Privacy Policy

This Privacy Policy explains how patent.dev (referred to as "we", "us", or "the website") collects, uses, stores, and protects your personal data in accordance with the GDPR.

Controller:
Funktionslust GmbH
Brudermühlstraße 36
81371 München
Handelsregister: HRB 241736
Registergericht: Amtsgericht München

Contact person: Wolfgang Stark
Email: info@patent.dev

The server infrastructure is hosted in Germany.

1. Data We Collect

We collect only the personal data necessary to operate the website, manage subscriptions, authenticate users, and provide access to the optional MCP server for patent API usage.

1.1 Website Access (Server Logs)

When visiting the website, our hosting provider (Hetzner Cloud) automatically processes:

  • anonymized IP address
  • date and time of access
  • browser type and operating system
  • accessed pages and resources

Purpose: website security, service stability, error diagnostics
Legal basis: Article 6(1)(f) GDPR, legitimate interest

1.2 Analytics (Matomo, Self-Hosted, No Cookies)

We use a self-hosted Matomo instance with the following privacy measures:

  • cookies are disabled
  • IP addresses are anonymized
  • tracking is limited to technical usage data
  • no third party receives analytics data

Purpose: understanding website usage to improve content
Legal basis: Article 6(1)(f) GDPR, legitimate interest due to privacy friendly, cookie-less analytics

1.3 Optional Ghost User Accounts

Users may optionally create an account to:

  • subscribe to new content via email
  • manage email subscription preferences
  • use the same authentication system to access the MCP server

Data processed:

  • email address
  • name (optional)
  • subscription settings

Legal basis:

  • Article 6(1)(b) GDPR (service performance)\
  • Article 6(1)(a) GDPR (consent for email subscriptions)

Users can unsubscribe or delete their account at any time.

1.4 Email Delivery (Mailgun)

We use Mailgun to send emails related to account registration, subscriptions, and content updates.

Mailgun processes:

  • email address
  • email delivery metadata
  • technical information required to deliver messages

Mailgun privacy policy: https://www.mailgun.com/privacy-policy/

1.5 MCP Server (Patent Connector)

Users may choose to access the patent.dev MCP server, which provides a proxy interface to patent APIs such as USPTO ODP and EPO OPS.

The MCP server processes:

  • Ghost account authentication
  • encrypted storage of patent API credentials
  • forwarding of API requests to the selected patent services
  • no persistence of query content
  • no logging of patent queries

Purpose: providing API access functionality
Legal basis: Article 6(1)(b) GDPR

Credentials are encrypted at rest. All data transmission is protected by TLS.

2. Third Party Processors

We only share personal data with the following processors:

2.1 Mailgun

Purpose: email delivery
Data shared: email address, email metadata
Location: EU
Privacy policy: https://www.mailgun.com/privacy-policy/

2.2 External Patent APIs (via MCP Proxy)

Only if the user connects such APIs
Data shared: API requests sent to the chosen patent authority
No queries are stored by the MCP server

2.3 Hetzner Cloud (Hosting Provider)

All data is stored on servers in Germany
Privacy policy: https://www.hetzner.com/legal/privacy-policy

No other third parties receive data.

3. Cookies

The website uses only essential cookies:

  • authentication cookie for Ghost login and session management

There are no analytics cookies, no tracking cookies, and no marketing
cookies.

Legal basis: Article 6(1)(f) GDPR, legitimate interest in providing
account functionality

4. Data Retention

Server logs typically 7 to 30 days, then deleted or
anonymized

Email subscription data until user unsubscribes or deletes account

MCP server credentials stored only while the user account exists,
encrypted

API request content not stored

Matomo analytics data anonymized and aggregated only

5. User Rights Under GDPR

Users have the right to:

  • request access to their data (Article 15)
  • request correction of incorrect data (Article 16)
  • request deletion of data (Article 17)
  • restrict processing (Article 18)
  • request data portability (Article 20)
  • withdraw consent at any time (Article 7)
  • object to processing based on legitimate interests (Article 21)

To exercise these rights:
Email: info@patent.dev

6. Security Measures

We apply strong technical and organizational security measures
including:

  • TLS encryption for all connections
  • encrypted storage of MCP API credentials\
  • hashed user passwords
  • secure hosting in Germany
  • minimal data processing
  • no retention of patent API queries

7. International Data Transfers

International transfers may occur through:

  • Mailgun, depending on email routing
  • Patent APIs selected by the user

8. Children's Privacy

The service is not intended for children under 16 years of age.

9. Updates to This Policy

We may update this Privacy Policy from time to time. Changes will be
published on this page with an updated date.

10. Contact

Funktionslust GmbH
Brudermühlstraße 36
81371 München
Handelsregister: HRB 241736
Registergericht: Amtsgericht München

Contact person: Wolfgang Stark
Email: info@patent.dev