last updated · June 13, 2026
Privacy Policy
This policy explains what Caipi collects and how it is used to provide agent-writable workspaces, Google sign-in, MCP access, uploads, public/protected sharing, hosted files, hosted apps, and SQLite viewers.
1. Controller and scope
Caipi is operated by Paul-Louis Pröve, Eppendorfer Weg 64, 20259 Hamburg, Germany. For privacy questions, deletion requests, access requests, abuse reports, or security reports, contact caipi@plpp.de.
Caipi is available globally for users who are at least 18 years old. It is not intended for children or for storing sensitive, regulated, confidential, or high-risk personal data.
This policy covers information processed by Caipi itself. Third-party agents, AI providers, browsers, tools, and identity providers process information under their own policies.
2. Information we collect
Account information: when you sign in with Google, Caipi receives basic profile information needed to authenticate you, such as your Google account identifier, email address, display name, and profile image if provided.
Workspace information: Caipi stores the workspace URL you choose and the files, folders, uploads, HTML pages, Markdown documents, SQLite databases, app manifests, and assets you or your authorized agents add to the workspace.
Connection information: Caipi stores information needed to operate MCP OAuth flows, sessions, upload links, visibility settings, connected clients, and authorized access to your workspace.
Sharing information: Caipi processes public or protected URLs, visibility settings, hosted app routes, SQLite viewer routes, request metadata, and related access events so shared content can be served and protected.
Usage and technical information: Caipi may process request metadata such as IP address, browser or client type, timestamps, routes accessed, error logs, authentication events, and security events to operate and protect the service.
3. How we use information
Caipi uses information to authenticate users, create and serve workspaces, allow MCP clients to read and write authorized files, render documents and apps, process uploads, serve SQLite viewers, enforce visibility settings, troubleshoot issues, prevent abuse, secure the service, and communicate about support or product changes.
Caipi does not sell your workspace content or use it for advertising.
Where privacy law requires a legal basis, Caipi relies on contract performance for account, session, workspace, export, upload, sharing, and MCP access features; legitimate interests for security, abuse prevention, diagnostics, reliability, and support; legal obligations where records or responses are required by law; and consent where the product explicitly asks for it.
4. Workspace privacy and sharing
Workspaces are private by default. Files or folders become externally reachable only when made public or protected through Caipi's visibility features.
If you publish a file, folder, hosted app, SQLite viewer, SQLite-backed app endpoint, or shared upload result, people outside your account may be able to view, use, copy, download, scrape, or interact with that content according to the visibility setting.
Shared content is controlled by the workspace owner or their authorized tools. Caipi hosts and transmits that content to provide the service, but does not pre-screen or endorse what users choose to publish.
Do not store or publish sensitive, regulated, confidential, or high-risk personal information in Caipi. If you store ordinary personal data about yourself or others despite this limitation, you are responsible for the data, access settings, connected agents, and any notices, permissions, or lawful basis required.
5. Agents and third-party tools
When you connect an MCP-capable agent or other third-party client, that tool may receive workspace content, metadata, or responses needed to perform the actions you authorize.
Connected agents may read, write, change, delete, publish, or transmit workspace data according to the permissions and instructions available to them.
Third-party AI providers, MCP clients, browsers, and tools are governed by their own privacy and security practices. Caipi cannot control how those third parties process information after you authorize or instruct them.
6. Service providers
Caipi relies on service providers for core operations such as authentication, hosting, database/storage infrastructure, logging, error handling, security, and support.
Current service providers are Google (Google Sign-In identity provider) and Railway (application hosting, database, file storage infrastructure, and infrastructure logs). Caipi runs its own self-hosted Umami instance on Railway for cookieless, privacy-friendly analytics on its public marketing and documentation pages: the analytics data stays on Caipi's own infrastructure, it sets no cookies, performs no cross-site tracking, and Caipi does not sell analytics data. Caipi does not currently use advertising, payment, email delivery, or error-tracking providers for the service.
Production hosting currently runs on Railway infrastructure in the United States. Google may also process authentication information in locations where Google operates. Where required, international transfers rely on appropriate safeguards such as the EU Standard Contractual Clauses (SCCs), adequacy decisions, or other transfer mechanisms available for the relevant provider.
The exact provider list may change as the product develops. Material privacy-relevant changes will be reflected in this policy when reasonably practicable.
7. Cookies and sessions
Caipi uses cookies or similar browser storage for sign-in sessions, theme preferences, and security-related state. Google Sign-In may also use cookies or browser storage according to Google's own policies.
The self-hosted Umami analytics on Caipi's public pages is cookieless: it sets no analytics cookies and does not track you across sites. Caipi sets no advertising cookies.
You can clear browser cookies, but doing so may sign you out or interrupt account flows.
8. Retention and deletion
Caipi keeps account, workspace, connection, and file data for as long as needed to provide the service, comply with legal obligations, resolve disputes, prevent abuse, and maintain backups.
You can request account deletion, workspace deletion, export help, publication removal, or OAuth/MCP access revocation by emailing caipi@plpp.de from the email address associated with your account.
After deletion or removal, copies may remain in backups, logs, caches, abuse-prevention records, security records, or legal/operational records for up to 30 days unless a longer period is required by law.
Publicly shared content may also remain available to people who copied, downloaded, cached, archived, or indexed it before it was removed.
9. Security
Caipi uses technical and organizational safeguards, including account authentication, session controls, path validation, visibility checks, and server-side storage boundaries.
No online service can guarantee perfect security. If you believe you found a security issue, do not disclose private user data publicly; contact Caipi through the security or support channel listed below.
Security reports can be sent to caipi@plpp.de with the relevant URL, affected workspace if known, reproduction steps, and enough detail to review the issue.
10. Your choices and rights
You can choose what to store, what agents to connect, and what files or folders to publish. You can export open-format files from your workspace according to the export process available at the time.
Depending on where you live, you may have rights to request access, correction, deletion, restriction, objection, portability, withdrawal of consent, or review of how your personal data is handled.
To exercise privacy rights or ask for help with export, correction, deletion, or MCP client revocation, email caipi@plpp.de. Caipi may need to verify your account before acting on a request.
If you are in the European Economic Area, you also have the right to lodge a complaint with a data protection supervisory authority. The local authority for the operator is: Der Hamburgische Beauftragte fuer Datenschutz und Informationsfreiheit, Ludwig-Erhard-Strasse 22, 20459 Hamburg, Germany.
11. Children
Caipi is not intended for children and may only be used by people who are at least 18 years old. Do not use Caipi to store or publish children's personal data.
12. International users
Caipi is operated from Germany and may be used globally. Information may be processed in Germany, the European Union, the United States, or other locations where Caipi or its service providers operate.
If information is transferred internationally, Caipi relies on available safeguards, service-provider commitments, and the transfer mechanisms available for the relevant provider and country.
13. Contact
Contact: Paul-Louis Pröve, Eppendorfer Weg 64, 20259 Hamburg, Germany, caipi@plpp.de.
Please include the relevant workspace, URL, account email, and request details when contacting Caipi about privacy, abuse, security, or intellectual-property concerns.