AI transparency
What data leaves your tenant when you use bc-mcp-proxy or any AI-driven service we ship. Plain-English answers.
Last updated:
The EU AI Act and ordinary corporate procurement both expect AI vendors to be straight about how their systems work. We agree. This page is the short version of “what does it mean when you let us connect AI to your business systems.”
What bc-mcp-proxy does
The proxy is a thin, local-only bridge between an AI client (Claude Desktop, VS Code, Cursor) running on your machine and the Microsoft-hosted Business Central MCP endpoint.
- It runs on your computer. Not on a 360 Solutions server, not on a third-party cloud.
- It does not call out to OpenAI, Anthropic, Google, or any model provider. The AI client does that.
- It does not log the content of your queries or BC responses. It logs metadata for diagnostics (request shape, latency, error class) — never the data itself.
- It does not send anything to 360 Solutions. We have no telemetry pipeline.
If we ever change this — for example, adding optional opt-in error reporting — we will say so loudly in the release notes and on this page.
Which AI provider talks to your data
You choose, and you control. The proxy is provider-agnostic: it speaks the open Model Context Protocol, and any MCP-capable client works.
Common configurations and what each provider does with your data:
| Client | Default model provider | Where queries go | Used for training? |
|---|---|---|---|
| Claude Desktop (free, personal) | Anthropic | US data centres (or EU if you opt in via Claude.ai settings) | Anthropic does not train on consumer-tier conversation content as of writing. Verify on anthropic.com/legal. |
| Claude Desktop (Team/Enterprise) | Anthropic | EU data residency available | Not trained on. Contractual terms apply. |
| Cursor | OpenAI / Anthropic (you choose) | Per provider | Per provider. Cursor has its own privacy mode — verify in their docs. |
| VS Code Copilot Chat | Microsoft / OpenAI | Per Microsoft’s licensing | Microsoft does not train on enterprise customer data. Consumer plans differ. |
The proxy itself adds nothing on top — the data your AI client sees is exactly what the AI client’s provider receives.
What about the BC server side
The Microsoft-hosted Business Central MCP endpoint is part of your existing BC subscription. It runs in your Microsoft 365 tenant region, with your existing data residency and compliance posture. Every call is authenticated as the signed-in user — the AI gets exactly the permissions that user has, no more.
What we recommend
- Pick a reputable client with a privacy mode you trust for sensitive BC data. Claude Desktop Team or VS Code Copilot Chat (enterprise) both have appropriate enterprise terms.
- Use the BC MCP Configuration as a permission gate. In Business Central you decide per Configuration which pages and objects are exposed. Sensitive data goes behind a separate Configuration that you only flip Active for specific users or scenarios.
- Don’t paste secrets into your AI client chat. Tokens, customer data not relevant to the question, internal documents — keep them out of prompts unless you need them in the answer.
If you want help threading this for your tenant, a hands-on Setup Session covers it — free through 30 June 2026 while we shape the offering. Book a discovery call first to see if it’s a fit.