vacuum0
Let's do this step by step
local privacy
While scanning, you use GPS and (if you didnt change that) A-GPS via GrapheneOS proxies. Should be very private.
You may have Bluetooth enabled, not sure if this theoretically makes you trackable. But it is a fine drawback for me.
You may have wifi enabled, which should be pretty much fully private.
You may have cell data enabled, which means your ISP knows where the device with that ID and phone number is.
So, of course it is more private to not stumble data, but you need to do this once for every path you make, never again.
database
If you submit data there, a GPS point and surrounding networks will appear in the database.
The BeaconDB dev is trustworthy I think. They have good intentions. They could totally track you, but likely dont. All they would know is where some device was and at which surrounding networks.
There is no ID or account or anything, so people uploading data are not tracked. The data itself is controlled to prevent tampering (you need to know some surrounding networks when uploading new data)
wifi owner privacy
Unlike apple, google and probably all others, beaconDB wants to "geo-hash" the wifi SSIDs (names) and MacS so that you cannot get a single location if you only know one SSID or MAC address.
You can also always add nomap to your wifi name to prevent addition to the database.
Mobile hotspots will also always be left out from the database.
So in result, BeaconDB is fine.