This policy describes how the GPH Intelligence MCP Server (https://gph-mcp-server.pages.dev/mcp) handles data. It covers the MCP service's data handling, not the contents of the underlying vendor directory.
When you call a tool, we receive the query parameters you supply — service category, medical specialty, practice size, city, state, EHR system, budget range, and search filters — together with a derived "signal score" (0–3, reflecting how complete the query is), the number of results returned, and a timestamp. If you send a legacy API key, we record only its last four characters (otherwise the call is logged as "anonymous"). We receive your IP address from the network connection and use it solely for rate limiting.
To operate the service and return results; to enforce rate limits (100 calls per IP per day); and to produce aggregate demand analytics that help us improve the directory and prioritize vendor coverage.
Query metadata is stored in Airtable (our data processor). Your IP address is stored only as a per-day rate-limit counter in Cloudflare KV and automatically expires after 48 hours; your IP is not written to Airtable.
Query-metadata records are retained for service-improvement analytics for up to 24 months, after which they are deleted or aggregated. Rate-limit counters expire automatically after 48 hours.
We use Airtable as a processor and Cloudflare as our hosting and infrastructure provider. Aggregate, non-identifying demand insights may inform vendor and sponsor outreach. We do not sell personal data.
No patient health information is requested or required — do not submit patient data through this service. There is no account registration and no cookies (the service is keyless).
We may update this policy; the current version is always at this URL.