Privacy Policy

When you use Beacon, we collect the following categories of information:

• Account information: Your name, email address, and Google account identity used to authenticate.
• Incident data: Titles, descriptions, severity levels, status updates, comments, and resolution notes for incidents you create or manage.
• SOS alert data: Real-time location coordinates, timestamps, alert category, validity status, and closure reasons for SOS requests raised by delivery experts.
• Expert information: Name, phone number, Expert ID, and approximate location of delivery experts who trigger SOS alerts.
• Action logs: A record of actions taken on incidents — acknowledgements, escalations, resolutions — linked to your account.
• Session data: Login timestamps and session identifiers for security purposes.

• To enable real-time SOS monitoring and expert safety response.
• To manage, track, and resolve operational incidents.
• To generate analytics on SOS patterns, response times, and incident trends for operational improvement.
• To maintain an audit trail of actions for accountability and review.
• To enforce role-based access control, ensuring only authorised staff can view or act on sensitive data.
• To send relevant notifications and escalation alerts to operations agents.

SOS alerts contain precise GPS coordinates of delivery experts at the time of the alert. This data is treated with the highest level of sensitivity:

• Location data is used solely for safety response and incident management.
• Access is restricted to authorised SOS, Ops, and TNS team members via role-based permissions.
• Location data is not shared with third parties and is not used for purposes outside safety response.
• Historical SOS locations are retained for operational analytics and compliance review.

Beacon uses a role-based access control (RBAC) system. Access to incident data, SOS alerts, and analytics is restricted based on your assigned role:

• SOS Responders can view SOS, Ops, and TNS incidents throughout their lifecycle.
• Ops and TNS Responders can view incidents escalated to their team.
• Team Leads can view incidents related to their component or team.
• All access is logged and audited.

• Incident and SOS data is retained indefinitely for operational review, compliance, and trend analysis.
• Audit logs are retained for a minimum of 12 months.
• User sessions expire automatically after a period of inactivity.
• Deactivated user accounts are retained in records but cannot log in or access data.

We implement appropriate technical and organisational measures to protect data within Beacon:

• Authentication via Google OAuth — no passwords stored in Beacon.
• All data is transmitted over HTTPS.
• Database access is restricted to authorised services and personnel.
• Role-based permissions prevent unauthorised access to sensitive incident data.
• All permission changes are recorded in an immutable audit log.

Beacon integrates with the following third-party services:

• Google OAuth: Used for authentication. Governed by Google's Privacy Policy.
• Exotel: Used for IVR calls during SOS alerts. Call metadata may be logged.
• Slack: Used for incident notifications. Messages sent to Slack are governed by Slack's Privacy Policy.
• OpenStreetMap / Esri: Used for map tile rendering. No personal data is sent to these services.

As a Snabbit employee using Beacon, you may request access to, correction of, or deletion of your personal data by contacting the platform administrators. Requests related to expert data in SOS alerts should be directed to the Operations team.

We may update this Privacy Policy from time to time. Material changes will be communicated via internal channels. Continued use of Beacon after changes constitutes acceptance.

For questions about this Privacy Policy or data practices within Beacon, contact:

engineering@snabbit.com