Introduction

Bug Beacon Ltd. is committed to protecting the privacy of individuals. As a UK-registered company operating as a sole proprietorship, our core business involves providing hacker engagement services in the form of events, primarily to US customers. A unique aspect of our operations is that Bug Beacon Ltd. does not directly collect, process, or store personal data from customers or event participants. This Privacy Policy outlines our approach to privacy, acknowledging our minimal data footprint while ensuring transparency and compliance with relevant privacy regulations.

Our Commitment to Privacy

Even without directly holding customer data, Bug Beacon Ltd. is committed to:

  • Transparency: Clearly communicating our privacy practices.
  • Minimalism: Only interacting with data absolutely necessary for our operations.
  • Compliance: Adhering to applicable privacy laws in the UK and the US, particularly as they relate to general business operations and interactions.
  • Integrity: Handling any incidental or business-related personal information with care and respect.

Data We Do Not Collect or Process (Customer/Participant Data)

Bug Beacon Ltd. explicitly states that we do not collect, process, or store any personal data related to: (a) your customers, (b) your event participants, or (c) any individuals involved in your hacker engagement services. Our services are designed to focus solely on the technical aspects of hacker engagement and event facilitation, without requiring personal identifying information of the end-users or clients’ customers.

Limited Personal Information We May Process (Business Operations)

In the course of running Bug Beacon Ltd. as a business, we may incidentally process a very limited amount of personal information, primarily for operational and communication purposes. This may include:

  • Contact Information for Business-to-Business Interactions: This could involve names, email addresses, and phone numbers of client representatives or partners strictly for invoicing, project coordination, and legitimate business communications. This information is typically provided directly to us by the client organization.
  • Website Usage Data (if applicable): If Bug Beacon Ltd. operates a website, standard, anonymized website analytics may be collected (e.g., IP addresses truncated, browser type, pages visited) to understand website traffic, but this data is generally aggregated and does not identify individuals. No cookies or tracking technologies are used to personally identify website visitors.
  • Financial Records: Basic contact and payment information necessary for invoicing and accounting purposes. This information is limited to what is required for legitimate business transactions.

How Limited Information is Used

Any limited personal information processed (as described in Section 4) is used solely for:

  • Service Delivery: To communicate with clients regarding events and services.
  • Business Operations: For invoicing, accounting, and compliance with legal obligations (e.g., tax records).
  • Website Improvement (if applicable): To analyze general website usage trends, always in an anonymized fashion.

Data Sharing and Disclosure

Bug Beacon Ltd. does not sell, rent, or trade any personal information. Limited personal information may only be disclosed in the following circumstances:

  • Legal Compliance: If required by law, court order, or governmental regulation in the UK or US.
  • Service Providers: To trusted third-party service providers who assist us in operating our business (e.g., accounting software, secure communication platforms), provided they adhere to strict confidentiality and data protection standards. We ensure any such third parties are GDPR and/or equivalent privacy compliant where applicable.

Data Security

Bug Beacon Ltd. implements appropriate technical and organizational measures to protect any limited personal information we handle against unauthorized access, disclosure, alteration, or destruction. These measures include:

  • Using secure, reputable business software and services.
  • Employing strong passwords and multi-factor authentication for all critical accounts.
  • Maintaining up-to-date security software on all devices.

Data Retention

We retain the limited personal information described in Section 4 only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Your Privacy Rights (Applicable to any limited personal data held)

While Bug Beacon Ltd. primarily deals with organizations, if you are an individual whose limited personal data we hold (e.g., a client contact), you may have certain rights under applicable privacy laws, including:

  • Right to Access: Request a copy of the personal information we hold about you.
  • Right to Rectification: Request correction of inaccurate personal information.
  • Right to Erasure: Request deletion of your personal information, subject to legal obligations.
  • Right to Restrict Processing: Request a halt to the processing of your personal information in certain circumstances.
  • Right to Data Portability: Request your personal information in a structured, commonly used, machine-readable format.
  • Right to Object: Object to the processing of your personal information in certain situations.

To exercise any of these rights, please contact us using the details provided below.

International Data Transfers

As a UK company serving US clients, any incidental business data processed will primarily reside within the UK or within trusted service provider platforms that ensure adequate data protection safeguards (e.g., adherence to EU-US Data Privacy Framework principles or standard contractual clauses).

Changes to This Privacy Policy

This Privacy Policy may be updated periodically to reflect changes in our practices or legal requirements. We will post any revised policy on our website (if applicable) or provide it directly to relevant parties.