Privacy Policy

PeopleDrivenAI LLC ("MCP Analytics", "we", "us") operates the website at mcpanalytics.ai and the related services at app.mcpanalytics.ai, account.mcpanalytics.ai, and api.mcpanalytics.ai (collectively, the "Services"). This policy explains what we collect, how we use it, and the choices you have. Questions: [email protected].

1. Information We Collect

Account information. When you create an account we collect your email address, name (if provided), and authentication identifiers (via Auth0).

Billing information. If you make a purchase, our payment processor (Stripe) collects your payment method. We do not store full card numbers on our systems.

Content you submit. Datasets, queries, and analysis configurations you upload to the Services.

Usage data. Pages visited, features used, request timestamps, and aggregate performance metrics. Collected via Google Analytics 4 (analytics) and Google Tag Manager (tag deployment), gated by your cookie-consent choice.

Cookies and local storage. We use first-party cookies for session state and consent tracking, and Google Analytics cookies (denied by default until you accept).

2. How We Use Your Information

• To provide, maintain, and improve the Services.
• To execute the statistical analyses you request and return the results to you.
• To process payments, manage subscriptions, and prevent fraud.
• To send transactional email (account, billing, security) and, only if you opt in, product updates.
• To comply with legal obligations and respond to lawful requests.

We do not train AI models on your content. Datasets you upload are used only to run the analysis you requested.

3. Third Parties We Share Data With

We share data only with vendors required to deliver the Services. Today these are:

• Stripe — payment processing.
• Anthropic — LLM inference for insight generation (your dataset content is sent so the model can describe results).
• Google Analytics 4 / Google Tag Manager — site analytics (consent-gated).
• Cloudflare — hosting, CDN, and bot mitigation.
• Microsoft Azure — backend infrastructure and database.
• Auth0 — authentication.
• SendGrid — transactional email.

We do not sell personal data.

4. Data Retention

Uploaded datasets and analysis outputs are retained for the lifetime of your account or 30 days after deletion, whichever is shorter. Account records (email, billing history) are retained as required for tax and accounting (typically 7 years). You can request deletion at any time — see Section 6.

5. Security

Data is encrypted in transit (TLS 1.3) and at rest (AES-256). Analyses run in isolated Docker containers. We follow standard industry practices for access control, secret rotation, and incident response. No system is perfectly secure; if we become aware of a breach affecting your data we will notify you per applicable law.

6. Your Rights (GDPR, CCPA, and similar)

Depending on where you live, you may have the right to: access the personal data we hold about you, correct it, request deletion, restrict or object to processing, port your data to another service, and opt out of any sale of personal data (we do not sell). To exercise any of these rights, email [email protected]. We respond within 30 days. EU residents may also lodge a complaint with their local data protection authority.

7. Children

The Services are not directed to children under 13. We do not knowingly collect personal information from anyone under 13.

8. International Transfers

We are headquartered in the United States. If you access the Services from outside the US, your data will be transferred to and processed in the US (and other countries where our vendors operate).

9. Changes to This Policy

We will post material changes here and update the Effective Date. Continued use of the Services after a change constitutes acceptance.

10. Contact

Privacy inquiries: [email protected]
Security disclosure: [email protected]
Mailing: PeopleDrivenAI LLC, San Francisco, California, USA.