Legal

Privacy Policy

Last updated: June 2026

    Short version: We collect minimal data to operate the service. We do not sell it. We keep it for 90 days.
  

1. What we collect

When you use DataNexus MCP, we collect:

IP address — the IP address of your client or agent making tool calls
Tool call inputs — the parameters you pass to each tool (e.g., a company EIN, a CVE ID, a domain name)
Timestamps — when each tool call occurred
Tool name — which tool was called
Latency and success/failure status — for service reliability monitoring
Session identifier — a randomly generated ID tied to a connection session, not to a person

We do not collect your name, email address, or any account information unless you voluntarily sign up for an API key at /signup.

2. Why we collect it

Service delivery — to route and execute your tool requests
Abuse prevention — to detect and block automated scanners, bots, and bad actors
Analytics — to understand which tools are used, identify bugs, and improve the service
Reliability — to monitor uptime, latency, and error rates

3. Data retention

Tool call logs are retained for 90 days, then automatically deleted. Aggregated, anonymized statistics (e.g., "100 calls were made to tool X in May") may be retained indefinitely.

4. Data sharing

We do not sell your data to third parties.

We use the following third-party services which may receive limited data:

Hetzner Online — cloud infrastructure provider (EU data center)
PostHog — anonymized analytics (EU cloud, events contain tool name and session ID only)
Cloudflare — DNS resolution (does not proxy traffic for this domain)

We may disclose data if required by law or to protect the security of the service.

5. Cookies and tracking

The DataNexus MCP API endpoint sets no cookies and performs no browser tracking. This homepage (datanexusmcp.com) also sets no cookies and loads no third-party trackers.

6. API key holders

If you sign up for an API key, we additionally collect your email address. This is used solely to send service-related communications (e.g., usage alerts, API key delivery). We do not send marketing email without your explicit consent.

7. Your rights

You may request deletion of any data associated with your IP address or API key by emailing support@datanexusmcp.com. We will respond within 30 days.

8. Security

Data is stored in a PostgreSQL database on a private Hetzner server. Access is restricted to the DataNexus MCP service and operator. TLS is enforced for all connections via Caddy.

9. Changes to this policy

We may update this policy as the service evolves. Material changes will be noted at the top of this page with an updated date.

10. Contact

Questions? Email support@datanexusmcp.com.