← Back to Typst MCP Server
Privacy Datenschutz Terms Nutzungsbedingungen Imprint Impressum

Privacy Policy

Last updated: May 18, 2026

1. Controller

This policy applies to the website and Typst MCP Server operated at typst.grenz.net by Levi Grenz, Wilhelmstraße 1, 72649 Wolfschlugen, Germany. Contact: admin@grenz.net.

2. Hosting and Server Logs

The website and MCP endpoint are hosted on a server in Germany. When you access the website, static assets, rendered files, or the MCP endpoint, the server processes technically necessary access data. This can include IP address, date and time, requested URL, HTTP status code, transferred bytes, user agent, and referrer.

This processing is necessary to deliver the site and service, maintain stability and security, and investigate errors or abuse. Where the GDPR applies, the legal basis is legitimate interest under Article 6(1)(f) GDPR.

3. MCP Use and Document Processing

When the MCP endpoint is used, submitted Typst, LaTeX, or document content is processed only to perform the requested tool action, such as rendering, syntax validation, documentation retrieval, or conversion.

Rendered files are made available through temporary public download URLs. Deletion follows the lifespan selected for the render: 6 hours by default, capped at 48 hours. Do not submit unnecessary personal, confidential, or sensitive data.

4. Local Assets and External Requests

The landing page serves CSS, icons, and fonts locally from this server. It does not load Google Fonts, Tailwind CDN, or icon CDN resources from third-party providers.

MCP documentation tools may fetch official Typst documentation from typst.app server-side when a connected MCP client explicitly calls those tools.

5. Cookies and Local Storage

The landing page stores privacy preferences in localStorage. Necessary storage is used to remember this choice locally in your browser. Optional analytics are disabled by default and are only loaded if you actively opt in through the privacy settings and an analytics measurement ID is configured.

You can reopen the privacy settings from the footer at any time and change your analytics preference.

6. Recipients

Personal data is not shared except where technically necessary for hosting, operation, security, or legal obligations. Server-side documentation fetches may create connection data at the destination provider.

7. Retention

Temporary rendered files are deleted after the selected render lifespan: 6 hours by default, capped at 48 hours. Render log entries are deleted individually after 30 days. Other server logs are retained only as long as necessary for operation, troubleshooting, and security.

8. Your Rights

Where applicable, you may have rights to access, rectification, deletion, restriction of processing, data portability, and objection under the GDPR. You may also lodge a complaint with a competent supervisory authority.

9. Changes

This policy may be updated when technical features, operational practices, or legal requirements change.