Social Beacon is a work in progress. It might be changed in a way that is bad for privacy, either in adding new features, or because of errors I've made. Writing secure software is hard. Using apps always involves some risk to your privacy.
Social Beacon handles the following information about you:
- Your username
- Your password
- Your display name
- Your list of friends
- Beacons you send
All of this information is needed to make the app work. Lots of it could be used for evil. If you don't know me, you have to trust that I'm not evil, I guess.
Social Beacon is hosted using Amazon Web Services EC2. "If" they were evil, they would be able to access all the information the app handles. Push notifications use Google Firebase Cloud Messaging and the Apple Push Notifications Service. They could access the contents of all notifications from Social Beacon.
All data is secured in transit using HTTPS, which is relatively secure and is what most apps use. Data is not end-to-end encrypted. Your password will be stored using Argon2, which, if you're not techy, is a secure way of storing passwords.
Old Beacons and friend requests are automatically deleted. Your personal data, such as your username, display name and password, is deleted if you delete your account. There is a risk that some data might not get deleted when it's supposed to because of technical problems.
Social Beacon was written by Issa Chanzi. If you need to contact me for some reason, please email beacon@issachanzi.net .
Check out my GitHub page including the source code for Social Beacon at https://github.com/issachanzi .