Prava Toolport Prava Toolport
  • Home
  • Privacy
  • Terms
  • Support

Privacy Policy

Last updated: July 1, 2026

Prava Toolport is built on a simple principle: your tools are your business. The search index, embedding model, and tool catalog live on your machine, and Toolport connects only to the MCP servers you explicitly configure. There is no Toolport cloud backend, and no telemetry.

1. What We Don't Collect

Prava Toolport does not collect, store, or transmit to us:

  • Your search queries or the tasks you describe to the registry
  • Tool names, schemas, or metadata from your MCP servers
  • Arguments or results of tool invocations
  • Analytics or usage telemetry
  • Crash reports sent to any server
  • Device identifiers or fingerprints
  • Advertising identifiers
  • Location data

2. On-Device Processing

Semantic search runs locally. The multilingual embedding model executes on your Mac, and the tool index is stored in a local data directory under your user account. Searching for tools requires no network connection and sends nothing off your device.

3. Connections Toolport Makes

Toolport's job is to broker between your AI agent and the MCP servers you add. It therefore makes network connections only to:

  • The MCP servers you configure — to list their tools and to proxy tool invocations your agent requests. What those third-party servers do with requests is governed by their own privacy policies.
  • OAuth sign-in endpoints for servers that require it (for example, Microsoft or GitHub hosted services) — authentication happens directly between your machine and the identity provider.

Toolport never routes your traffic through Prava Labs servers.

4. OAuth Tokens and Credentials

When a remote MCP server requires sign-in, the resulting tokens are stored locally on your Mac in Toolport's data directory. Tokens are used solely to authenticate your requests to that server. We never see, receive, or store your credentials or tokens.

5. Team and Enterprise Features

Governance receipts, security pre-screen results, and cost metering data are generated and stored locally (or on a server your own organization operates in network mode). They are not transmitted to Prava Labs.

6. Mac App Store Sandbox

The Mac App Store edition of Toolport is fully sandboxed. It cannot access files outside its container without explicit user permission and holds only the entitlements needed to connect to the remote servers you configure.

7. Third-Party Services

Toolport does not integrate with any third-party analytics, advertising, crash reporting, or tracking services. There are no SDKs, no beacons, no pixel tracking.

8. Purchase and Payment

App Store purchases are processed entirely by Apple; we do not receive or store any payment card information. Licenses for the direct-download edition are validated offline using public-key cryptography — validation does not phone home.

9. Support Communications

If you contact us at [email protected], we receive only the information you choose to include in your email. We use this solely to respond to your inquiry and do not share it with any third party.

10. Children's Privacy

Prava Toolport is a professional developer tool not directed at children under 13. We do not knowingly collect any information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of the app after changes constitutes acceptance.

12. Contact

Questions about this policy? Contact us at [email protected].

© 2026 Prava Labs, LLC. All rights reserved.  |  Privacy  |  Terms  |  Support