Legal · DPA

Data Processing Agreement

GDPR Art. 28 compliant.

The Beacons Data Processing Agreement applies to customers using the hosted control plane to process personal data under GDPR.

Roles

Customer is the controller; L1fe AI (operating Beacons) is the processor. Sub-processors are listed at /legal/subprocessors.

Subject matter and duration

We process the personal data described in our privacy policy for the duration of the customer's subscription, plus 90 days of retention.

Nature and purpose of processing

Operating the Beacons hosted control plane, providing support, metering and billing usage, maintaining the audit chain.

Types of personal data

Account identifiers, IdP claims, peer DIDs, operational telemetry, billing data. No mesh payloads. No private keys.

Sub-processors

See the live sub-processor list. Customer is notified by email at least 30 days before any addition.

Security measures

See the security model and trust center. Encryption at rest, mTLS in transit, mTLS rotation, hash-chained audit, Sigil anchoring.

Customer rights

We assist customers with subject access requests, deletion requests, and data portability. The audit chain anchors are public and cannot be selectively deleted; the personal data embedded in events is pseudonymous (DIDs, not names).

Execute

To execute the DPA, contact legal@beacons.sh.

Open a fleet

The mesh that fits agents and humans.

A `did:oas`-rooted private mesh that ships peer configurations to any device, anywhere, by policy — not by hand.

Open consoleRead the quickstart