Privacy

Privacy Policy

The short version: every mcpwright server runs locally on your machine, collects no personal data, and sends no telemetry anywhere.

Last updated 2026-06-02. This policy covers the mcpwright suite of Model Context Protocol (MCP) servers — including edgar-mcp and census-mcp — whether installed via uvx, as a desktop extension (MCPB), or from source.

What we collect

Nothing. These servers do not collect, store, or transmit any personal information about you. There are no accounts, no tracking, no analytics, and no telemetry. The maintainer receives no data about your usage.

How the servers run

Each server is a local process that runs on your own computer (started by your MCP client — Claude Desktop, Claude Code, or another client). It exposes read-only tools to that client. Your prompts and the tool results stay between your client and the local server; they are not sent to the maintainer.

Network requests & third parties

The only outbound network requests a server makes are to the public data source it wraps, to fetch the public data you asked for:

census-mcp → the U.S. Census Bureau, to download public reference data: api.census.gov for the American Community Survey dataset (using your own Census API key), and www2.census.gov for the place-lookup file used by find_zips (no key needed). These happen during setup/refresh (or lazily on first use); after that, lookups are served from a local store with no further network calls.
edgar-mcp → the U.S. SEC's EDGAR services (data.sec.gov, efts.sec.gov, www.sec.gov), to fetch public filings on request — no API key. The SEC's fair-access policy asks for a descriptive User-Agent with contact info; whatever you set in EDGAR_MCP_USER_AGENT is sent to the SEC with each request, and nowhere else. Responses are cached in memory only; nothing is persisted to disk.

These are U.S. government data services. Your use of them is governed by their own terms and privacy policies (census.gov/privacy, sec.gov/privacy). The servers send these services only what is needed to retrieve the public data you requested — no personal information about you.

API keys & credentials

Where a server needs an API key (e.g. CENSUS_API_KEY for census-mcp), the key is yours and is read from your local environment / your MCP client's configuration. It is used only to authenticate your requests to that public data source. It is never logged, never displayed, and never sent anywhere else.

Data storage & retention

Any data a server caches (for example, census-mcp's downloaded ACS dataset) is stored locally on your machine, under your OS cache/data directory, so repeat lookups are fast and offline. It contains only public reference data — nothing about you. You can delete it at any time; uninstalling the server and removing that directory removes everything it stored.

Children's privacy

These are developer tools that handle public reference data and collect no personal information from anyone, including children.

Changes to this policy

If this policy changes, the updated version will be posted here with a new "last updated" date.

Contact

Questions about privacy? Open an issue or discussion on the relevant repository under github.com/mcpwright, or on the suite org itself. The suite is built by Devender Gollapally.