Privacy Policy
Last updated: [DATE]
PLACEHOLDER: This page ships with the MCP Gateway boilerplate as a structural template. Replace it with a privacy policy reviewed by your own counsel that reflects what your app actually collects and processes.
1. Who we are
Name the data controller (your company), where it's registered, and how to contact your privacy team or DPO.
2. Information we collect
List the categories: account details (name, email, password), workspace content your customers store, billing details handled by your payment provider, usage analytics, and support correspondence.
3. How we use information
Explain each purpose and its lawful basis: providing the service, billing, security, product analytics, transactional email, and (if applicable) marketing with consent.
4. How we share information
Point to your sub-processors list and describe any other sharing (legal requirements, corporate transactions).
5. International transfers
Describe where data is hosted and the safeguards used for cross-border transfers.
6. Retention
State how long you keep account data, workspace content, backups, and logs — and what happens after account deletion.
7. Your rights
List the rights available in your customers' jurisdictions (access, correction, deletion, portability, objection) and how to exercise them.
8. Security
Summarize your security posture: encryption in transit and at rest, access controls, and how to report a vulnerability.
9. Changes to this policy
Explain how updates are published and how users are notified of material changes.
Contact
Privacy questions: privacy@mcp.agentic-accounting.com