authorized agent with proof of authorization. If we deny your request, you may appeal by replying “Appeal” to our response.

6. Other U.S. State Privacy Rights

Residents of certain U.S. states (e.g., CO, CT, VA, UT) may have rights to access, delete, correct, and to opt out of targeted advertising, sale, and certain profiling. Exercise rights at support@adbeacon.com. We will verify and respond within applicable timeframes. If we deny your request, you can appeal by replying “Appeal.”

7. International Data Transfers

When transferring personal data outside the EEA/UK/Switzerland, we use appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) and the UK IDTA/Addendum. You can request more information about these safeguards via support@adbeacon.com.

8. How We Share Personal Information

We do not sell personal information. We disclose personal information only as follows:

  • Service providers / subprocessors (cloud hosting, analytics, customer support, email delivery, payment processing, security/fraud) bound by written contracts limiting use to our instructions.
  • At your direction (integrations you enable): If you connect third-party platforms (e.g., Meta, Google), we process/transmit data only on your instructions to enable the features you select (e.g., conversions, attribution, audience tools). We do not sell/share this data and do not use it for cross-context behavioral advertising.
  • Corporate transactions: mergers, acquisitions, financing, or sale of assets (we will take steps to inform you as required).
  • Legal, safety, and security: to comply with law/enforce agreements; to protect you, us, users, or the public from harm or illegal activity.

We may create and use Aggregated/De-identified data (that cannot reasonably identify you or your end users) to improve and report on the Services.

9. Retention

We keep personal information only as long as needed for the purposes outlined or as required by law:

  • Account/admin & billing records: life of account + up to 7 years (tax/records).
  • Product telemetry & logs: 12–24 months, unless needed longer for security, legal, or audit purposes.
  • Support tickets: 3 years after closure.
  • Customer end-user data processed as processor/service provider: per your instructions and the DPA; typically life of contract + up to 90 days for backups, then deletion or de-identification.

We may retain limited information to comply with legal obligations, resolve disputes, and enforce agreements.

10. Security & Incident Response

We use administrative, technical, and physical safeguards appropriate to the nature of the data, including encryption in transit, access controls/least-privilege, secure software development practices, vulnerability management, and vendor security reviews.

If we become aware of a confirmed unauthorized access to personal information within our control that is likely to pose a risk to individuals, we will notify affected customers without undue delay and cooperate on any required notifications.

11. Children’s Privacy

We do not knowingly collect personal information from children under 13 (U.S.). In the EEA/UK, we do not knowingly offer Services directly to children under the age of digital consent (13–16, depending on country). If you believe a child has provided personal information, contact us to request deletion.

12. Your Privacy Choices & Rights (Global)

Depending on your location, you may have rights to access, rectify, delete, restrict, object, portability, and to withdraw consent (where processing is based on consent).
 To exercise rights, email support@adbeacon.com. We will verify and respond within the timelines required by applicable law. You may also lodge a complaint with your local data protection authority.

13. Role Clarifications & Customer Responsibilities

  • When we are processor/service provider: we process end-user data solely under your instructions and DPA. You are responsible for providing notices, obtaining consents, honoring opt-outs (including GPC), and ensuring your disclosures to individuals are accurate and complete.
  • Platform integrations (e.g., Meta/Google): we transmit/process only what you configure; you remain responsible for the legal basis and end-user disclosures/consents.

14. Third-Party Links & Services

Our Services may link to or interoperate with third-party sites/services. Their privacy practices are governed by their policies. Review those policies before sharing information with them.

15. Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will provide prominent notice (e.g., in-product notice or email) and update the Effective date above. Your continued use of the Services after the effective date constitutes acceptance.

16. Regional Disclosures (EU/UK/Switzerland)

Legal bases, rights, transfers—see Sections 3, 7, and 12.
 Representative/DPO: [Insert details if/when appointed].

17. California “Notice at Collection” (Detailed)

The following summarizes our practices over the past 12 months for California consumers (as defined by CPRA):

  • Categories collected: identifiers (name, email, IP, device IDs), commercial/account (subscriptions, orders), internet/network (usage logs, events), geolocation (coarse), professional info (company, title), inferences (product interests), financial data (billing admins only).
  • Sources: you/your devices, your connected platforms, service providers, and public sources.
  • Purposes: to provide/secure the Services; debugging; analytics; support; billing; compliance.
  • Retention: account life + 3–7 years (billing/records); logs 12–24 months; support 3 years; end-user data per customer instructions + up to 90 days backup.
  • Disclosures for business purposes to: cloud hosting, analytics, support vendors, anti-fraud, payment processors, and (only on your instructions) integrated platforms.
  • Sale/Share: No.
  • Sensitive PI: Not used beyond permitted purposes; not used to infer characteristics.

Exercise CPRA rights via support@adbeacon.com. We verify requests and honor GPC.

18. HIPAA & Business Associate Agreements (BAA)

AdBeacon is not a covered entity or business associate (as defined in the U.S. Health Insurance Portability and Accountability Act of 1996 and its implementing regulations, collectively “HIPAA”) and does not intend for its Services to be used for collecting, storing, transmitting, or otherwise processing Protected Health Information (“PHI”).

Customers are responsible for ensuring that no PHI is submitted to or processed through the Services unless AdBeacon has expressly agreed in writing to act as a Business Associate under a separate, duly executed Business Associate Agreement (BAA).

Without such a BAA:

  • You must not use the Services to transmit, store, or process PHI or other health information subject to HIPAA or similar health data protection laws.

  • AdBeacon disclaims all responsibility and liability for any PHI inadvertently submitted or otherwise processed through the Services.

  • Any such submission will be deemed unauthorized and a violation of these Terms and this Privacy Policy.

If your organization is legally required to use a BAA, please contact support@adbeacon.com to discuss whether an appropriate agreement can be established before using the Services for any data that could qualify as PHI.

Definitions (plain English)

  • Personal information / personal data: information that identifies, relates to, or can reasonably be linked to an individual or household.
  • Processor / Service Provider: we process data on a customer’s instructions and cannot use it for our own purposes.
  • Sell / Share (CPRA): “sell” means disclosure for monetary or other valuable consideration; “share” means disclosure for cross-context behavioral advertising. We do neither.

Questions? Email support@adbeacon.com. We’re here to help.