Last Updated: May 7, 2026
The Motivosity MCP Connector ("Connector") allows AI assistants to interact with Motivosity on behalf of authenticated users. This policy describes what data the Connector accesses, how it is used, and how it is protected.
The Connector reads and writes data within your existing Motivosity account. No data is copied to or stored by the Connector layer itself.
Read access:
User identity: your name, email address, job title, and department
Company context: company name and subdomain
Recognition activity: appreciation and award history (sender, recipient, amount, message, company value cited)
Program and budget data: budget balances, fund sources, program configuration
Organizational metadata: departments, user groups, countries, custom field definitions
Engagement metrics: participation rates, login counts, satisfaction survey scores (requires Manager, Leader, or Admin role)
Write access (requires explicit confirmation before submission):
Sending an appreciation on your behalf (recipient, message, amount, company value)
Giving an award on your behalf (recipient, award type, amount)
Access to the Connector requires a valid Motivosity OAuth 2.0 Bearer token. The Connector enforces the same role-based and company entitlement controls as the Motivosity web application. Tools you are not authorized to use are silently omitted from the available tool list — they are never exposed or called.
All requests between the AI client and Motivosity are made over HTTPS. The Connector is stateless — no user data is persisted by the MCP layer between requests.
The Connector logs the following metadata for security auditing and performance monitoring: user ID, company ID, endpoint path, HTTP status code, MCP method name, and tool name. No message content, personal data fields, or recognition message text is written to logs. Logs are retained in accordance with Motivosity's standard data retention policy. Anonymized performance telemetry is sent to New Relic APM.
Data accessed through the Connector is retrieved from your company's Motivosity account and returned only to the authenticated AI session that requested it. Motivosity does not sell, share, or use this data for training AI models.
Access to the Connector can be revoked at any time by revoking the associated OAuth token in your Motivosity account settings or by contacting your Motivosity account administrator.
For privacy questions, contact: privacy@motivosity.com