Privacy Policy

Effective date: March 29, 2026

This Privacy Policy explains how patent.dev (referred to as "we", "us", or "the website") collects, uses, stores, and protects your personal data in accordance with the GDPR.

Controller:
Funktionslust GmbH
Brudermühlstraße 36
81371 München
Handelsregister: HRB 241736
Registergericht: Amtsgericht München

Contact person: Wolfgang Stark
Email: info@patent.dev

The server infrastructure is hosted in Germany.

1. Data We Collect

We collect only the personal data necessary to operate the website, manage subscriptions, authenticate users, and provide access to the optional MCP server for patent API usage.

1.1 Website Access (Server Logs)

When visiting the website, our hosting provider (Hetzner Cloud) automatically processes:

anonymized IP address
date and time of access
browser type and operating system
accessed pages and resources

Purpose: website security, service stability, error diagnostics
Legal basis: Article 6(1)(f) GDPR, legitimate interest

1.2 Analytics (Matomo, Self-Hosted, No Cookies)

We use a self-hosted Matomo instance with the following privacy measures:

cookies are disabled
IP addresses are anonymized
tracking is limited to technical usage data
no third party receives analytics data

Purpose: understanding website usage to improve content
Legal basis: Article 6(1)(f) GDPR, legitimate interest due to privacy friendly, cookie-less analytics

1.3 Optional Ghost User Accounts

Users may optionally create an account to:

subscribe to new content via email
manage email subscription preferences
use the same authentication system to access the MCP server

Data processed:

email address
name (optional)
subscription settings

Legal basis:

Article 6(1)(b) GDPR (service performance)
Article 6(1)(a) GDPR (consent for email subscriptions)

Users can unsubscribe or delete their account at any time.

1.4 Email Delivery (Mailgun)

We use Mailgun to send emails related to account registration, subscriptions, and content updates.

Mailgun processes:

email address
email delivery metadata
technical information required to deliver messages

Mailgun privacy policy: https://www.mailgun.com/privacy-policy/

1.5 MCP Server (Patent Connector)

Users may choose to access the patent.dev MCP server, which provides a proxy interface to patent APIs such as USPTO ODP, EPO OPS, and DPMA DPMAconnect.

The MCP server processes:

Ghost account authentication
encrypted storage of patent API credentials
forwarding of API requests to the selected patent services
no persistence of query content
no logging of patent queries

Purpose: providing API access functionality
Legal basis: Article 6(1)(b) GDPR

Credentials are encrypted at rest. All data transmission is protected by TLS.

1.6 Data Returned by MCP Tools

When using the MCP server tools, responses contain only publicly available patent data from official patent office databases and data necessary to fulfill the requested task. The following categories of data may be returned:

patent text (claims, abstracts, descriptions, full documents)
patent metadata (bibliographic data, classifications, dates, applicants, inventors)
patent search results (matching patents from queries)
PTAB data (proceedings, decisions, trial metadata including patent owner and petitioner names)
assignment data (ownership transfer records including assignor and assignee names, current owner)
continuity data (parent/child application chains)
register and prosecution events (filing, publication, examination, grant, opposition)
patent term and expiry calculations
classification hierarchy data (CPC/IPC)
patent number format conversions
patent family data (related patents across jurisdictions)
compound tool outputs (patent summaries, prosecution timelines, side-by-side comparisons)
office action data (examiner actions, rejections, prior art citations)
trademark data (registration status, filing details, goods and services)
temporary URLs for viewing trademark documents and images (short-lived, auto-expire)
quota status (API rate limit information)
server information (server version, list of available providers and their configuration status)
feedback confirmation (ticket ID and confirmation message)

Tool responses contain only publicly available patent office data. No data about the user of this service is included in tool responses - no user identifiers, no session data, no query history, and no personal information about the person making the request.

Person names that appear in tool responses (such as applicants, inventors, patent owners, petitioners, assignors, and assignees) refer to parties named in official patent records, not to the user of this service. These names are part of the public patent record as published by patent offices (USPTO, EPO, DPMA).

2. Third Party Processors

We only share personal data with the following processors:

2.1 Mailgun

Purpose: email delivery
Data shared: email address, email metadata
Location: EU
Privacy policy: https://www.mailgun.com/privacy-policy/

2.2 External Patent APIs (via MCP Proxy)

Only if the user connects such APIs.
Data shared: API requests sent to the chosen patent authority.
No queries are stored by the MCP server.

2.3 Hetzner Cloud (Hosting Provider)

All data is stored on servers in Germany.
Privacy policy: https://www.hetzner.com/legal/privacy-policy

No other third parties receive data.

3. Cookies

The website uses only essential cookies:

authentication cookie for Ghost login and session management

There are no analytics cookies, no tracking cookies, and no marketing cookies.

Legal basis: Article 6(1)(f) GDPR, legitimate interest in providing account functionality

4. Data Retention

Server logs typically 7 to 30 days, then deleted or anonymized
Email subscription data until user unsubscribes or deletes account
MCP server credentials stored only while the user account exists, encrypted
API request content not stored
Matomo analytics data anonymized and aggregated only

Users have the right to:

request access to their data (Article 15)
request correction of incorrect data (Article 16)
request deletion of data (Article 17)
restrict processing (Article 18)
request data portability (Article 20)
withdraw consent at any time (Article 7)
object to processing based on legitimate interests (Article 21)

To exercise these rights:
Email: info@patent.dev

6. Security Measures

We apply strong technical and organizational security measures including:

TLS encryption for all connections
encrypted storage of MCP API credentials
hashed user passwords
secure hosting in Germany
minimal data processing
no retention of patent API queries

7. International Data Transfers

International transfers may occur through:

Mailgun, depending on email routing
Patent APIs selected by the user

8. Disclaimer of Warranties

The Patent Connector service and all data returned by MCP tools are provided "as is" and "as available" without warranties of any kind, whether express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, accuracy, or non-infringement.

We do not warrant that the service will be uninterrupted, error-free, or that the data returned is complete, accurate, or current. Patent data is sourced from third-party patent office databases and may contain errors, omissions, or delays. The service is not a substitute for professional patent advice or official patent office records.

In no event shall Funktionslust GmbH be liable for any direct, indirect, incidental, special, consequential, or exemplary damages arising out of or in connection with the use of this service or reliance on any data provided by it.

9. Children's Privacy

The service is not intended for children under 16 years of age.

10. Updates to This Policy

We may update this Privacy Policy from time to time. Changes will be published on this page with an updated date.

11. Contact

Funktionslust GmbH
Brudermühlstraße 36
81371 München
Handelsregister: HRB 241736
Registergericht: Amtsgericht München