← back to Petal

Privacy

Last updated: 18 July 2026

Petal (mcp.florist) is operated by Leonardo Rignanese, Italy (petal@leorigna.com). This page explains what data the service touches and what happens to it.

Waitlist emails

If you leave your email on the landing page, we store exactly two things: the email address and the time you submitted it. It is used only to tell you when Petal launches or materially changes. No newsletters, no sharing, no selling. Email petal@leorigna.com at any time to have your address deleted.

Orders and payments

Analytics

The landing page uses self-hosted, privacy-first analytics (tgram-analytics): no cookies, no fingerprinting, and the browser's Do Not Track setting is honoured. Data collected is aggregate (pageviews, anonymous session, coarse device info) and is not linked to your identity.

MCP endpoint

The /mcp API requires sign-in via an OAuth authorization server. Authentication tokens are verified and not stored beyond the request.

Your rights

Under the GDPR you can request access, correction, or deletion of any personal data we hold (for most visitors that is at most a waitlist email). Write to petal@leorigna.com and it will be handled promptly.


Questions? Get in touch.