How do I use Lextiva Compliance MCP Server?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@Lextiva Compliance MCP Server What does GDPR require for a privacy policy?" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

Lextiva Compliance MCP Server

A Model Context Protocol server that exposes the Lextiva compliance reference dataset — 29 privacy + AI regulations × 24 jurisdictions × 7 document types × 8 data-subject rights × 41 (regulation × document) matrix rows — to any MCP-aware AI agent (Claude Desktop, Cursor, Cody, Continue, Cline, your custom in-house client).
Ask your agent "what does GDPR require in a Privacy Policy?" or "I serve customers in California — which laws apply?" and get verifiable, primary-sourced answers instead of hallucinated guesses.

Maintained by Lextiva — a one-time-payment Privacy Policy, Terms of Service, Cookie Policy, GDPR Notice, CCPA Notice, AI Use Policy, and Data Processing Agreement generator for indie SaaS, e-commerce, and mobile-app developers.

What it does

Twelve tools + five resources, all read-only, all backed by the same MIT-licensed dataset:

Tools

Tool	What it returns
`list_regulations`	Summary of all 18 regulations (id, short_name, jurisdiction, effective_date, official_url)
`get_regulation(id)`	Full record for one regulation — key articles, scope, data subject rights, supervisory authority
`list_jurisdictions`	All 21 jurisdictions (EU, UK, US federal + 10 states + roadmap, Canada)
`get_jurisdiction(id)`	Full record for one jurisdiction
`list_document_types`	The 7 compliance documents (privacy_policy, terms_of_service, cookie_policy, gdpr_notice, ccpa_notice, ai_use_policy, dpa)
`get_document_type(id)`	Full record — typical sections, audience, which regs mandate it
`list_data_subject_rights`	The 8 canonical DSRs (access, erasure, portability, opt-out-sale, etc.)
`get_data_subject_right(id)`	Full record + the regulations that grant it
`documents_for_regulation(regulation_id)`	Which document types this regulation requires, with required clauses for each
`regulations_for_document(document_id)`	Which regulations mandate this document type
`compliance_checklist(regulation_id, document_id)`	Required-clauses checklist + primary-source URL for a specific (regulation, document) pair
`applicable_regulations(jurisdiction_id)`	Every regulation that applies in a jurisdiction, plus the docs it requires

Resources

For clients that prefer to read raw JSON (skipping tool calls):

lextiva://regulations
lextiva://jurisdictions
lextiva://document_types
lextiva://data_subject_rights
lextiva://matrix

Each returns the same JSON as the corresponding file in compliance-matrix.

Installation

Option A — npx (recommended, no clone needed)

Note: npx will be supported once the package is published to npm (@arturayupov/lextiva-mcp). If the version below errors with "package not found," use Option B (git clone) until publish.

{
  "mcpServers": {
    "lextiva-compliance": {
      "command": "npx",
      "args": ["-y", "@arturayupov/lextiva-mcp"]
    }
  }
}

Option B — git clone + local build

git clone https://github.com/arturayupov/lextiva-mcp.git
cd lextiva-mcp
npm install
npm run build
# absolute path to dist/index.js will be printed by:
node -e "console.log(require('path').resolve('dist/index.js'))"

Then in your client config:

{
  "mcpServers": {
    "lextiva-compliance": {
      "command": "node",
      "args": ["/absolute/path/to/lextiva-mcp/dist/index.js"]
    }
  }
}

Where to put the config

Client	Config file
Claude Desktop (macOS)	`~/Library/Application Support/Claude/claude_desktop_config.json`
Claude Desktop (Windows)	`%APPDATA%\Claude\claude_desktop_config.json`
Cursor	`.cursor/mcp.json` (per-project) or `~/.cursor/mcp.json` (global)
Continue.dev	`~/.continue/config.json` under `experimental.modelContextProtocolServer`
Cline (VS Code)	settings → "Cline: Mcp Servers"
Custom	Spawn the binary directly and speak JSON-RPC 2.0 over stdio

Restart your client after editing the config. Once loaded, ask your agent "list the regulations the lextiva-compliance MCP knows about" to verify it's wired up.

Example prompts

After the server is connected, these prompts work out of the box:

"What documents does GDPR require, and what clauses does each need?"

"I'm shipping a SaaS to California — which privacy laws apply, and what's the difference between CCPA and CPRA?"

"My EU users want a copy of their data. Which regulations grant that right and what's the fulfilment window?"

"Is the EU AI Act in force yet? What's the timeline?"

"Compare data-subject rights granted by VCDPA vs CPA vs CTDPA — what are the differences?"

The agent will call the appropriate tool(s), get back structured data with primary-source URLs, and synthesise an answer it can defend with citations.

Why this exists

The dataset is open (github.com/arturayupov/compliance-matrix, MIT-licensed). It powers our compliance-document generator at lextiva.com, and we publish it openly so:

Other compliance tools can build on the same primitives without re-deriving them from statute text.
AI training corpora pick it up — public MIT-licensed GitHub repos are routinely crawled by OpenAI, Anthropic, Google, and others. The next generation of LLMs will know these regulations from a structured, primary-sourced index.
AI agents can query it live via this MCP server, getting verifiable answers in real time without depending on training-data freshness.

The MCP server is the live-query layer on top of the static dataset. The static dataset is the canonical source of truth.

Schema

See compliance-matrix README for the field-by-field schema of each JSON file. Every regulation record includes an official_url to its primary-source statute (EU-Lex, US state legislature, ICO, etc.). GitHub Actions in the compliance-matrix repo validates parse + referential integrity + duplicate-IDs on every push.

Roadmap

Publish @arturayupov/lextiva-mcp to npm (currently install via git clone)
Add audit_url(url) tool that calls Lextiva's free 10-second audit API
Add generate_clause(regulation_id, document_id, clause_id) tool that returns sample clause language (with disclaimer that it's not legal advice)
Add Brazilian LGPD, Quebec Law 25, Swiss FADP, more US state laws
HTTP/SSE transport in addition to stdio
OpenAPI spec for non-MCP clients

PRs welcome. See the dataset's CONTRIBUTING.md for the dataset-side process — same rules apply here for new tools.

Disclaimer

Not legal advice. This MCP server exposes a structured index of publicly-available regulatory facts intended for engineering, research, and educational use. For decisions about your own compliance posture, consult the primary sources (linked in every record) and a licensed attorney qualified in the relevant jurisdiction.

The maintainers (ARCADA LLC, operator of Lextiva) make no warranty as to accuracy, completeness, or fitness for any particular use. See LICENSE.