← Back to documentation

Privacy Policy

Headai MCP Server — operated by Headai Ltd.

Last updated: April 2026

What data we collect

The Headai MCP Server acts as a stateless proxy between your MCP client and Headai's Core Engine. We process:

• API key — provided by you in the Authorization header. Used solely to authenticate requests to the Headai Core Engine. Not stored on the MCP server.
• Request payloads — text, search parameters, and graph URLs you send to the tools. Forwarded to the Headai Core Engine for processing.
• Server logs — session IDs and timestamps for operational monitoring. No request content is logged.

How we use your data

• To process your tool requests via the Headai Core Engine
• To monitor server health and diagnose errors
• We do not sell, share, or use your data for advertising

Data processing by Headai Core Engine

Text submitted to tools like headai_text_to_graph and headai_text_to_keywords is processed by Headai's AI engine (Graphmind). By default, input text may be temporarily stored for processing. Knowledge graphs and analysis results are stored under your API key and can be listed or deleted via the API.

Data retention

• The MCP server itself stores no persistent data — it is stateless
• Results (graphs, scorecards, signals) stored on the Headai Core Engine are retained under your API key until you delete them
• Server logs are retained for up to 30 days

Your rights

You can request access to, correction of, or deletion of your data by contacting support@headai.com. Under GDPR, you have the right to data portability and the right to lodge a complaint with a supervisory authority.

Contact

Headai Ltd.
Email: support@headai.com
Website: headai.com

This privacy policy applies specifically to the Headai MCP Server at mcp.headai.dev.