Privacy Policy

Last updated: January 31, 2026

CouchLoop EQ is an MCP (Model Context Protocol) server that provides behavioral governance for AI assistants. This policy explains what data we collect and how we protect it.

Our Privacy Commitment

CouchLoop EQ is designed with privacy-first principles. We collect minimal data, don't sell your information, and give you control over your sessions.

Information We Collect

Session Data

When you use CouchLoop EQ through ChatGPT or Claude, we may store:

Session identifiers (anonymous, randomly generated)
Checkpoints and insights you explicitly save
Journey progress (e.g., which step you're on)

Message Content

Messages sent through the send_message tool are processed by our therapeutic AI integration (Shrink-chat) to provide responses. We may temporarily log messages for:

Crisis detection and safety monitoring
Governance evaluation (hallucination/inconsistency detection)
Session continuity

Developer Tools

When using developer safety tools (package validation, security scanning), code snippets are analyzed in real-time and not stored after processing.

What We Don't Collect

Your name, email, or personal identifiers
Your ChatGPT or Claude account information
Payment or billing information
Location data

What We DON'T Do With Your Data

❌ Sell Data

We never sell your data to third parties

❌ Train AI

We don't use your conversations to train AI models

❌ Advertising

No marketing, no ads, no tracking pixels

❌ Share

No sharing without explicit consent

How We Protect Your Data

🔐 Encryption

All data encrypted in transit (TLS) and at rest

🔑 Session Isolation

Each session is isolated; users can only access their own data

🗑️ Minimal Retention

Temporary data deleted after session ends

📍 Hosting

Hosted on Railway (US) with Supabase database

Third-Party Services

CouchLoop EQ uses the following trusted services:

Railway – Application hosting
Supabase – Database with encryption and access controls
Shrink-chat API – Therapeutic AI responses (CouchLoop-owned)
Package Registries – npm, PyPI, Maven, etc. for package validation (public APIs, no data sent)

Data Retention

Session data: Retained while session is active; deleted after 30 days of inactivity
Saved insights: Retained until you delete them
Governance logs: Retained for 7 days for safety monitoring
Code analysis: Not retained; processed in memory only

Your Rights

You can:

Request a copy of your stored data
Delete your session and saved insights at any time
Use the service anonymously (no account required)

No Account Required

CouchLoop EQ works without signup. Sessions are identified by randomly generated IDs, not personal information. This means:

No email verification
No password storage
No personal profile

Contact

Questions about this privacy policy? Contact us:

privacy@couchloop.com

Policy Updates

Material changes will be reflected on this page with an updated "Last updated" date. For significant changes, we'll update the landing page to notify users.