Privacy
Last updated: 2026-05-12. Applicable in plain English to all users; binding for EU/EEA/UK residents under GDPR / UK-GDPR.
Who's the controller
WebToMCP is operated by an individual sole proprietor based in Taipei, Taiwan. For privacy enquiries: developer@webtomcp.net.
What we collect, why, and on what legal basis
| Data | Purpose | Legal basis (GDPR Art. 6) |
|---|---|---|
| Google identity (email, display name, profile photo URL) at sign-in | Create and authenticate your account | Contract performance (6(1)(b)) |
| URLs you submit + public content of those pages | Crawl, index, and serve them via your MCP endpoint | Contract performance (6(1)(b)) |
| Query log (text, timestamp, batch hit) when an AI client queries your endpoint | Show usage in your dashboard; enforce quotas | Contract performance (6(1)(b)) |
| Server logs (IP, user-agent, status) held by Cloudflare | Operate the service, mitigate abuse | Legitimate interest (6(1)(f)) |
| Billing data (when you subscribe via Polar) | Process the payment | Contract performance (6(1)(b)) |
| Marketing-site analytics (Google Analytics 4) | Count visits, see which referrers and countries drive sign-ups | Consent (6(1)(a)) — banner before any GA load |
| Operator notifications (your sign-up triggers an email to us via Resend) | Stay aware of who's joining; respond to early users | Legitimate interest (6(1)(f)) |
What we don't collect
- No third-party trackers anywhere in the authenticated dashboard (app.webtomcp.net). Only the session cookie that keeps you logged in.
- No GA, Mixpanel, Segment, marketing pixels, or fingerprinting beacons. On marketing pages we use GA4 only, opt-in only, anonymized IP, no Google Signals, no cross-site tracking.
- No PII fields harvested from inside crawled pages — we extract markdown text + vector embeddings, not phone numbers or social-security identifiers.
How long we keep it
- Account + tenant data: until you delete your account, then we erase within 30 days.
- Crawled site content + embeddings: until you delete the batch / your account, then 30 days.
- Query log: 90 days, then aggregated counts kept (no individual queries).
- Audit log (admin actions on your tenant): 12 months.
- Cloudflare server logs: per Cloudflare's policy (typically days, not months).
- GA4 analytics: 14 months (configured at the GA4 property minimum).
- Billing records: 7 years where required by Taiwan tax law (Article 33, Business Accounting Act).
Your rights (GDPR / UK-GDPR Articles 15–22)
Email developer@webtomcp.net to exercise any of these. We respond within 30 days.
- Access — get a copy of everything we hold on you.
- Rectification — correct anything that's wrong.
- Erasure ("right to be forgotten") — delete your account from Settings, or email us to delete a specific batch.
- Restriction — pause processing while a dispute is resolved.
- Portability — receive your data in a machine-readable format. Free, on request.
- Objection — refuse processing based on legitimate interest (analytics, notifications).
- Withdraw consent — you can decline or re-enable analytics any time via the cookie banner, or click the "Cookie settings" link in the page footer.
Who we share data with (sub-processors)
- Cloudflare, Inc. (US, with EU edge) — hosting, edge compute, D1, KV, Vectorize, Browser Rendering. SCCs in place.
- Google LLC (US) — OAuth sign-in, GA4 (marketing pages, with consent), and Gemini API (generates embeddings + summaries from your indexed content + queries). SCCs in place.
- Resend, Inc. (US) — sends operator notifications (new sign-up alerts, daily status digests). SCCs in place.
- Polar Software, Inc. (DE) — payment processing for paid plans (merchant of record). EEA-based, no transfer issues.
We do not sell your data. We do not share it with advertisers.
International transfers
Several sub-processors above are based in the United States. We rely on the European Commission's Standard Contractual Clauses with each US processor, and we minimize transfers (we never send PII fields harvested from crawled pages, and crawled content stays in Cloudflare's network where possible).
Cookies
See the full cookies + local storage page for what we set, why, and how long.
Deletion
Click Delete account in Settings. Within 30 days we delete your tenant row, your batches, your sites, your API keys, your usage rows, and your audit log. Existing access tokens are revoked immediately. Billing records are retained where required by Taiwan tax law (see retention table above).
Lodging a complaint
If you're in the EU/EEA or UK and you believe we've mishandled your data, you can complain to your national data-protection authority. A list of EU authorities: edpb.europa.eu/about-edpb/about-edpb/members. UK: ICO. We'd appreciate it if you emailed us first so we can try to fix the problem directly.
Changes to this policy
We'll bump the "Last updated" date at the top and, for material changes, send signed-in users an email at least 14 days before the new version takes effect.
Contact
Email developer@webtomcp.net with any privacy questions.