Privacy Policy for toolforest.io

Last Updated: January 8th, 2026

Introduction

Welcome to toolforest.io ("ToolForest", "we", "us", or "our"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our MCP (Model Context Protocol) tools service.

Information We Collect

Information You Provide Through Third-Party Authentication

When you authenticate with third-party services (such as Google, Microsoft, Slack, etc.), we access:

• Account Information: Basic profile information (typically name and email address)
• Authorized Resources: Access only to the specific resources and permissions you explicitly grant
• Service Data: Limited access to files, documents, or data you choose to work with through our service

The specific permissions requested will be clearly displayed during the authentication process for each service.

Automatically Collected Information

• Usage Data: How you interact with our tools and services
• Session Information: Temporary data required for the service to function
• Technical Data: Browser type, device information, and IP address for service optimization

How We Use Your Information

We use your information solely to:

• Provide Service Functionality: Enable MCP tools to interact with your authorized third-party services
• Process Your Requests: Execute the specific operations you request on your documents and data
• Improve Our Service: Understand usage patterns to enhance tool performance
• Communicate With You: Send service-related notifications and updates
• Ensure Security: Detect and prevent fraudulent or unauthorized access

Data Storage and Security

Storage Practices

• We do not permanently store the contents of your third-party service files or documents
• Authentication tokens are encrypted and stored securely
• Session data is temporary and cleared after you sign out

Security Measures

• Industry-standard encryption for data in transit (HTTPS/TLS) and at rest
• Secure OAuth 2.0 authentication flow
• Regular security audits and updates
• Limited access to user data (only when explicitly requested by you)

Data Sharing and Disclosure

We never sell, rent, or trade your personal information. We may share data only in these circumstances:

• With Your Consent: When you explicitly authorize us to share information
• For Legal Requirements: To comply with applicable laws, regulations, or legal processes
• To Protect Rights: To protect the rights, property, or safety of ToolForest, our users, or others
• Service Providers: With trusted third parties who assist in operating our service (under strict confidentiality agreements)

Third-Party API Services Compliance

Our use of third-party service data complies with all applicable API policies, including:

• Google API Services: We comply with the Google API Services User Data Policy, including Limited Use requirements
• We only use access to third-party data to provide and improve ToolForest services
• We do not transfer user data to other third parties except as necessary to provide our service
• We do not use third-party user data for advertising purposes
• We handle all user data in accordance with this Privacy Policy and applicable service agreements

As we add support for additional services (Microsoft, Slack, etc.), we will comply with their respective API policies and terms.

Your Rights and Choices

You have the right to:

• Access Your Data: Request information about the data we have about you
• Revoke Access: Disconnect ToolForest from your third-party accounts at any time through each service's account settings (e.g., Google Account Settings)
• Delete Your Account: Request complete deletion of your account and associated data
• Data Portability: Request a copy of your data in a structured format
• Opt-Out: Unsubscribe from non-essential communications

Cookies and Tracking

We use essential cookies only to:

• Maintain your session while you're signed in
• Remember your preferences during your session
• Ensure security of your authentication

We do not use tracking cookies or third-party analytics cookies.

Children's Privacy

ToolForest is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date at the top
• Sending you an email notification (for significant changes)

Additional Rights for EU Users

If you are located in the European Union, you have additional rights under GDPR:

• Right to rectification of inaccurate personal data
• Right to restriction of processing
• Right to object to processing
• Right to lodge a complaint with a supervisory authority

Legal Basis for Processing

We process your personal data based on:

• Consent: When you authorize OAuth access
• Legitimate Interests: To provide and improve our services
• Legal Obligations: When required by law

Contact Us