mcpfor.work
DocsFAQHome
DraftThis is a plain-language draft describing how the product is designed to work. It has not yet been reviewed by counsel and is not the final agreement — it will be finalized before the hosted service launches.

Privacy Policy

Last updated: 11 July 2026

This policy covers the hosted mcpfor.work service. If you self-host, your data lives on your own machine and this policy does not apply — nothing leaves your computer.

The short version

  • We sign you in with a magic link — there is no password to store or leak.
  • We run zero server-side LLM calls. There is no model on our side, so we have nothing to train on your data and we never do.
  • Your salary floor is private and never disclosed in any application without your consent.
  • You can export everything as JSON, or delete your account and all data, at any time.
  • No advertising trackers, no third-party analytics cookies.

What we collect

  • Account: your email address, used for magic-link sign-in and (if you opt in) the daily digest.
  • Profile: the details you provide to make matches accurate — target roles, location, work authorization, languages, a private salary floor, and any CV facts, achievements, or writing style you choose to add.
  • Pipeline: the matches, applications, outcomes, and audit trail generated as you use the product.
  • Optional EEO/demographic data: only if you provide it — encrypted at rest, never used in scoring, and only ever used to pre-fill voluntary sections you choose to complete.
  • Technical: a session cookie for sign-in, and minimal operational logs to keep the service secure and working.
  • Payment: handled by our payment processor (Stripe). We never see or store your full card details.

Your AI client stays yours

The intelligence — searching, evaluating fit, drafting — runs inside your own Claude or ChatGPT subscription, in your own browser. We are the connector and the record; we never receive your AI conversations, and we make no LLM calls on our servers.

What we never do

  • We don’t sell your data, or share it for advertising.
  • We don’t train any model on your data (we run none).
  • We don’t disclose your salary floor without your explicit consent.
  • We don’t set advertising or cross-site tracking cookies.

Legal bases (GDPR)

  • Contract: most processing is to provide the service you signed up for.
  • Consent: optional EEO data and the digest email, which you can withdraw any time.
  • Legitimate interest: keeping the service secure and reliable.

Sub-processors

We use a small number of processors strictly to run the service: a payment processor (Stripe), an email delivery provider (for magic links and the digest), and cloud hosting. No AI vendor processes your data on our behalf. We’ll keep an up-to-date list available and give notice of material changes.

Retention & international transfers

We keep your data while your account is active and delete it on request. Where data is processed outside your region, we rely on appropriate safeguards (such as standard contractual clauses) with our processors.

Your rights

You can access, export, correct, or delete your data, restrict or object to processing, and withdraw consent — from your dashboard’s Account → Data & privacy settings, or by emailing us. You may also complain to your local data-protection authority.

Children

The service is not directed to anyone under 16, and we don’t knowingly collect their data.

Changes & contact

We’ll post material changes here and, where appropriate, notify you by email. Questions: privacy@mcpfor.work.

PrivacyTermsSecurityContact