Last updated: 8 July 2025
| Category | Examples | Purpose |
|---|---|---|
| Account Data | Name, email address, Google OAuth ID | Create & secure your account, deliver Service |
| Payment Data | Limited billing details (tokenized card, ZIP) handled by Stripe | Process subscriptions & invoices |
| Usage Logs | IP address, request headers, endpoint called, query string (address looked-up), timestamps, quota usage | Provide core functionality, rate-limit abuse, analytics |
| Cookies / Local Storage | Auth session cookie, CSRF token, preference flags | Keep you signed in, remember settings |
We do not intentionally collect sensitive personal data (race, health, etc.).
We do not sell or rent your personal information.
| Basis | When applied |
|---|---|
| Contract | To deliver the Service you request (e.g., API look-ups). |
| Legitimate Interests | Security, service analytics, preventing fraud. |
| Consent | Marketing emails (opt-in, unsubscribe anytime). |
| Legal Obligation | Accounting & tax record-keeping. |
| Recipient | Reason |
|---|---|
| Infrastructure Providers (Vercel, AWS, Supabase/Postgres) | Host servers & databases |
| Payment Processor (Stripe) | Manage subscriptions, refunds |
| Analytics (Plausible, self-hosted) | Privacy-friendly usage metrics |
| Law enforcement or regulators | Only when legally required |
All vendors are bound by agreements that protect your data.
You may delete your account anytime via the Dashboard or by emailing privacy@oz-mcp.com; we’ll erase identifying data within 30 days except where legal obligations require otherwise.
We use HTTPS, encrypted databases, least-privilege IAM roles, and audit logging. No method is 100 % secure, but we work hard to protect your data.
Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal data. Send requests to privacy@oz-mcp.com. We’ll respond within 30 days.
We host the Service in the United States. If you access from outside the U.S., you consent to transferring your data to U.S. servers.
OZ-MCP is not directed to children under 16. We do not knowingly collect data from them.
We may update this policy. We’ll post the revision date and, for material changes, email account holders at least 7 days before it takes effect.
Agiato LLC
548 Market St, PMB 12345
San Francisco, CA 94104