Privacy

• Account: your email, name (if you give us one), and country.
• Pets: name, species, breed, photo, and description.
• Contacts: the mobile numbers and emails you tell us to text/email when someone scans a tag.
• Scans: when a finder scans a tag we record the time, approximate location and accuracy (when the finder grants permission), the what3words square covering it, the country derived from the IP address, and the user agent string. If the finder fills in their name, phone, or message, we record that too.
• Billing: subscription status and Stripe customer ID. Card numbers never touch our servers — Stripe holds those.

• To run the service: deliver tags, route alerts, show your pet's scan page.
• To improve the product — for example, anonymised counts of scans-per-pet help us decide what to build next.
• To prevent fraud and abuse, like the same email spinning up unlimited free tags.

• Database: Postgres on Railway, in the London (EU) region.
• Photos: a Railway-managed volume in the same region.
• Email: sent through Microsoft Graph from a BagBeacon-owned Microsoft 365 tenant.
• SMS: sent through Twilio (recipient-country routed).
• Geocoding: what3words for the human-readable square; Google Maps Static API for the preview image we paste into owner alerts.

• Account, pet, and contact data: kept while your account is active.
• Scan finder PII (name, phone, message): purged 30 days after a scan is marked resolved.
• Anonymised scan events (time, country, accuracy bucket) are retained indefinitely so you can look back at your own pet's history.

You can access, export, correct, or delete your data at any time from your settings page. Account deletion is immediate and cascades to your pets, contacts, scans, and subscription. We'll cancel any active Stripe subscription at the end of the current period.

Essential session cookie.We set one cookie when you sign in so the dashboard remembers you between page loads. This is strictly necessary for the service to work and isn't covered by the consent banner.

Google Analytics — only with your consent. If you accept on the cookie banner, we load Google Analytics 4 (Measurement ID G-4LKXY61DNC) to understand which pages help owners and finders most. We use Google's Consent Mode v2, so until you click Accept we send a consent-denied signal and no analytics cookies are set on your device.

The cookies, named. If you accept, GA sets two first-party cookies on your device:

• _ga — random visitor ID so repeat visits within a 2-year window are counted as one user. 2-year lifespan.
• _ga_4LKXY61DNC — session state for the same property. 2-year lifespan.

What GA records.Pages visited, the URL you came from (referrer), device and browser, approximate location (country and city — never your home address), and how long you spent on each page. We don't collect identifiers like name or email through GA — those only sit in our own database when you sign up.

No advertising features.Google's ad-storage, ad-user-data and ad-personalisation signals are permanentlyset to denied — even if you click Accept. That means GA can't feed Google's ad network with your behaviour from this site.

Changing your mind.Click “Cookie settings” in the footer at any time to re-open the consent banner. Rejecting analytics stops new GA pings immediately; the existing _gacookies expire on their own or you can clear them via your browser's site-data tools.

No third-party trackers.We don't run Facebook Pixel, TikTok Pixel, advertising retargeting, or third-party tag managers. The only third-party script the site can load is the Google Analytics tag described above.

Under the CCPA / CPRA you have the right to know what we collect, to delete it, to correct it, to opt out of the sale or sharing of personal information, and to be free from discrimination for exercising those rights.

We do not sell or share your personal information. We don't use it for cross-context behavioural advertising, and we don't pass it to data brokers — so the right to opt out doesn't have anything to act on. The easiest way to exercise the rest of your rights is the settings page: you can download an export of your data and delete your account in two clicks.

Questions, requests, or anything else: hello@bagbeacon.com. A privacy@bagbeacon.com mailbox is on the way; until it's wired, please use the hello@ address — it reaches the same person.