This Privacy Policy explains how WebMCP Validator ("we", "us", "our") collects, uses, and protects information when you use our service at webmcpvalidator.com. We are based in the Netherlands and comply with the General Data Protection Regulation (GDPR) and the Dutch UAVG.
Last updated: February 18, 2026
What Data We Collect
URLs you submit for scanning — processed in real time, not stored permanently
Server logs — IP address, browser type, timestamp, pages visited (standard Apache/nginx logs, retained max 30 days)
Session data — a temporary PHP session cookie for rate limiting (expires when you close the browser)
No account data — we do not require registration or collect names, emails, or passwords
What We Don't Collect
We do not sell your data to third parties
We do not use advertising networks or tracking pixels
We do not store the HTML content of websites you scan
We do not use Google Analytics or similar tracking services
How We Use Your Data
To perform the compliance scan you requested
To enforce rate limits and prevent abuse of our proxy service
To monitor server performance and security
To improve the accuracy of our WebMCP detection engine
Your GDPR RightsEU/NL
Right to access — request what data we hold about you
Right to erasure — request deletion of your data
Right to object — object to processing of your data
Right to portability — receive your data in a portable format
Right to lodge a complaint with the Autoriteit Persoonsgegevens (AP)
Our proxy fetches external websites on your behalf. Those websites may have their own privacy policies. We are not responsible for the content or practices of third-party sites scanned through our service.
We use Hostinger for hosting. Their privacy policy applies to infrastructure-level data: hostinger.com/privacy-policy