Service: Taiwan Health MCP Server
Operator: HealthyMind Tech
Effective date: 2025-01-01 | Last updated: 2026-04-09
This Data Processing Agreement ("DPA") applies between HealthyMind Tech ("Operator", "we", "us") and any individual or organisation ("User") accessing the Taiwan Health MCP Server via Anthropic's Claude products or directly through the MCP API. It describes how data flows through the server, what is retained, and the obligations of each party.
Taiwan Health MCP Server is a read-only query API that provides access to publicly available medical terminology and pharmaceutical datasets. It does not accept, store, or process personal health information submitted by users. All 28 tools perform outbound database lookups against pre-loaded public datasets and return structured results to the MCP client.
| Data category | Source | Retained by operator? |
|---|---|---|
| Tool call metadata (tool name, timestamp, duration, status) | Generated internally | Yes — audit log, 90 days |
| SHA-256 hash of tool parameters | Derived from request | Yes — audit log, 90 days; raw values are never stored |
| Medical terminology query strings (e.g. ICD codes, drug names) | User / Claude client | No — processed transiently; not written to storage |
| Redis cache entries (query result payloads) | Internal | Temporarily — TTL 1–24 hours, then auto-deleted |
| Personal health information | — | Not collected, not accepted |
Data is processed solely to fulfil individual API requests from the MCP client. There is no secondary use: query data is not used for model training, profiling, analytics, advertising, or any purpose beyond returning the immediate response.
The legal basis for processing operational logs (tool name, hash, timing) is legitimate interest in operating a reliable, auditable service.
The audit logger (src/audit.py) records only the SHA-256 hash of
parameters — never the raw values. This design ensures that patient-identifiable
query terms (e.g. a patient's ICD code or medication name) cannot be reconstructed
from the audit trail, consistent with HIPAA safe-harbour de-identification
requirements.
| Sub-processor | Role | Data shared |
|---|---|---|
| PostgreSQL 16 (self-hosted) | Primary data store for terminology datasets | Query strings (transient, in-process only) |
| Redis 7 (self-hosted) | Response cache | Serialised query result payloads (TTL-bound) |
| Anthropic | MCP platform / Claude client | Tool call parameters and responses, per Anthropic's Privacy Policy |
All infrastructure (PostgreSQL, Redis) is operated by the Operator on self-managed servers. No data is sent to external cloud sub-processors except via Anthropic's platform as described above.
The server is hosted in Taiwan. Tool call data passed through Anthropic's platform may be processed in the United States or other jurisdictions per Anthropic's data processing terms. The Operator does not independently transfer data outside Taiwan.
audit).Because the Operator does not collect personally identifiable information, there is no personal data subject to access, rectification, erasure, or portability requests under GDPR or similar regulations. If you believe this server has inadvertently processed personal data, contact us at the address in Section 12 and we will investigate within 30 days.
In the event of a confirmed data security incident affecting user data, the Operator will notify affected users and, where required by applicable law, relevant supervisory authorities, within 72 hours of becoming aware of the breach.
For data processing questions or concerns:
This agreement is governed by the laws of Taiwan (R.O.C.). Any dispute shall be subject to the exclusive jurisdiction of the Taiwan Taipei District Court.
We may update this DPA from time to time. The effective date at the top of this page reflects the most recent revision. Continued use of the service after an update constitutes acceptance of the revised terms.