Privacy Policy – SecureMCP

1. Scope of this Policy

This policy explains how VizCo handles information in connection with a Google OAuth application registration ("OAuth Client") that is used by applications connecting to Google Workspace services—specifically SecureMCP, a user-run application that operates locally on users' computers—to enable end-users to link their Google accounts, including services such as Gmail, Google Calendar, and Google Drive. This policy covers VizCo's role as the owner/host of the OAuth Client configuration and consent screen identity in Google Cloud.

2. Roles: Who Processes What

• SecureMCP as Controller/Processor of User Data: When you authorize SecureMCP to access your Google account, SecureMCP determines what data is accessed and how it is used, subject to the scopes you approve and SecureMCP's privacy practices. This data always stays local to end users.
• VizCo as OAuth Client Provider: VizCo maintains the OAuth Client configuration in its Google Cloud project. VizCo does not receive your OAuth authorization codes or tokens from Google as part of this flow and does not see any data.

3. Information VizCo Does Not Collect or Receive

Because the OAuth redirect and token exchange occur within SecureMCP's local application flow, VizCo does not receive from Google:

• Your OAuth authorization code
• Your access token or refresh token
• Your Google account identifier (such as your email address or Google account "sub" ID) as part of this OAuth flow
• Your data from Google services, including (without limitation):
  • Gmail: email content, attachments, message metadata, labels
  • Google Calendar: calendars, event details, attendees, meeting links, reminders
  • Google Drive: file contents, file names, folder structure, sharing metadata, file permissions, file versions
  • Other Google services that SecureMCP may request access to via OAuth scopes (e.g., Contacts, Docs, Sheets)

VizCo also cannot:

• View or modify the contents of your emails, calendar events, or Drive files through this OAuth authorization
• Act on your behalf in Google services via OAuth (since VizCo does not hold your tokens)

4. Information VizCo May Collect

Even though VizCo does not receive your tokens or Google data, VizCo may have visibility into aggregate operational information related to the OAuth Client, such as:

4.1 Aggregate and Technical Usage Data

Through Google Cloud Console and related tooling, VizCo may see aggregated metrics such as:

• Total number of API requests made using the OAuth Client (aggregated)
• Error rates and request latency (aggregated)
• Quota and rate-limit utilization (aggregated)
• Service availability and performance indicators (aggregated)

These metrics are generally not tied to individual end users and are used for reliability, security, and abuse prevention.

4.2 Support and Communications

If users or SecureMCP application contact VizCo directly, VizCo may collect information they provide (e.g., name, email address, message content) for support and troubleshooting.

4.3 VizCo Website/Service Data (if applicable)

If you visit VizCo websites or portals, VizCo may collect standard web analytics and device information as described in VizCo's general privacy notice, if available.

5. How VizCo Uses Information

VizCo uses the limited information described above to:

• Operate, maintain, and secure the OAuth Client configuration
• Monitor aggregated performance and troubleshoot outages
• Detect and prevent fraud, abuse, or policy violations involving the OAuth Client
• Comply with legal obligations and enforce agreements related to use of the OAuth Client

6. What VizCo Can Control

As the OAuth Client owner, VizCo may:

• Configure the OAuth consent screen identity shown to users (app name/logo/support email)
• Manage the OAuth Client in Google Cloud (including disabling or deleting it)
• Configure project-level security settings relevant to the OAuth Client
• Review and enforce compliance requirements applicable to use of VizCo's OAuth Client

7. What VizCo Cannot See or Do

In this architecture, VizCo cannot:

• See which specific Google accounts authorized their SecureMCP applications
• Retrieve user tokens from Google, since they are delivered to SecureMCP's redirect endpoint and local data flow
• Access user Gmail, Google Calendar, or Google Drive data via OAuth (without tokens)

8. SecureMCP (Client-Side Application)

SecureMCP is a client-side application designed to run autonomously on a customer-controlled environment. SecureMCP does not transmit customer data to VizCo. The only communication between SecureMCP and VizCo is for user authentication via the VizCo OAuth application (to verify identity and authorize access).

How SecureMCP Handles Google Workspace Data

When SecureMCP receives data from Google Workspace (which may include private or sensitive information), it processes that data locally and applies privacy protections before any information is used in downstream AI interactions:

• Local redaction and minimization: SecureMCP automatically redacts private data where appropriate.
• Tokenization of identifiers: Private identifiers (such as names, emails, employee IDs, document IDs, or similar identifiers) are replaced with non-identifying tokens before any context is sent outside the customer environment.
• No sharing with VizCo: The redacted/tokenized context is not sent to VizCo at any time.

Use of Third-Party Frontier AI Model Providers

SecureMCP enables a chat interface that can send the redacted and tokenized context to third-party AI model providers (for example, OpenAI or other frontier AI vendors) to generate responses. These providers receive only the processed context produced by SecureMCP, not the original unredacted data.

Token Mapping Security

To preserve functionality (e.g., referencing entities consistently across a session), SecureMCP maintains token mappings from tokens back to private identifiers. These mappings are protected as follows:

• Encrypted at rest: Token mappings are stored encrypted on the customer-controlled device or environment.
• Not accessible to VizCo: VizCo does not receive, store, or have access to token mappings.
• Resilience to device compromise: Because mappings are encrypted at rest, they remain protected even if a client computer or environment is compromised (subject to the strength of encryption and protection of encryption keys within the customer environment).

9. Sharing of Information

VizCo does not sell personal information.

VizCo may share information only as follows:

• Service Providers: VizCo may use vendors to host infrastructure and provide monitoring/support services. They are bound by confidentiality and data protection obligations.
• Legal and Safety: VizCo may disclose information if required by law or to protect rights, safety, and security.
• Business Transfers: If VizCo undergoes a merger, acquisition, or sale of assets, information may be transferred as part of that transaction.

10. Data Retention

• Aggregate operational metrics may be retained for as long as necessary for security, reliability, and compliance purposes, consistent with VizCo's internal retention schedules.
• Support communications are retained as needed to address requests and maintain records.

11. Security

VizCo implements administrative, technical, and organizational measures designed to protect the OAuth Client configuration and related systems. No system is 100% secure; however, because VizCo does not receive OAuth tokens or Google user data in this model, the risk of exposure of such data through VizCo systems is reduced.

12. Your Choices and Controls

• You can review and revoke SecureMCP's access to your Google account at any time through your Google Account settings (e.g., "Third-party access" / "Security" pages).

13. International Transfers

If VizCo processes any information described above outside your jurisdiction, VizCo does so with appropriate safeguards consistent with applicable law.

14. Children's Privacy

VizCo's OAuth Client is not intended for use by children, and VizCo does not knowingly collect personal information from children.

15. Changes to This Policy

VizCo may update this policy from time to time. VizCo will post the updated version with a new effective date.

16. Contact Us

For privacy questions or requests, contact: