Logo

Privacy Policy

Last updated: July 15, 2025

TL;DR: The Short Version

  • We store your email, OAuth provider ID, and crate metadata. We do not store IPs for more than 7 days (abuse prevention).
  • Crates are stored indefinitely until you choose to delete them.
  • We do not track you or sell your data.

Overview

MCPH is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our crate-sharing service. We've designed our service with privacy as a core principle, minimizing data collection and giving authenticated users full control over their data retention.

By using MCPH, you agree to the collection and use of information in accordance with this policy.

Information Collection

Crates and Content

When you upload crates to MCPH, we temporarily store:

  • The crate itself (encrypted at rest in Google Cloud Storage)
  • Basic metadata such as filename, file type, and size
  • Retained until the authenticated owner deletes it

Crates are stored indefinitely until you choose to delete them, giving you full control over your data retention.

Technical Information

We collect minimal technical information necessary to provide and secure our service:

  • IP addresses (for abuse prevention and rate limiting)
  • HTTP request information (browser type, referring site)
  • Event timestamps (upload and download times)
  • Error information (if something goes wrong)

We log IP addresses for a maximum of 7 days solely to detect abuse; we do not use them for marketing or analytics.

How We Use Information

We use the information we collect for the following purposes:

  • To provide the crate-sharing service (storing and making your crates available for download)
  • To provide data management capabilities and user-controlled content deletion
  • To prevent abuse of our service (rate limiting, blocking malicious uploads)
  • To improve the service and fix issues
  • To gather anonymous aggregate statistics about service usage

Data Storage and Security

Crates are stored in Google Cloud Storage with the following security measures:

  • Encryption at rest using Google-managed encryption keys
  • Transport encryption (TLS/HTTPS) for all data in transit
  • Access controls limiting who can access stored crates
  • Physical security measures at Google's data centers

Metadata is stored in Firebase/Firestore with persistent storage for authenticated users and appropriate access controls.

While we implement robust security measures, no online service can guarantee absolute security. Please don't use MCPH for highly sensitive information that requires enhanced security guarantees.

Cookie Policy

MCPH does not use cookies for tracking or advertising purposes.

We use only essential technical cookies required for the service to function correctly (e.g., for CSRF protection).

Third-Party Services

We use the following third-party services:

  • Google Cloud Storage - For crate storage
  • Firebase/Firestore - For metadata and user data
  • Vercel - For hosting our application

Each of these services has its own privacy policy, and we encourage you to review them. However, our usage of these services is configured to maximize privacy and minimize data retention.

Prohibited Content

The following content is prohibited from being uploaded to MCPH:

  • Illegal content of any kind
  • Malware, viruses, or other harmful software
  • Content that violates intellectual property rights
  • Explicit adult content or pornography
  • Private data of individuals without consent
  • Material that promotes harm or violence

We reserve the right to remove content that violates these terms and may cooperate with legal authorities if required.

Contact Us

If you have any questions about this Privacy Policy, please contact us at:

privacy@mcph.io