Privacy Policy

Last updated: [DATE]

PLACEHOLDER: This page ships with the MCP Gateway boilerplate as a structural template. Replace it with a privacy policy reviewed by your own counsel that reflects what your app actually collects and processes.

1. Who we are

Name the data controller (your company), where it's registered, and how to contact your privacy team or DPO.

2. Information we collect

List the categories: account details (name, email, password), workspace content your customers store, billing details handled by your payment provider, usage analytics, and support correspondence.

3. How we use information

Explain each purpose and its lawful basis: providing the service, billing, security, product analytics, transactional email, and (if applicable) marketing with consent.

4. How we share information

Point to your sub-processors list and describe any other sharing (legal requirements, corporate transactions).

5. International transfers

Describe where data is hosted and the safeguards used for cross-border transfers.

6. Retention

State how long you keep account data, workspace content, backups, and logs — and what happens after account deletion.

7. Your rights

List the rights available in your customers' jurisdictions (access, correction, deletion, portability, objection) and how to exercise them.

8. Security

Summarize your security posture: encryption in transit and at rest, access controls, and how to report a vulnerability.

9. Changes to this policy

Explain how updates are published and how users are notified of material changes.

Contact

Privacy questions: privacy@mcp.agentic-accounting.com