Privacy Policy

For the hosted Tripitaka MCP server at mcp.tripitaka-mcp.com and the apex site at tripitaka-mcp.com.

TL;DR. No accounts. No cookies. No analytics. No tracking. No personal data is stored beyond the IP-based rate limit counter, which is kept in memory and not logged. Queries are not persisted. This is a Dhamma Dāna service — there is no business interest in your data.

What we do not collect

User accounts — there are none. No sign-up, no login, no email required to use the service.
Cookies — the site sets no cookies. The MCP endpoint sets no cookies.
Analytics — no Google Analytics, no Plausible, no Fathom, no Posthog, no event tracking of any kind. Server access logs are kept short-term for operational debugging only and never linked to identity.
Query content — the actual text of the suttas you search for, the tools you call, or the responses you receive are not retained on our servers beyond the duration of the request itself. Standard process-level logs do not include request bodies.
Personal information — we do not request, store, or process names, email addresses, payment information, location, or any other personally identifying data. The MCP protocol's design and our tool set do not require it.

What we do collect (and why)

IP address — transiently, for rate limiting. The server enforces a per-IP rate limit (10 requests per 10 seconds, 60 requests per minute) to prevent abuse and keep the service available for everyone. The counter lives in memory at the proxy layer (Caddy) and expires per the rate-limit window; it is not persisted to disk or aggregated into a profile.
Standard HTTP access logs — short-term, operational only. Like any web server, our infrastructure (Caddy reverse proxy + the upstream MCP container) records access lines containing IP, timestamp, method, path, status code, response size, and User-Agent. These are retained for short-term debugging (defaulting to the container's log rotation, typically a few days) and are never aggregated, shared, sold, or used to build profiles.

Third parties

Cloudflare sits in front of the apex and MCP server for TLS termination and basic DDoS protection. Cloudflare may process your IP and request metadata under its own privacy policy as part of providing this service. We do not enable any Cloudflare analytics, tracking, or device-fingerprinting features.
SuttaCentral, 84000.org, watnyanaves.net — the responses returned by tools include canonical cross-reference URLs to these external sites. We do not load resources from them in your name; following any of those links is your own browser request, governed by those sites' own privacy policies.
No third-party generative AI, no third-party data ingestion, no third-party advertising networks. The server reads only from its own Postgres database (the Pāli canon and the Payutto dictionary, both bundled with the deployment) and emits canonical reference URLs as text in responses.

Your rights

Because we hold no identifiable record of any user — no account, no profile, no cookie, no persistent identifier — there is no personal data we can retrieve, export, or delete on request. If you believe an interaction has produced data that should be deleted, please email the address below and we will investigate the relevant log window.

Children

The service is not directed at children under 13 and we do not knowingly collect data from anyone. Given that we collect almost nothing from any user, this is a low-risk surface in practice.

Changes to this policy

If this policy changes materially, the updated version will be published at this URL and the "Last updated" date below will change. Users who want a stable archived view can use the Internet Archive Wayback Machine. We will not retroactively use data we never collected.

Contact

For privacy questions, open a public issue at github.com/dhamma-seeker/tripitaka-mcp/issues or email the maintainer through their GitHub profile. The project is offered as Dhamma Dāna — non-commercial, no business behind it, no marketing team.

Last updated: 12 May 2026

Home·Terms of Service·GitHub