MCP Beast
Back to MCP Beast

Legal

Privacy Policy

This policy explains how MCP Beast handles data for the Mac app, local gateway, optional Remote Access relay, and subscription features.

Effective date: May 28, 2026

MCP Beast is provided by SwiftLee B.V., A. Commandeurlaan 30, 1715AG, Spanbroek, The Netherlands. For privacy questions, contact contact@avanderlee.com.

1. Data You Configure Locally

MCP Beast stores the MCP server names, connection settings, tool metadata, and local gateway preferences you configure in the Mac app. OAuth tokens, access tokens, and generated gateway credentials are intended to be stored locally in macOS Keychain.

2. Local Gateway Traffic

By default, MCP Beast runs a local gateway on your Mac. Requests made from local MCP clients to that gateway are handled on your device. If you enable LAN access, devices on your local network with the bearer token may send requests to the gateway.

3. Remote Access Relay

If you enable Remote Access, MCP Beast opens an outbound connection to MCP Beast infrastructure so cloud and mobile clients can reach your configured gateway. Remote Access may process MCP request and response traffic, relay identifiers, bearer tokens, connection status, and operational metadata needed to provide, secure, and troubleshoot the service.

Do not enable Remote Access for MCP servers or data sources unless you are comfortable routing those MCP requests through the relay.

4. Purchases and Subscriptions

MCP Beast may use RevenueCat and Apple services to manage subscriptions, purchases, restores, and entitlement status. These providers may process purchase identifiers, subscription status, and related transaction information under their own policies.

5. Website Data

This website is hosted on Cloudflare. Cloudflare may process standard request information such as IP address, user agent, requested URL, timestamps, and security events to deliver and protect the site.

6. Third-Party MCP Servers

MCP Beast connects to MCP servers and services you choose. Data sent to those services is governed by your configuration and by the privacy policies and terms of those third parties.

7. Retention

Local app data remains on your device unless you remove it, reset the app, or delete related Keychain items. Remote Access operational data is kept only as long as reasonably needed to provide, secure, debug, and improve the service, unless a longer retention period is required by law.

8. Security

MCP Beast is designed to be local-first. LAN access is opt-in and token-protected. Remote Access uses bearer credentials that can be regenerated or disabled. No system is perfectly secure, so you should protect your Mac, credentials, and configured MCP servers carefully.

9. Your Rights

Depending on where you live, you may have rights to access, correct, delete, or object to processing of personal data. You can contact us to make a privacy request.

10. Changes

We may update this policy as MCP Beast evolves. Material changes will be reflected by updating the effective date and, where appropriate, by providing additional notice.

11. Contact

Privacy questions can be sent to contact@avanderlee.com.