Privacy Policy
Last updated: 8 July 2026
This policy explains how AskTask Limited, trading as Beopages(“we”, “us”), collects and uses personal data when you use beopages.com and the websites we build and host for our customers. We are an Irish company (registered office: Unit 2, 2 Bridge Street, Athlone, Co. Westmeath, Ireland) and the data controller for the personal data described here. You can reach us any time at hello@beopages.com.
1. What we collect
Account data. When you sign up we collect your email address and password (stored as a hash, never in plain text), or your Google account identifier if you sign in with Google.
Business data.To build a site we fetch publicly available information about a business — for example its Instagram profile, Google Maps listing, or existing website: business name, address, opening hours, photos, menus, reviews, and contact details. Usually you point us at these sources yourself. Sometimes we prepare a private, unlisted preview for a business from its public profiles before being asked, so the owner can see what their site could look like; see “Previews we build proactively” below.
Review authors.Public customer reviews shown on a site are displayed with the reviewer’s first name and initial only (for example “Brian K.”), without their photo.
Billing data. Payments are processed by Stripe. We never see or store your full card number. We keep records of your plan, invoices, and credit balance. Stripe collects your billing address and (optionally) VAT number to calculate tax — see Stripe’s privacy policy.
Visitor statistics (cookieless). For published sites we count page views, clicks, and QR-code scans using our own analytics built into the page. Per visit we record only: the event, the country (from the network, not GPS), the device type (phone/desktop), and the website the visitor came from. We do notstore the visitor’s IP address and we do not set any analytics cookies.
Product analytics on beopages.com.On our own website and dashboard (never on the sites we host for customers) we use PostHog, an analytics service, to understand how the product is used — pages viewed and buttons clicked. It runs on EU servers with no session recordings. By default it is cookieless and stores nothing in your browser. If you press “Allow” on our consent banner, we store a random anonymous identifier in your browser so we can recognise it on a return visit; press “Decline” and nothing is ever stored. You can clear the identifier at any time by deleting the site data in your browser. See PostHog’s privacy policy.
Error reports. When something in the product breaks, technical details of the error are sent to Sentry so we can fix it. These reports are configured not to include personal data.
Enquiry form data.Websites we host include a contact form. Messages submitted by your visitors (name, contact details, message text) are delivered to you and stored so you can read them in your dashboard. For these form submissions — and for the “request my site” form on beopages.com — we also record the sender’s IP address and browser identifier, used only to block spam and abuse.
Domain registration. If your plan includes a free domain and you claim one, we register it through our registrar (Openprovider) using generic contact details plus your account email.
2. Previews we build proactively
As part of reaching out to local businesses, we sometimes build a website preview for a business before its owner asks us to, using only information the business has already made public (its Google Maps listing, Instagram profile, or website). These previews are private and unlisted — they are reachable only through a personal link we send to the business owner, and they are never indexed by search engines or published.
We rely on our legitimate interest in offering our service to businesses (GDPR Art. 6(1)(f)) for this. If you are a business owner and want a preview of your business removed, reply to our email or write to hello@beopages.com — we delete the preview and all fetched data, and we will not rebuild one for your business. Declining the preview from the link we send does the same.
3. How we use it
- To create, host, and let you edit your website.
- To process subscriptions and coin purchases, and send invoices.
- To send service emails: site-ready notifications, billing receipts, payment-failure warnings, and important account notices.
- To answer support requests.
- To detect abuse and keep the service secure.
- To improve the product using aggregated usage statistics.
We do not sell personal data, and we do not use your business content to advertise to third parties.
4. AI processing
We use large-language-model providers (currently Anthropic Claude via Amazon Bedrock in the EU, and Google Gemini via Google Cloud) to generate and edit website content from the business data described above. The data sent to these providers is the public business information, the photos on your site, and the instructions you type in the editor — never your password or payment details. These providers process data on our behalf and do not use it to train their models under our agreements.
5. Where your data lives
Our database and file storage run on Supabase in the European Union. Our hosting runs on Amazon Web Services (Ireland region) and Cloudflare. Email is sent via Resend. Error tracking runs on Sentry. Product analytics runs on PostHog (EU servers). Public profile data is fetched with the help of Apify (EU). Domains are registered through Openprovider. Where a provider processes data outside the EU/EEA, transfers are covered by the EU Standard Contractual Clauses or an adequacy decision.
6. How long we keep it
- Account and site data: for as long as your account is active. If your subscription ends, your site goes offline and is permanently deleted after 30 days unless you come back.
- Unpublished drafts you create yourself are deleted 30 days after creation if you never publish them.
- If you delete your account, your sites, content, and personal data are deleted immediately; invoices and payment records are kept for 6 years as required by Irish tax law.
- Visitor enquiries live with the site they were sent to and are deleted with it.
- Error logs are retained for up to 12 months.
7. Your rights
Under the GDPR you can ask us to access, correct, export, restrict, or delete your personal data, and you can object to certain processing. You can delete your account (and everything in it) yourself from the dashboard settings, or email hello@beopages.com for anything else — we respond within 30 days. You also have the right to lodge a complaint with the Irish Data Protection Commission (dataprotection.ie).
8. Cookies
beopages.com uses only strictly necessary cookies — the ones that keep you signed in. We do not set advertising cookies. Our product analytics (PostHog) stores an anonymous identifier in your browser only if you allow it on the consent banner; otherwise it runs in cookieless mode and stores nothing. The customer sites we host are cookieless too: our visitor statistics work without cookies and without storing IP addresses, and the enquiry form uses an invisible anti-spam field rather than a tracking service.
9. Changes
If we make material changes to this policy we will notify you by email or a notice in the dashboard before they take effect. The “last updated” date at the top always reflects the current version.