Privacy

The Milkweed Foundation is a public benefit LLC registered in the United States. A public benefit LLC carries legal obligations that a standard for-profit company does not — its operating agreement names a public benefit purpose, and managers must weigh that purpose alongside member returns in any significant decision. We name this here because it changes what we can and cannot do with your data. We are not optimizing for shareholder return at the exclusion of other stakeholders, we have no advertising business to which data could be repurposed, and any future ownership transfer would have to honor the public benefit purpose written into our charter. The protections below describe what we do; the public benefit form describes why we are structurally able to hold those commitments.

• Your account: email, name (as you entered it), and the password hash from our authentication provider.
• Your message: the plain text you wrote, the name of the person it goes to, and either their email or their phone number.
• Your schedule: the time of day you chose for the daily check-in.
• Your check-ins: a record of each check-in sent to you and whether you responded.
• Billing: we do not take payment at sign-up. When you eventually add a card, our payment provider stores it — we only see a token.

• Behavioral analytics. We do not run Google Analytics, Mixpanel, Heap, or any third-party tracking pixel. The only event-style data we keep is whether you responded to a check-in.
• Advertising identifiers. No Facebook Pixel, no Google Ads conversion tags, no LinkedIn Insight tags. There is no advertising business attached to Beacon.
• Model training data. Nothing you write — message content, account metadata, or check-in patterns — is used to train an AI model, ours or anyone else's.
• Cross-site fingerprinting. We do not attempt to identify you across other sites or sessions outside of your authenticated session with us.
• Sensitive demographic profiling. We do not infer or store ethnicity, religion, immigration status, or political affiliation. We do not have a use for that data and we do not want it on our systems.

Every piece of data on the previous list exists to do one thing: deliver your message to the right person at the moment you chose, if and only if you stop confirming you are still here. We do not build user profiles. We do not sell data. We do not use it to train models.

• A small number of Milkweed Foundation staff — for support requests you initiate or incident response.
• Our authentication provider (Clerk): your email, name, and encrypted session data.
• Our payment provider (Stripe): billing identity and card token, when applicable.
• Our delivery providers (email and SMS carriers): the recipient's address, and the message at the moment of delivery.
• Hosting (Cloudflare): the bytes of encrypted data at rest, plus standard request logs (IP, user agent, timestamp) for a short retention window.

We collect the contact method and name of the recipient you chose. We use it for one thing: delivering your message if your check-ins stop. We do not contact the recipient before that moment — they receive no marketing, no preview, no advance notice that a Beacon exists for them. If they receive the message and choose to decline it, we honor that decline and remove their contact from our system within 30 days. The recipient's contact information has the same retention as the rest of your account: lifetime plus 30 days, then purged.

• Message content: for the lifetime of your account plus 30 days after you delete it, then purged.
• Check-in logs: 90 days, then aggregated and purged.
• Account records: for the lifetime of your account plus 30 days.
• Request logs at the edge: 30 days at Cloudflare's default retention.

You can read, export, correct, or delete your data at any time through your account. If you are in a jurisdiction with stronger data rights (EU, California, and others), those apply on top of this baseline — write to us and we'll walk you through it.

Beacon is currently available in the United States and Canada. We have not launched in the European Union — when we do, we will register a data-protection lead and update this page with the EU-specific rights framework before opening sign-ups in any EU country. For California residents under CCPA: you have the right to know what we collect (the list above is exhaustive), the right to delete (use the account settings or write to us), the right to opt out of sale (we do not sell data — there is nothing to opt out of), and the right to non-discrimination for exercising these rights. For any jurisdiction with stronger data protections than the United States baseline, those protections apply on top of what is described here. Write privacy@milkweed.foundation if you need to exercise a right that the in-product controls don't cover.

If we receive a subpoena, court order, warrant, or national-security letter requesting information about your account, we follow the protocol documented on the security page. That protocol describes when we notify you, when we are legally barred from notifying you, what we will produce in response to a valid request, and our warrant canary. The full protocol is at /legal/security.

Write privacy@milkweed.foundation. A human answers.