Privacy Policy

Last updated: May 1, 2026

This Privacy Policy describes how Patent Client, LLC, a Texas limited liability company ("Patent Client," "we," "us," or "our") collects, uses, retains, and discloses information in connection with the public demonstration service available at mcp.patentclient.com (the "Service"). This policy is incorporated into, and is part of, our Terms of Use.

Bottom line: the Service is a public demonstration. We collect the minimum information needed to authenticate users via Google, enforce per-user rate limits, prevent abuse, and operate the Service. We do not sell personal data, run targeted advertising, or embed third-party tracking. Your queries are proxied to the underlying patent data sources, which may keep their own records. Treat the Service like any other public web tool: do not submit privileged, client-confidential, trade-secret, or otherwise sensitive information.

1. Information We Collect

We collect a narrow set of information when you use the Service:

• Account identity (from Google). When you sign in, Google provides us with your Google account email address, a stable Google-issued user identifier, and (depending on your Google account settings) basic profile information such as your name. We use this information to identify your account, attribute requests for rate-limiting purposes, and contact you about the Service if necessary.
• Request and usage data. When you make a request through the Service, we record the request endpoint, method, timestamp, response size in bytes, your user identifier, and the outcome (success, error, or rate-limited). This data is used to enforce rate limits, debug failures, prevent abuse, and produce aggregate operational metrics.
• Query content. The Service relays your search parameters, patent numbers, identifiers, and similar request inputs to upstream patent data sources (see Section 3 below). These inputs may also appear in our request logs for debugging and abuse prevention.
• Technical data. Standard server logs collect your IP address, user-agent string, and connection metadata. This data is collected by our hosting provider (Google Cloud Run) and used for security, abuse prevention, and diagnostics.
• Cookies. See Section 5 below. The Service uses one functional cookie to record your acceptance of the Terms of Use. The Service does not set advertising or cross-site tracking cookies.

We do not knowingly collect Social Security numbers, driver's license numbers, biometric data, precise geolocation, payment-card numbers, health data, or sensitive personal information categories under applicable state law. The Service has no payment functionality.

2. How We Use Information

We use the information described in Section 1 to:

• Authenticate you and operate the Service;
• Enforce per-account rate limits and detect abusive use;
• Diagnose errors and improve reliability;
• Maintain aggregate operational metrics (for example, total daily request volume);
• Comply with our legal obligations and respond to lawful requests; and
• Enforce our Terms of Use and protect the rights, property, and safety of Patent Client, our users, and the public.

We do not use your information for targeted advertising, behavioral profiling, or any form of automated decision-making that produces legal or similarly significant effects about you. We do not train machine-learning models on your query content.

3. Who We Share Information With

We share information with a limited set of third parties, each described below.

• Google (authentication). Google is our identity provider. When you sign in, your interaction with Google's OAuth flow is governed by Google's Privacy Policy. Google receives information necessary to authenticate you and may log the authorization itself.
• Upstream patent data sources. The Service proxies your queries to public and third-party patent data sources, including the United States Patent and Trademark Office (USPTO) Open Data Portal and Public Search systems, the European Patent Office (EPO) Open Patent Services, Google Patents, the Manual of Patent Examining Procedure (MPEP), and the Cooperative Patent Classification (CPC) system. Each upstream source receives the search parameters needed to fulfill your request and may keep its own records. Their use of that data is governed by their own policies.
• Hosting and infrastructure providers. The Service is hosted on Google Cloud Platform. Google Cloud processes information on our behalf as a service provider, including running the Cloud Run container, storing rate-limit counters in Firestore, and ingesting server logs into Cloud Logging.
• Legal, safety, and compliance. We may disclose information when we believe in good faith that disclosure is necessary to comply with a court order, subpoena, regulatory request, or applicable law; to enforce our Terms of Use; or to protect the rights, property, or safety of Patent Client, our users, or the public.
• Business transfers. If Patent Client is involved in a merger, acquisition, financing, reorganization, dissolution, or sale of all or substantially all of its assets, your information may be transferred as part of that transaction. We will notify affected users where required by law.

We do not sell your personal data, and we do not share your personal data for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act and similar state laws.

4. How Long We Keep Information

We retain personal data for as long as we deem reasonably necessary for the purposes described in this policy, taking into account our operational needs, the security and abuse-prevention value of historical data, our legal and regulatory obligations, applicable statutes of limitations, and the nature and sensitivity of the information. We do not commit to a specific retention period. Aggregated and de-identified information may be retained indefinitely. Account identifiers and request logs may be retained for the lifetime of the Service. Subject to your statutory rights described in Section 6, you may request deletion of personal data about you, and we will fulfill those requests as required by applicable law.

5. Cookies and Tracking Technologies

The Service uses one cookie: pca_terms_accepted, which records that you have agreed to the current version of our Terms of Use. The cookie is set with the HttpOnly, Secure, and SameSite=Lax attributes, expires after one year, and contains only the version string of the Terms you accepted. It is not used for tracking, analytics, or advertising.

The Service does not use Google Analytics, advertising pixels, or third-party trackers. The Service does not set cookies for behavioral advertising or cross-site tracking. Some browsers send a Global Privacy Control ("GPC") signal; because we do not sell or share personal data for cross-context behavioral advertising, no opt-out is necessary, but we honor GPC signals as required by applicable law.

6. Your Rights and Choices

Depending on where you reside, you may have rights under applicable privacy laws — including the California Consumer Privacy Act (as amended by the California Privacy Rights Act), and analogous laws in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and other states. These rights typically include:

• Access. Confirm whether we process your personal data and obtain a copy in a portable format.
• Correction. Request correction of inaccurate personal data.
• Deletion. Request deletion of your personal data, subject to exceptions under applicable law (for example, where we must retain data for security, legal, or compliance reasons).
• Opt out of sale, sharing, profiling, and targeted advertising. We do not sell or share personal data and do not engage in targeted advertising or profiling, so no opt-out is necessary; however, you may submit a request and we will confirm that no such processing occurs.
• Non-discrimination. We will not deny you the Service, charge a different price, or provide a different level of service because you exercised your privacy rights.
• Appeal. If we deny your request, you may appeal by replying to our response or by contacting us again at the address in Section 11.

To exercise any of these rights, email pypatent2018@gmail.com with the subject line "Privacy Request" and a description of your request. We will verify your identity through your Google account email of record before fulfilling sensitive requests. We will respond within the timeframes required by applicable law (generally 45 days, with one extension where permitted). You may use an authorized agent to submit a request on your behalf where permitted by law; we may require written proof of authorization.

Nevada residents: Nevada law provides a limited right to opt out of the sale of certain personal information. We do not sell personal information triggering Nevada's opt-out requirement, but you may submit a request to the email address above to confirm.

7. Children

The Service is intended for adult, professional users — primarily patent practitioners, researchers, and developers integrating patent data into AI workflows. The Service is not directed at children under 18, and we do not knowingly collect personal information from anyone under 18. If you believe a child under 18 has provided personal information through the Service, please contact us at the address in Section 11 and we will delete that information.

8. Security

We use commercially reasonable administrative, technical, and physical measures designed to protect personal data from accidental loss, unauthorized access, use, alteration, and disclosure. These measures include transport encryption (HTTPS), authentication via Google OAuth 2.0, scoped service accounts, and encrypted storage at rest provided by Google Cloud Platform. No system can be perfectly secure, however, and we cannot guarantee the security of information transmitted to or through the Service. You are responsible for maintaining the confidentiality of your Google account credentials and for the actions taken under your account.

9. International Users

The Service is operated from the United States and is intended for users located in the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States. United States privacy laws may differ from those of your country, and by using the Service you consent to that transfer and processing. We do not intentionally target users in the European Economic Area, the United Kingdom, Switzerland, the People's Republic of China, or any other jurisdiction whose laws would require additional disclosures or affirmative consent we have not obtained.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of the page and, for material changes, take additional reasonable steps to notify users (such as posting a notice on the Service or, where appropriate, emailing affected users). Your continued use of the Service after a change to this policy constitutes your acceptance of the updated policy.

11. Contact

Questions, concerns, or requests under this Privacy Policy may be sent to:

Patent Client, LLC
Email: pypatent2018@gmail.com

This Privacy Policy is provided for the public demonstration only. If you need a private deployment with contractual confidentiality, Data Processing Addendum, or different data-handling commitments, contact us about an enterprise instance.