Last updated 3 July 2026

Privacy Notice

THEMA Beacon is a private photonics-intelligence hub for THEMA Foundries. This notice explains what personal data it processes and why. It is written to be plain and honest — if the system starts processing anything beyond what is described here, this page is updated first.

Who is responsible

During the current trial, Pierre-Louis Berlemont operates Beacon and is the data controller. If THEMA adopts Beacon, THEMA becomes the controller and PL acts as a processor under a data-processing agreement.

What we process

  • Account: your name and email address, and whether you are an admin or member.
  • Sign-in sessions: a session token plus the IP address and browser user-agent of your logins (needed to keep you signed in and to secure the account).
  • Your content: the chats you have with the research agent and the research documents you generate.

No special-category data is collected. We do not currently track email opens or clicks, and there is no advertising or third-party analytics.

Where your data lives (EU by default)

Your account, sessions, and content are stored in the EU (Neon in Frankfurt; agent compute on Fly.io in Amsterdam; the hub on Cloudflare's EU edge). Two flows leave the EU by necessity:

  • The language model (Anthropic, US): your chat and research prompts are sent to Anthropic to generate answers, under Standard Contractual Clauses and Anthropic's DPA. API data is not used to train models.
  • Web search (Tavily/Brave, US): your research queries (not your account data) are sent to fetch public results.

Sub-processors

ProviderPurposeLocation
NeonPrimary databaseEU — Frankfurt
CloudflareHub hosting + embeddingsEU edge
Fly.ioAgent computeEU — Amsterdam
ResendTransactional email (sign-in links, digests)EU sending
AnthropicLLM processing of chat & researchUS — SCCs + DPA
Tavily / BraveWeb search for research queriesUS

How long we keep it

  • Raw fetched article content: 30 days.
  • News items and usage events: 12 months.
  • Chat sessions: kept until you delete them, then purged within 30 days.
  • Encrypted backups: 35 days.

Your rights

You can request a copy of your data (access) or its deletion (erasure) at any time. We respond within one month. Deleting your account removes your profile, sessions, chats, and messages; shared intelligence documents are retained but unlinked from you.

To exercise a right, or for any question, contact pierrelouisberlemont@gmail.com. You also have the right to lodge a complaint with your data-protection authority.

Cookies

Beacon uses one essential cookie to keep you signed in. There are no tracking or advertising cookies, so there is no consent banner.