Back to home
Privacy Policy

Privacy information for MCPeek

This page explains how personal data is processed when you visit the MCPeek landing page, use the waitlist form, or communicate with us in connection with early access. It is drafted for a Germany-based controller and aligned with the GDPR and the German TDDDG where applicable.

Last updated: March 17, 2026

1. Controller

Jan Gröpper

jan.groepper@mcpeek.app

Karlstr. 69, 64285 Darmstadt, Germany

If you have questions about this privacy policy or about the processing of your personal data, you can contact the controller using the email address above.

2. What data is processed, for what purpose, and on what legal basis

Website access and server logs

Purpose: To deliver the website securely, prevent abuse, investigate technical issues, and maintain platform stability.

Legal basis: Art. 6(1)(f) GDPR

Typical data categories:

  • - IP address
  • - date and time of request
  • - requested URL and status code
  • - referrer URL
  • - browser and operating system information
  • - request and platform metadata generated by the hosting environment

Retention: Only for as long as operationally necessary. On Vercel, runtime log retention depends on the configured plan and observability settings and may range from short-term retention to extended troubleshooting retention.

Waitlist and onboarding requests

Purpose: To process your request to join the MCPeek waitlist, assess fit for early access, contact you about onboarding, and manage the early adopter program.

Legal basis: Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR

Typical data categories:

  • - email address
  • - whether your app is already live on ChatGPT
  • - app name if provided
  • - brief app description if provided

Retention: Generally until the waitlist request has been processed, you withdraw your request, or the data is no longer needed for the early-access process, unless longer retention is required to document consent, defend legal claims, or comply with legal obligations.

Operational email delivery

Purpose: To send and receive waitlist and onboarding-related emails and to ensure reliable transactional delivery.

Legal basis: Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR

Typical data categories:

  • - email address
  • - email content relating to your waitlist request
  • - delivery metadata such as timestamps and delivery status

Retention: For as long as needed for delivery, troubleshooting, and operational documentation, subject to provider-level retention settings.

3. Recipients and processors

We use carefully selected service providers that process personal data on our behalf or support the technical operation of the service.

ProviderRoleUse
Vercelhosting and platform infrastructureUsed to host and deliver the website and to provide operational logging and platform security features.
Resendtransactional email deliveryUsed to transmit waitlist submissions to the controller by email and to support operational email delivery.

4. International data transfers

Some processing may involve providers located outside the European Union or European Economic Area, especially in the United States.

Where such transfers occur, they should be covered by an appropriate transfer mechanism under GDPR, for example an adequacy decision such as the EU-U.S. Data Privacy Framework where applicable and/or contractual safeguards such as a Data Processing Agreement with Standard Contractual Clauses.

Based on the current provider documentation, both Vercel and Resend publicly state support for GDPR-oriented transfer mechanisms. This is an inference from their published legal and security materials and should be backed by the actual contracts in your account.

5. Cookies and similar technologies

The landing page currently does not intentionally use non-essential cookies, tracking pixels, or comparable technologies for marketing or behavioral analytics.

If that changes later, any storage of or access to information on your device that is not strictly necessary would need to comply with the GDPR and section 25 TDDDG, including obtaining consent where required.

6. Your rights under the GDPR

You generally have the following rights, subject to the statutory requirements:

  • - right of access
  • - right to rectification
  • - right to erasure
  • - right to restriction of processing
  • - right to data portability
  • - right to object to processing based on legitimate interests
  • - right to withdraw consent at any time with future effect, where processing is based on consent
  • - right to lodge a complaint with a competent supervisory authority

To exercise your rights, contact the controller using the email address listed above.

7. No automated decision-making

We do not use your data on this landing page for automated decision-making within the meaning of Art. 22 GDPR, including profiling that produces legal effects or similarly significant effects.

8. Changes to this policy

We may update this privacy policy if the service, data flows, processors, or legal requirements change. The version published on this page is the current version.