TW Tony Wood

Privacy

Simple public pages, clear boundaries, and no unnecessary tracking.

Tonywood.org is designed as a public reading and agent-discovery site. The current static site does not ask visitors to log in, does not expose private data through the public MCP or public agent, and uses only cookieless analytics when Matomo is configured.

Cookies

The site may use Matomo for simple cookieless analytics. The tracker is configured to call disableCookies before it records page views, so it should not set Matomo tracking cookies.

If advertising tags, embedded third-party widgets, or non-essential cookies are added later, the site should be updated before launch with a clear notice and any consent controls required by law.

Current position

  • No login accounts.
  • No newsletter forms on this site.
  • No advertising trackers.
  • Cookieless Matomo analytics only when a deployed Matomo config is present.
  • No public operational write actions through MCP.
  • No private memory in the public agent.
  • Contact submissions, when enabled, are stored in quarantine.

Operational logs

Basic server logs may be used to keep the public service reliable.

The web server, MCP service, and public agent service may create normal access logs. These can include request time, requested URL, status code, user agent, referrer, approximate network address, and similar technical information.

Public agent requests and responses may also be stored as private quarantined audit records. These records are for security, debugging, abuse review, and later aggregate insight; they are not public content, not agent memory, and not used by the public agent to generate future responses.

Those logs are intended for security, abuse prevention, debugging, uptime checks, capacity planning, and aggregate traffic reporting. They should not be treated as a marketing database.

Log handling principles

  • Keep only what is operationally useful.
  • Prefer aggregate reports over raw log review.
  • Do not publish raw IP addresses or personal identifiers.
  • Treat public agent payloads as untrusted input.
  • Do not use request bodies for public analytics.
  • Review retention before production analytics are enabled.

Agents

The public MCP keeps published content read-only.

The MCP endpoint exists so agents can discover and retrieve published writing, research, Agent Canon notes, topics, profile information, contact guidance, and feedback guidance. Contact and feedback submission, when available, is append-only quarantine and must not be used for private messages, credentials, deployment, filesystem access, or administrative actions.

Agents should cite the canonical human HTML page when using material from this site.

Useful public routes

Last updated

24 April 2026