Security

How we handle your store and competitor data.

A plain-English overview of the infrastructure, crawling approach, encryption, and practices behind Beaconmon. No marketing fluff. Just what we actually do.

Infrastructure

Compute: Hetzner Cloud

Beaconmon runs on Hetzner Cloud servers located in Nuremberg, Germany (EU). Hetzner is ISO 27001 certified and operates its own data centers. We use dedicated VPS instances with no shared CPU resources.

Database: Neon (PostgreSQL)

All persistent data is stored in Neon, a serverless PostgreSQL provider running on AWS us-east-2. Neon encrypts data at rest using AES-256 and provides point-in-time recovery. We use connection pooling and separate direct/pooled URLs. Migrations only run from controlled environments.

Edge & DDoS protection: Cloudflare

All traffic to beaconmon.com passes through Cloudflare. Cloudflare handles TLS termination (TLS 1.2 minimum, TLS 1.3 preferred), DDoS mitigation, and bot protection. The origin IP is not publicly exposed.

Cache: Redis (self-hosted)

Redis is self-hosted in the same stack as the application, used for job queues and status page caching. It is not exposed to the internet. AOF persistence is enabled. Redis is configured with noeviction policy. Queue jobs are never silently dropped under memory pressure.

Crawling and data collection

HTML-only (no headless browsers)

Beaconmon fetches and parses raw HTML to detect content changes on competitor stores and monitored sites. We do not run JavaScript or use headless browsers. This keeps infrastructure predictable on a single-server deployment and means checks complete in under a second. Most Shopify product prices, inventory status, and promotional copy are present in the HTML source. If a page renders content exclusively via client-side JavaScript, we monitor the source HTML rather than the rendered output.

What we collect per check

For uptime checks, we record the HTTP status code, response time, and up to 512 bytes of the response body on failure. For content monitors, we store one snapshot of the changed HTML element per event, retained for 90 days. We do not record full page snapshots or screenshots. Nothing collected from competitor stores is shared with other Beaconmon customers.

Encryption

In transit

All connections between your browser and Beaconmon are encrypted via TLS 1.2+. Internal service-to-service communication happens within the same private network and does not traverse the public internet. Database connections from workers to Neon use TLS.

At rest

Database data at rest is encrypted by Neon (AES-256). Session tokens are stored as hashed values; the raw token is never persisted. Alert channel credentials (Slack webhook URLs, custom webhook secrets) are stored encrypted in the database.

Passwords

Beaconmon supports email magic links (no passwords) and optional password-based login. All passwords are hashed with bcrypt (cost factor 12) and the plaintext is never logged or stored.

Access controls

Tenant isolation

Every database query that touches user data is scoped to a team ID. There is no code path that allows one team to read another team's monitors, check results, or alert channels. This is enforced at the repository layer, not the API layer, so it cannot be bypassed by route bugs.

Role-based access

Teams have three roles: Owner (full access + billing), Admin (full access, no billing), and Viewer (read-only). Role is checked on every mutation. Viewers cannot create, edit, or delete anything.

Rate limiting

Monitor creation is rate-limited to 20 requests per hour per team. Auth endpoints are rate-limited to 10 requests per 15 minutes per IP. Rate limit state is stored in Redis. If Redis is unavailable, limits fail open rather than blocking legitimate traffic.

Internal access

No Beaconmon employee has routine access to customer monitor data. Database access for debugging requires an explicit, time-limited connection from a developer machine. We do not have a customer support portal that exposes raw data.

GDPR & data privacy

Data location

Primary compute is in Germany (EU). Database is on Neon (AWS us-east-2, US). If your data residency requirements mandate EU-only storage, Beaconmon may not be the right fit today. We're working on an EU database option.

What we store

We store your email address, team name, monitor configurations, check results, incidents, and alert channel configs. We do not store the content of competitor stores or sites you monitor beyond what is needed for content change detection (one snapshot per change event, retained for 90 days).

Data retention

Check results are retained for 365 days for all plans. If you delete your account, all associated data is deleted within 30 days. We do not sell your data to third parties.

Cookies

We use one session cookie for authentication. No tracking cookies, no third-party ad cookies. We use Sentry for error tracking (which may capture browser metadata on exceptions) and that's it.

Responsible disclosure

If you discover a security vulnerability in Beaconmon, please report it to us before making it public. We take security reports seriously and will respond within 48 hours.

Email: security@beaconmon.com

We do not have a bug bounty program at this time, but we will acknowledge your contribution publicly if you wish.