Beacon Grant Solutions
Beacon Grant SolutionsEmpowering Immigrant Innovation
Sign InApply for Grant

Legal

Privacy Policy

Beacon Grant Solutions ('Beacon', 'we', 'us') operates a global grant-processing platform. This policy explains what personal data we collect, why we collect it, how we use it, and the rights you have under the data-protection law of your jurisdiction.

Last updated: May 6, 2026

1. Who we are

Beacon Grant Solutions is the data controller for personal information you submit through our application platform, applicant accounts, and verification tools. You can reach our privacy team at support@beaconsgrant.com.

2. Information we collect

  • Account data — name, email, password hash, and role (applicant, auditor, admin).
  • Application data — business details, jurisdiction, project description, funding requested, supporting documents, and any consent records.
  • Banking data — bank account information you submit when an application is approved, used solely to disburse grant funds.
  • Communication data — emails sent and received, status updates, and support requests.
  • Technical data — IP address, browser, device information, and minimal cookies (see our Cookie Policy).

3. How we use your information

  • To review, verify, and process your grant application.
  • To communicate status changes (submitted, under review, needs info, approved, rejected) to you and, where applicable, to the filing business-development firm.
  • To issue approval certificates, verification QR codes, and disburse approved funds.
  • To prevent fraud, comply with legal obligations, and improve our services.

4. Lawful bases for processing

We rely on (i) contract — to process your grant application; (ii) legitimate interest — to operate, secure, and improve the platform; (iii) legal obligation — for record-keeping, anti-fraud, and tax/audit requirements; and (iv) consent — for optional communications and where required by your jurisdiction.

5. Sharing your information

We never sell your personal information. We share it only with:

  • Authorised Beacon staff (auditors, administrators) who review your application.
  • The business-development firm that filed on your behalf, where applicable.
  • Regulated infrastructure providers (hosting, email delivery, database) under contractual confidentiality.
  • Authorities, when legally compelled.

6. International transfers

Beacon operates globally. Where personal data is transferred outside your home jurisdiction (for example, from the EEA to a non-adequate country), we rely on Standard Contractual Clauses (SCCs), the UK IDTA, or equivalent safeguards required by your local law.

7. Data retention

We keep application records for the duration of your relationship with Beacon and for a period afterwards required by audit, anti-fraud, and tax law (typically up to 7 years). Banking details are retained only while needed to complete disbursement plus the legally required minimum.

8. Security

We use encryption in transit and at rest, role-based access controls, audit logging, and database row-level security. No system is perfectly secure, but we work hard to protect your information.

9. Your rights by jurisdiction

Your specific rights depend on the law that applies to you. Below is a summary of the regimes Beacon recognises and the countries to which they apply on our platform.

PRIVACY ACT AU

Applies in: Australia

Processed under Australia's Privacy Act 1988 and the Australian Privacy Principles. You may access and correct your personal information.

GDPR

Applies in: Austria, Belgium, Denmark, Finland, France, Germany, Ireland, Italy, Netherlands, Norway, Poland, Portugal, Spain, Sweden

Processed under the EU General Data Protection Regulation (GDPR). Lawful basis: contract & legitimate interest. You have the right to access, rectify, erase, restrict, port, and object. Data may be transferred outside the EEA only under SCCs.

LGPD

Applies in: Brazil

Processed under Brazil's Lei Geral de Proteção de Dados (LGPD). You have the right to confirm, access, correct, anonymise, port, delete, and revoke consent.

PIPEDA

Applies in: Canada

Processed under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA). You may withdraw consent at any time and request access to or correction of your personal information.

PIPL

Applies in: China

Processed under China's Personal Information Protection Law (PIPL). Cross-border transfers require separate consent and a security assessment.

GENERIC

Applies in: Egypt, Ghana, Indonesia, Israel, Malaysia, Mexico, New Zealand, Philippines, Rwanda, Saudi Arabia, South Korea, Switzerland, Tanzania, Thailand, Turkey, Uganda, United Arab Emirates, Vietnam

Processed under applicable data protection laws of the chosen jurisdiction. You retain the right to access, correct, and request deletion of your personal information.

PDPB IN

Applies in: India

Processed under India's Digital Personal Data Protection Act 2023 (DPDPA). You retain rights to access, correct, erase, and grievance redressal.

APPI

Applies in: Japan

Processed under Japan's Act on the Protection of Personal Information (APPI). You may request disclosure, correction, or cessation of use of your personal information.

DPA KE

Applies in: Kenya

Processed under Kenya's Data Protection Act 2019. You retain rights to access, rectify, erase, restrict, port, and object to processing.

NDPR

Applies in: Nigeria

Processed under the Nigeria Data Protection Regulation (NDPR) and Nigeria Data Protection Act 2023. You may access, rectify, or request deletion of your data and lodge complaints with the NDPC.

PDPA SG

Applies in: Singapore

Processed under Singapore's Personal Data Protection Act (PDPA). You may withdraw consent and request access or correction of your personal data.

POPIA

Applies in: South Africa

Processed under South Africa's Protection of Personal Information Act (POPIA). You may access, correct, or delete your information and lodge complaints with the Information Regulator.

UK GDPR

Applies in: United Kingdom

Processed under the UK GDPR and Data Protection Act 2018. You retain rights to access, rectify, erase, restrict, port, and object. International transfers use the UK IDTA / SCCs.

CCPA

Applies in: United States

Processed in line with the California Consumer Privacy Act (CCPA/CPRA). You have the right to know, delete, correct, and opt-out of sale/sharing of your personal information.

10. How to exercise your rights

Email support@beaconsgrant.com with your request and the jurisdiction you reside in. We will respond within the timeframe required by your local law (typically 30 days). You may also lodge a complaint with your local data-protection authority.

11. Children

Beacon's services are intended for adults (18+) authorised to apply for grants on behalf of themselves or a registered business. We do not knowingly collect personal data from children.

12. Changes to this policy

We may update this policy as our platform evolves or as law requires. The "Last updated" date at the top reflects the latest revision. Material changes will be communicated by email to active users.

Questions about this policy? Contact us at support@beaconsgrant.com.

See also: Privacy · Terms · Cookies · Disclaimer

Last updated: