Privacy Policy

Last updated: November 3, 2025

Blueprint MCP is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our browser automation service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Your email address
  • Your name (optional)
  • Your chosen password (encrypted)

1.2 Usage Data

We automatically collect certain information when you use Blueprint MCP:

  • Browser extension version and type
  • Authentication tokens and session data
  • Connection logs and timestamps
  • Error logs and performance metrics

1.3 Payment Information

If you subscribe to Blueprint MCP Pro, payment processing is handled by Stripe. We do not store your credit card information on our servers. Stripe's privacy policy is available at stripe.com/privacy.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Blueprint MCP service
  • Authenticate browser extension connections
  • Process subscription payments
  • Send service-related notifications
  • Improve our service and fix bugs
  • Monitor usage and prevent abuse

3. Data Storage and Security

3.1 Data Storage

Your data is stored on secure servers. We implement industry-standard security measures to protect your information from unauthorized access, alteration, or destruction.

3.2 Authentication Tokens

JWT tokens used for browser authentication are:

  • Encrypted and securely transmitted
  • Time-limited (configurable expiration)
  • Revocable at any time from your account settings

3.3 Local Mode (Free Users)

For Free users, all communication is entirely local:

  • All data stays on your computer
  • Direct WebSocket connection between your browser and MCP server (localhost)
  • No data passes through our servers
  • Nothing is tracked, logged, or monitored by Blueprint MCP
  • Complete privacy - your browsing automation is 100% local

3.4 Relay Server (Pro Users)

For Pro subscribers using the relay server, WebSocket connections are:

  • Encrypted in transit
  • Not logged or stored
  • Only used to relay messages between your browser and your MCP server

4. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We only share data with:

  • Stripe - for payment processing (Pro subscribers only)
  • Service providers - who assist in operating our service, under strict confidentiality agreements
  • Legal authorities - when required by law or to protect our rights

5. Browser Automation Data

Important: Blueprint MCP acts as a relay between your MCP server and/or AI tool and your browser. We do not:

  • Store or log the content of web pages you interact with
  • Retain screenshots or DOM content passed through the relay
  • Track your browsing history or behavior
  • Access websites on your behalf

The extension only accesses websites when explicitly requested by you through MCP-compatible clients (such as Claude Code, Claude Desktop, or other AI tools).

6. Cookies and Tracking

6.1 Essential Cookies

We use essential cookies to:

  • Maintain your login session
  • Remember your preferences
  • Provide security features

6.2 Website Analytics

On our website (blueprint-mcp.com), we use the following analytics services to understand how visitors use our site and improve user experience:

  • Google Analytics - web traffic analysis and user behavior
  • Yandex Metrica - visitor analytics and heatmaps
  • New Relic - performance monitoring and error tracking
  • Facebook Pixel - conversion tracking for advertising campaigns

Important: These analytics tools are only used on the website. The browser extension does not include any analytics, tracking, or monitoring code. All browser automation happens locally or through our relay server without any third-party tracking.

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate information
  • Delete your account and data
  • Export your data
  • Revoke API tokens and sessions
  • Opt out of non-essential communications

To exercise these rights, please contact us at support@railsblueprint.com.

8. Data Retention

  • Account data: Retained until you delete your account
  • Authentication tokens: Automatically expire based on configured duration
  • Error logs: Retained for 30 days
  • Deleted accounts: Permanently removed within 30 days

9. Open Source

Blueprint MCP is open source. You can review our code at GitHub to see exactly how your data is handled.

10. Children's Privacy

Blueprint MCP is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting the new policy on this page
  • Updating the "Last updated" date
  • Sending an email notification (for material changes)

12. Contact Us

If you have questions about this Privacy Policy, please contact us:

This privacy policy is effective as of the date listed above and applies to all users of Blueprint MCP, including both Free and Pro subscribers.