Legal
Privacy Policy for 0MCP
Effective Date: July 7, 2026
Welcome to 0MCP ("we," "our," or "us"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (0mcp.io) and use our Model Context Protocol platform and related services.
0MCP is a B2B SaaS platform designed to help teams create, deploy, host, monitor, and manage MCP servers from existing APIs.
Please read this Privacy Policy carefully. If you do not agree with it, please do not access the site or use our Services.
1. Information We Collect
We collect information that you provide directly to us, information derived from your use of the Services, and information from third-party sources.
Personal Information You Provide
- Account Information: When you register for an account, we collect your name, email address, and password.
- Billing Information: If you subscribe to a paid plan, our third-party payment processor, Polar, collects billing and subscription details.
- Communication Data: Information you provide when contacting our founders, support, or interacting with us via email or Discord.
Service Data
- API Specifications: OpenAPI and REST schemas and configurations you upload to generate MCP servers.
- Monitoring & Log Data: Usage analytics, request logs, and error data such as 500 or 401 API errors to provide operational monitoring and proactive email alerts.
- AI Client Interaction Data: Metadata about how AI clients interact with your deployed MCP servers for analytics and permissions management. We do not save data from user header requests, query requests, or platform response payloads. We only save operational metadata such as request status, tool call HTTP response codes, and request time.
Zero-Knowledge Authentication
We use a zero-knowledge authentication architecture. We never store your API credentials, tokens, or passwords used to access your underlying backend APIs.
2. How We Use Your Information
We use the information we collect primarily to provide, maintain, and improve our Services, including:
- Providing the Platform: To convert your APIs into MCP servers, host them, and manage API-change updates.
- Monitoring & Alerts: To monitor tool calls and proactively email your team when API errors occur.
- Security & Permissions: To enforce the permissions and safe actions you define, controlling what AI clients can and cannot do.
- Communication: To send administrative information, product updates, authentication emails, and security alerts.
- Analytics & Improvements: To understand how users interact with our platform and improve performance, testing environments, and features. This is done strictly using metadata. We do not analyze, store, or log actual request and response payload data from you or the platform.
3. How We Share Your Information
We never sell your personal information to anyone under any condition, and all your data is stored securely in a safe database. We may share information only in necessary situations.
- Service Providers: We use Vercel for hosting our website and dashboard, Polar for payment processing and subscription management, and Resend for authentication emails, operational alerts, and transactional messages.
- Legal Obligations: If required by law or in response to valid requests by public authorities.
- Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business.
4. Data Security
We implement commercially reasonable technical and organizational measures to protect your data. A core pillar of our security is zero-knowledge authentication, ensuring your critical API credentials never reside on our servers. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure.
5. Data Retention
We retain your personal information and service logs based on your subscription tier and operational needs.
- Operational Logs: Retained for 1 day for users on the Starter plan and 7 days for users on the Pro plan.
- Analytics Data: High-level usage analytics and historical metrics are retained indefinitely to provide ongoing platform insights.
6. Your Data Protection Rights
Depending on your location, including under GDPR, CCPA, or UK GDPR, you may have rights regarding your personal data.
- Access & Portability: The right to request access to and a copy of your personal data.
- Rectification: The right to correct inaccurate or incomplete information.
- Erasure: The right to request deletion of your personal data.
- Restriction & Objection: The right to object to or restrict our processing of your personal data.
To exercise these rights, please contact us using the information below.
7. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of changes by posting the new Privacy Policy on this page and updating the effective date. You should review this page periodically for changes.
8. Contact Us
We are a fully remote team. If you have questions about this Privacy Policy, need support, or would like to exercise your data protection rights, our founders will personally assist you.
- Founders' Email: kelis@0mcp.dev | bhavy@0mcp.dev
- Community & Support: Join our Discord Server