SYSTEM ACTIVE
m mcpmeter
Sign up
Sign up Sign in
HOME / LEGAL / PRIVACY POLICY
LEG LEGAL / PRIVACY

PRIVACY POLICY

What we collect, why we collect it, and what we don't. Plain English. Updated 2026-05-09.

v1 EFFECTIVE 2026-05-09 ~3 MIN READ

SUMMARY

TL;DR

We store the data you give us (account, projects, keys) and the metadata of every API call you make through our proxy (slug, tool name, status, latency, byte counts). We do not store JSON-RPC bodies. We use first-party session cookies and, with your consent, Google Analytics — no tracking pixels, no advertising cookies. Stripe processes payments; they see your card, we don't.

WHAT WE COLLECT

Account data

  • Name and email — what you provide when you sign up.
  • Password — stored as a SHA-256 hash via bcrypt. We can't see the plaintext.
  • Stripe customer ID + Connect account ID — opaque references to Stripe-side data.

Operational data

  • Projects, API keys — names you give them, and SHA-256 hashes of the secret. We never store the raw key.
  • Usage events — for every proxy call: timestamp, MCP slug, tool name, HTTP status, duration, byte counts, billed µ¢ amount, and a UUID request ID. We do not store the JSON-RPC request or response body.
  • Credit ledger — every signup bonus, top-up, usage debit, refund, or adjustment with its µ¢ amount and balance-after snapshot.

Cookies — strictly necessary (always set)

NAMEPURPOSELIFETIME
mcpmeter_sessionEncrypted session ID for keeping you signed in2 hours, sliding
XSRF-TOKENCross-site request forgery protection on form posts2 hours, sliding
mcpmeter_cookies_ackLocal-storage flag remembering your consent choicelocalStorage, no expiry

These are required for the site to function. They cannot be disabled.

Cookies — analytics (only set if you accept)

NAMEPURPOSELIFETIME
_gaGoogle Analytics — distinguishes returning visitors2 years
_ga_*Google Analytics property-specific session state2 years

Google Analytics · Consent Mode v2

We use Google Analytics 4 to understand product usage in aggregate. We run it under Consent Mode v2 with two operating modes:

  • You decline (or take no action). No _ga cookies are set. GA receives cookieless pings — anonymous beacons that count visits and sessions in aggregate. No client identifier, no cross-session tracking, no IP geolocation beyond country-level. We can see "X visits today"; we cannot see "this is the same person who visited yesterday".
  • You accept. _ga and _ga_* cookies are set. GA can correlate sessions, surface events (page views, clicks), and report engaged-session metrics tied to a pseudonymous client ID.

We do not embed Meta Pixel, TikTok pixel, Hotjar, Mixpanel, Segment, FullStory, or any other tracking / session-replay vendor. Google Ads features (ad_storage, ad_user_data, ad_personalization) stay denied even if you accept analytics — we don't run ads.

WHO SEES YOUR DATA

  • You. Everything is visible from your dashboard.
  • Publishers (limited). If you call a publisher's MCP listing, they see anonymised per-call metadata: slug, tool, status, latency, payout amount. They do not see your identity, email, or any other call you've made.
  • Stripe. When you top up, Stripe Checkout collects your card details. We never see them. Stripe's privacy policy: stripe.com/privacy.
  • Cloudflare. Sits in front of our origin for DDoS / TLS termination. They see request IPs and HTTP metadata; we use them under their standard data-processing agreement. cloudflare.com/privacypolicy.
  • Google Analytics (only if you accept). Receives anonymous page-view and event data with a pseudonymous client ID, processed in the EU and US under Google's data-processing terms. policies.google.com/privacy.
  • Nobody else. We do not sell or share data with advertisers, ad networks, data brokers, or any other third party.

HOW LONG WE KEEP IT

  • Account data — until you delete your account.
  • API keys — until you revoke them. Revoked keys remain for audit (we keep the prefix + last-used date, never the secret).
  • Usage events + ledger — 13 months from creation. Required for tax / accounting reconciliation. After 13 months, individual rows are aggregated into monthly totals.
  • Stripe data — Stripe's own retention rules apply.

YOUR RIGHTS

Under GDPR, CCPA, and similar regimes you have the right to:

  • Access — everything we hold is exportable from your dashboard. CSV exports for activity ledger; JSON dump on request.
  • Correct — name and email are editable from your profile page.
  • Delete — the "Delete Account" button on your profile permanently removes your account, projects, keys, and ledger. Anonymised aggregates may persist for accounting.
  • Object / restrict — email [email protected].
  • Portability — request a JSON dump of your data via the same email.

THE PROXY

OPEN SOURCE

Our proxy is open source — github.com/MCPMeter/mcpmeter-proxy — so the meter can be inspected, not just trusted. You can verify what it does and doesn't log. We log metadata only — never the JSON-RPC body of your tool calls.

UPDATES TO THIS POLICY

If we change anything material, we'll email all account holders at least 30 days before the change takes effect. The current version is always at mcpmeter.com/privacy. Past versions are available on request.

CONTACT

Questions, requests, complaints: [email protected].