FileMCP

Legal

Privacy Policy

Last updated: 2026-04-26

This Privacy Policy describes how NSpark, Inc. ("NSpark," "we," "us," or "our") collects, uses, and shares information when you use the FileMCP service (the "Service").

1. Information We Collect

Information you provide

  • Account information: email address, username, and a hashed password.
  • Organization information: organization name, slug, and members.
  • Uploaded content: the files you upload to the Service, including their content and metadata.
  • Comments: comments you post on assets, including your display name (or anonymous name) and optional email.
  • API keys: name and prefix metadata; the secret portion of the key is stored hashed.

Information collected automatically

  • Usage data: pages viewed, asset views, requests made to our API.
  • Technical data: IP address, browser type, device information.
  • Cookies and similar technologies: session cookies for authentication, analytics cookies (see below).

Analytics

We use Google Analytics to understand aggregate Service usage. Google Analytics may collect information such as IP address, device identifiers, and browsing behavior subject to Google's privacy policy.

2. How We Use Information

  • To operate, maintain, and improve the Service;
  • To authenticate you and authorize access to your organization's resources;
  • To render and host the content you upload;
  • To deliver comments and notifications;
  • To enforce our Terms of Use and protect against abuse;
  • To communicate with you about the Service (e.g., security notices, billing, product updates).

3. Sharing

We do not sell your personal information. We share information only as needed to operate the Service:

  • Infrastructure providers: hosting, storage (S3-compatible), and database providers under contract.
  • Analytics providers: Google Analytics, as described above.
  • Legal compliance: when required to comply with applicable law, regulation, legal process, or governmental request.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, with notice to affected users.

4. Public and Unlisted Content

Assets you mark as public or unlisted are accessible to anyone with the URL. Comments left on those assets are visible to other viewers. You are responsible for the content you choose to make public or unlisted.

5. Data Retention

We retain account information for as long as your account is active. Uploaded content and comments are retained until you delete them or your account. Backups may retain data for up to 30 days after deletion. Anonymized aggregate analytics may be retained indefinitely.

6. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, port, or restrict processing of your personal information. You can manage and delete most of your data directly from your dashboard. For other requests, contact contact@nforce.ai.

7. Security

We use industry-standard technical and organizational measures to protect your data, including encryption in transit, hashed passwords, and access controls. No system is fully secure; we cannot guarantee absolute security.

8. Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it.

9. International Transfers

We may process your information in the United States and other countries. By using the Service, you consent to the transfer of your information to countries that may have different data-protection laws than your country of residence.

10. Changes

We may update this Privacy Policy from time to time. Material changes will be communicated by email to account holders or by notice on the Service.

11. Contact

Questions about this Privacy Policy can be sent to contact@nforce.ai.

NSpark, Inc.
8 The Green #19869, Dover, DE 19901, United States