Privacy Policy
Last updated: October 4, 2025
Tovee.AI is owned and operated by Cytisum Digital Consulting Inc.
Cytisum Digital Consulting Inc. is the data controller for this website and service.
This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when using the tovee.ai website and MCP endpoint service. Please read this policy carefully before using the service. If you do not agree with the terms, please do not access or use the service.
Service Overview
Tovee.AI enables users to create and host personal MCP (Model Context Protocol) endpoints. Users may connect productivity applications. Users control which tools and data scopes are exposed to AI model clients such as ChatGPT or Claude. We act as an intermediary that facilitates tool execution but do not proxy or intercept LLM conversations.
Information We Collect
Device and Usage Data: We collect IP addresses, browser type and version, time zone settings, operating system, device identifiers, and cookies. We also collect information about pages viewed, features accessed, referral sources, timestamps, and session duration to improve service functionality and security.
Account Information: When registering for an account, we collect email address, username, and authentication credentials managed through our identity provider. For paid plans, we collect name, billing address, payment method details (processed by third-party payment processors), and company information if applicable.
Service Configuration Data: We store MCP endpoint metadata including endpoint URLs, API keys (hashed), tool configurations, enabled integrations, usage counters, rate limit tracking, and account tier information.
Tool Execution Data: We store audit hashes and metadata for tool calls to enable security monitoring, abuse detection, and usage tracking. We do not store message content, conversation history, or full request/response payloads by default. Tool call metadata includes timestamps, tool names, success/failure status, and error codes. For debugging purposes with explicit user consent, we may temporarily log additional request details.
Connected Application Tokens: We store OAuth 2.0 access tokens, refresh tokens, and associated metadata for applications users authorize. All tokens are encrypted at rest using AES-256 encryption with envelope encryption architecture. Encryption keys are rotated regularly and stored separately from encrypted data. We do not read, analyze, or store user content from connected applications except when explicitly required to execute a tool call authorized by the user. Any cached data required for tool execution is purged immediately after the operation completes.
Support and Communication Data: When contacting support, we collect the information provided in communications including email content, attachments, and associated account details. We maintain support ticket history to improve service quality.
Analytics Data: We collect aggregated, anonymized analytics data about feature usage, performance metrics, error rates, and service health indicators to improve the platform.
We do not intentionally collect sensitive personal data including racial or ethnic origin, political opinions, religious beliefs, health information, biometric data, or data about children. If such data is inadvertently received, please contact us immediately for deletion.
How We Use Your Information
We process personal data for the following purposes:
Service Delivery: To provide, maintain, and improve the MCP endpoint service. To authenticate users and manage account access. To execute tool calls requested by users through their AI model clients. To enforce usage limits and plan restrictions.
Security and Fraud Prevention: To detect and prevent unauthorized access, abuse, and fraudulent activity. To monitor for security threats and vulnerabilities. To investigate and respond to potential violations of our Terms of Service. To maintain audit logs for security investigations.
Billing and Payments: To process subscription payments and manage billing cycles. To send invoices and payment confirmations. To handle refunds and payment disputes.
Communication: To send service-related notifications including security alerts, maintenance schedules, and critical updates. To respond to support requests and inquiries. To send optional product updates and feature announcements (which can be opted out of).
Compliance: To comply with legal obligations, court orders, and regulatory requirements. To enforce our legal rights and defend against claims.
Analytics and Improvement: To analyze aggregated usage patterns and improve service functionality. To develop new features and integrations. To optimize performance and reliability.
We do not sell, rent, or trade personal data to third parties for their marketing purposes.
Legal Bases for Processing (EEA, UK, and Canada)
We process personal data based on the following legal grounds:
Contract Performance: Processing necessary to provide the MCP endpoint service as outlined in our Terms of Service, including user authentication, tool execution, and billing.
Legitimate Interests: Processing that serves our legitimate business interests, such as security monitoring, fraud prevention, service improvement, and analytics, provided these interests do not override user privacy rights.
Consent: Processing based on explicit user consent, such as optional analytics or marketing communications. Consent can be withdrawn at any time by contacting us or using opt-out mechanisms.
Legal Obligations: Processing required to comply with applicable laws, regulations, legal process, or enforceable governmental requests.
Data Storage and Security
Infrastructure: Tovee.AI is hosted on SOC 2 compliant cloud infrastructure in Canada and the United States. We implement industry-standard security controls including:
Encryption: All data is encrypted in transit using TLS 1.3 or higher. Sensitive data including OAuth tokens and API keys are encrypted at rest using AES-256 encryption with envelope encryption architecture. Encryption keys are managed through a dedicated key management system with regular rotation.
Access Controls: Access to production systems and user data is restricted through role-based access controls (RBAC) and multi-factor authentication (MFA). All administrative access is logged and monitored.
Network Security: We implement network segmentation, firewalls, and intrusion detection systems to protect against unauthorized access. API endpoints are protected with rate limiting, DDoS protection, and request validation.
Monitoring and Logging: We maintain security logs for authentication events, API calls, administrative actions, and system errors. Logs are retained for security investigation purposes and comply with data minimization principles.
Vulnerability Management: We conduct regular security assessments, penetration testing, and code reviews. Security patches are applied promptly following risk assessment.
Backups: We maintain encrypted backups with geographical redundancy for disaster recovery. Backup access is restricted and audited.
While we implement robust security measures appropriate for our size and risk profile, no security system is completely impenetrable. We cannot guarantee absolute security against all threats. Users are responsible for maintaining the security of their credentials, API keys, and devices.
Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce agreements.
Active Accounts: Data is retained throughout the active subscription period and as long as the account remains open.
Account Deletion: Upon account deletion or subscription termination, user data enters a 30-day grace period to allow for account recovery or data export. After this period, personal data is permanently deleted from production systems, backups, and caches within 90 days.
Legal Retention: We may retain certain data longer when required by law, for fraud prevention, or to enforce our rights. Anonymized or aggregated data may be retained indefinitely for analytics and research.
Logs and Audit Data: Security and audit logs are retained for 12 months or as required by applicable regulations.
Users may request deletion of their account and associated data at any time by contacting info@cytisum.com. We will verify identity before processing deletion requests.
Data Sharing and Disclosure
Service Providers: We share personal data with trusted third-party service providers who assist in operating the service, including:
Cloud infrastructure providers (hosting, storage, CDN)
Authentication and identity management services
Payment processors for billing and subscriptions
Email delivery services for notifications
Analytics and monitoring platforms
Customer support tools
All service providers are contractually obligated to protect user data, process it only for specified purposes, and comply with applicable data protection laws. We conduct due diligence on service providers and maintain a list of sub-processors.
Connected Applications: When users authorize connections to third-party applications (Gmail, Google Calendar, Slack, WhatsApp, etc.), those applications process user data according to their own privacy policies. We do not control third-party platforms and are not responsible for their data practices. Users should review the privacy policies of all connected applications.
AI Model Providers: Users connect their MCP endpoint directly to AI model clients (ChatGPT, Claude, etc.). We do not proxy or intercept traffic between the AI model and the MCP endpoint. Data sent to AI models is governed by the model provider's terms and privacy policy. We are not responsible for how AI model providers process user data.
Legal Requirements: We may disclose personal data when required by law, legal process, court order, subpoena, or government request. We may also disclose data to protect our rights, property, or safety, or that of users or the public.
Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, personal data may be transferred to the successor entity. Users will be notified of any such transfer and any choices regarding their data.
Aggregated Data: We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify individuals for research, analytics, or marketing purposes.
We do not sell personal data to third parties. We do not share user content from connected applications with AI model providers or other third parties except as necessary to execute user-authorized tool calls.
International Data Transfers
Tovee.AI operates from Canada and may transfer and process personal data in Canada, the United States, and other countries where our service providers maintain facilities. These countries may have data protection laws that differ from those in the user's country of residence.
For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we implement appropriate safeguards for international data transfers:
Standard Contractual Clauses (SCCs): We use Standard Contractual Clauses approved by the European Commission for transfers to countries without adequacy decisions.
Data Processing Agreements: We require all sub-processors handling EEA data to sign data processing agreements with appropriate safeguards.
Supplementary Measures: We implement technical and organizational measures to ensure adequate protection equivalent to EEA standards.
Data Localization Options: Enterprise customers may request data localization to specific regions to meet compliance requirements.
By using Tovee.AI, users consent to the transfer and processing of their data in these jurisdictions.
Your Privacy Rights
Depending on location, users may have the following rights regarding personal data:
Right to Access: Request a copy of the personal data we hold, including data categories, processing purposes, recipients, and retention periods.
Right to Rectification: Request correction of inaccurate or incomplete personal data.
Right to Erasure (Right to be Forgotten): Request deletion of personal data when it is no longer necessary, consent is withdrawn, or there are no overriding legitimate grounds for processing.
Right to Restriction: Request restriction of processing under certain circumstances, such as when accuracy is contested or processing is unlawful.
Right to Data Portability: Request a copy of personal data in a structured, commonly used, and machine-readable format (JSON or CSV) to transfer to another service.
Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: Withdraw consent for processing based on consent at any time, without affecting the lawfulness of processing prior to withdrawal.
Right to Lodge a Complaint: File a complaint with a supervisory authority if you believe your privacy rights have been violated.
To exercise these rights, contact us at info@cytisum.com with the subject line "Privacy Rights Request." We will respond within 30 days (or as required by applicable law). We may request verification of identity before processing requests.
EEA and UK Users: Contact your local data protection authority. For Canada, contact the Office of the Privacy Commissioner of Canada.
There is no fee to exercise these rights unless requests are manifestly unfounded, excessive, or repetitive, in which case we may charge a reasonable administrative fee or refuse the request.
Cookies and Tracking Technologies
We use cookies and similar tracking technologies to operate the website, authenticate users, maintain sessions, and analyze usage patterns.
Essential Cookies: Required for core functionality including authentication, session management, security, and load balancing. These cannot be disabled without affecting service functionality.
Analytics Cookies: Used to understand how visitors interact with the website, measure performance, identify errors, and improve user experience. These cookies collect aggregated, anonymized data.
Functional Cookies: Enable enhanced features such as language preferences, theme settings, and personalization options.
Third-Party Cookies: Some third-party services (authentication providers, analytics platforms) may set their own cookies subject to their privacy policies.
Users can control cookies through browser settings. Most browsers allow blocking or deleting cookies. However, disabling essential cookies may prevent access to certain features or functionality. Instructions for managing cookies are available in browser help documentation.
Data Breach Notification
In the event of a security breach affecting personal data, we will:
Notify Affected Users: Without undue delay, typically within 72 hours of becoming aware of the breach, we will notify affected users via email or in-product notification.
Provide Details: Notifications will include the nature and scope of the breach, categories and approximate number of affected users, data types affected, and potential consequences.
Remediation Steps: We will describe measures taken to address the breach, mitigate harm, and prevent future occurrences. We will provide recommendations for users to protect themselves.
Regulatory Notification: We will notify relevant supervisory authorities and regulatory bodies as required by applicable law.
Transparency: We will update users as the investigation progresses and additional information becomes available.
Children's Privacy
Tovee.AI is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child without parental consent, we will take immediate steps to delete that information from our systems. Parents or guardians who believe we may have collected data from a child should contact us immediately at info@cytisum.com.
User Responsibilities
Users are responsible for:
Choosing Integrations: Deciding which third-party applications to connect and which OAuth scopes to authorize.
Data Minimization: Granting the minimum permissions necessary for desired functionality and reviewing requested scopes before authorization.
Tool Configuration: Selecting which tools to expose through the MCP endpoint and configuring appropriate access controls.
Credential Security: Protecting account credentials, API keys, and MCP endpoint URLs. Users must not share credentials or embed API keys in publicly accessible code.
Monitoring Usage: Reviewing tool call logs and usage patterns for unauthorized or suspicious activity.
Compliance: Ensuring use of the service complies with applicable laws, regulations, and the terms of connected third-party applications.
Output Review: Reviewing AI model outputs before taking action or sharing information, as models may produce inaccurate or inappropriate results.
Third-Party Terms: Complying with the terms of service and privacy policies of all connected applications and AI model providers.
Opt-Out and Communication Preferences
Marketing Communications: Unsubscribe from promotional emails by clicking the "unsubscribe" link in any marketing email or by contacting info@cytisum.com. Opting out of marketing does not affect transactional or service-related communications.
Analytics: Opt out of analytics tracking by adjusting cookie preferences in browser settings or by contacting us to disable analytics for your account.
Account Deletion: Request permanent deletion of account and associated data by contacting info@cytisum.com. Deletion is subject to the retention policy outlined above.
Links to Third-Party Websites
The Tovee.AI website may contain links to external websites operated by third parties. We are not responsible for the privacy practices, content, or security of third-party websites. Users should review the privacy policies of any third-party sites they visit.
Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in practices, technology, legal requirements, or business operations. The "Last Updated" date at the top of this page will be revised accordingly.
Material Changes: For significant changes affecting user rights or data processing practices, we will provide prominent notice through email, in-product notification, or a banner on the website at least 30 days before changes take effect.
Continued Use: Continued use of the service after changes become effective constitutes acceptance of the updated Privacy Policy.
Review: We encourage users to review this policy regularly to stay informed about how we protect personal data.
Users who disagree with changes may discontinue use of the service and request account deletion.
Data Protection Officer
For privacy-related questions, concerns, or requests, contact our Data Protection Officer:
Data Protection Officer
Cytisum Digital Consulting Inc.
Email: info@cytisum.com
Mailing address available upon request.
We will respond to inquiries within 30 days or as required by applicable law.
Sub-Processors
We maintain a list of sub-processors who assist in providing the service. The current list includes cloud infrastructure providers, authentication services, payment processors, and analytics platforms. A complete, up-to-date list of sub-processors is available upon request by contacting info@cytisum.com.
We conduct due diligence on all sub-processors and require contractual commitments to protect user data consistent with this Privacy Policy and applicable law.
Contact Information
For questions, concerns, or requests regarding this Privacy Policy or our data practices:
Cytisum Digital Consulting Inc.
Email: info@cytisum.com
Mailing address: Available upon request
Tovee.ai
Easily link your apps to your own personal MCP server.
NAVIGATION
NEWSLETTER
Cytisum Digital Consulting Inc © 2025. All rights reserved.