What we send
MCP Peek is local-first. The interface itself is network-silent — the webview can only talk to MCP Peek’s own backend on your machine, so every external request comes from the app’s backend, never silently from the UI. This page lists exactly what leaves your machine, when, and what’s stripped out first. It mirrors the Settings → Privacy copy in the app.
What stays on your machine
Section titled “What stays on your machine”Your server configurations, the MCP traffic you inspect or proxy, tool results, and your saved inputs all stay local. Connection secrets are encrypted at rest, and local diagnostic logs are never uploaded.
Crash reports — on by default, scrubbed, EU-hosted
Section titled “Crash reports — on by default, scrubbed, EU-hosted”“Send scrubbed crash reports to help fix bugs. EU-hosted — never your servers, inputs, or results.” — Settings → Privacy → Crash reports
Crash reporting is handled by a third-party crash-reporting provider hosted in the EU. It’s on by default and can be turned off any time at Settings → Privacy → Crash reports (the change takes effect immediately, no restart). Personal-data collection is disabled at the source, and webview errors are piped through the backend rather than sent directly.
A crash report contains the app version, your platform/OS name and version, and a scrubbed error trace. Before anything is sent, the backend redacts:
- URLs →
[url], file paths →[path], emails →[email], IPv4 addresses →[ip] - bearer / API tokens and key-like strings (
Bearer …,sk-…, and similar) →[redacted] key=value/"key":"value"secrets → value redacted, and long opaque strings →[redacted]
The event’s request and extra data are cleared, the server name and user are stripped, and the hardware/device model is removed — only the OS is kept.
Product analytics — off by default, opt-in
Section titled “Product analytics — off by default, opt-in”“Share anonymous, aggregate feature-usage events. Off by default.” — Settings → Privacy → Product analytics
Analytics are off by default and strictly opt-in, via Settings → Privacy → Product analytics, using an EU-hosted analytics provider. When you turn them on, only four anonymous, aggregate events ever fire, with coarse properties only:
| Event | Properties |
|---|---|
server_connected | transport: "stdio" | "http" |
tool_run | — |
proxy_started | — |
brief_exported | item_count |
They’re keyed by a random install ID (a UUID generated on your machine) — not a device fingerprint, and never tied to your identity. Session replay is never enabled. Server names and URLs, tool names, arguments, results, headers, tokens and file paths are never sent.
License activation
Section titled “License activation”Activation is handled by our own licensing service at license.mcppeek.com (not by the payment provider). The app sends your license key and a random device ID (a UUID generated on your machine — not a hardware fingerprint); no email or machine information is sent (our service checks your purchase with the payment provider server-side). It returns a cryptographically signed grant that the app verifies offline against a built-in key.
Activation runs once on activation, again on launch, then quietly in the background about every 12 hours, with a 30-day offline grace period. The license covers one device at a time — see Licensing & activation.
Secrets storage
Section titled “Secrets storage”Server credentials — bearer tokens, OAuth tokens, custom header values and stdio environment variables — are encrypted at rest (XChaCha20-Poly1305) in a single secrets file. The master key lives in your OS keychain (macOS Keychain, Windows Credential Manager, or the Linux Secret Service).
Software updates
Section titled “Software updates”MCP Peek checks releases.mcppeek.com/latest.json for updates (silently on launch when Automatic updates is on, or when you check manually) and downloads signature-verified binaries. You can disable automatic checks at Settings → Application updates.
Every outbound call, in full
Section titled “Every outbound call, in full”The app itself makes network calls only to:
- the MCP servers you configure;
- our licensing service (
license.mcppeek.com) to activate / validate / deactivate; - the update service (
releases.mcppeek.com/latest.json) and the binary download; - the crash-reporting provider (gated by the toggle, scrubbed);
- the analytics provider (off unless you opt in);
- OAuth flows for any server you set to OAuth; and
- “open in browser” link-outs (website, account, docs, changelog, support email, checkout).
Nothing else.
Where local data lives
Section titled “Where local data lives”App data is stored under your OS application-data directory (e.g. ~/Library/Application Support/com.mcppeek.app on macOS, %APPDATA%\com.mcppeek.app on Windows): your servers, saved inputs, flags, proxy config and UI preferences; the encrypted secrets file; the signed license grant; the random device and install IDs; and rotating local logs. Those logs never leave your machine — a scrubbed tail is available via Settings → Support → “Copy diagnostics” if you want to share one. Deleting the app-data directory resets the app.