ModelRoute

Privacy Policy

Last updated: March 22, 2026

1. Introduction

ModelRoute ("we", "us", "our") operates a provider-opaque AI execution infrastructure. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. By using ModelRoute, you consent to the practices described in this policy.

2. Data We Collect

Account Information

Name, email address, organization name, and role. If you sign up via OAuth (Google, GitHub), we receive your name and email from the identity provider.

Payment Information

Payment processing is handled entirely by Stripe. We never store credit card numbers, CVVs, or full card details. We retain Stripe customer IDs, payment method metadata, and transaction records for billing purposes.

Execution Metadata

We collect execution IDs, model slugs, status, timestamps, cost data, hold/settlement records, error codes, and webhook delivery status. This data is scoped to your organization.

Input and Output Content

We process your input payloads and AI-generated outputs solely to provide the service (routing, translation, delivery). We do NOT use your input or output content to train, fine-tune, or improve any AI models. Input/output content is forwarded to the selected provider and is subject to that provider's data handling policies.

File Data

Files you upload are stored in platform-owned storage (Cloudflare R2). Provider outputs are downloaded and re-hosted. File metadata (size, type, upload timestamp, storage key) is retained as part of execution records.

Technical Data

IP addresses, user agent strings, session tokens, API key identifiers (hashed), request timestamps, and rate limit counters for security and authentication purposes.

Usage Analytics

We collect anonymized and aggregated usage data (execution counts, model usage patterns, error rates, latency distributions) to improve service reliability and performance. This data cannot be used to identify individual users or reconstruct specific executions.

3. How We Use Your Data

  • Service delivery: Routing executions to providers, translating payloads, delivering results, and managing file storage.
  • Authentication and access control: Verifying identity, managing sessions, and enforcing API key permissions.
  • Billing: Processing payments, managing holds and settlements, generating usage records, and supporting auto top-up.
  • Reliability and resilience: Operating circuit breakers, per-provider bulkheads, and config-driven error mapping.
  • Security: Detecting abuse, rate limiting, audit logging, and fraud prevention.
  • Communication: Sending transactional emails (verification, password reset, billing alerts, webhook delivery failures). We do not send marketing emails without explicit opt-in.

We do NOT use your data to: train AI models, sell to third parties, serve advertisements, build user profiles for marketing, or any purpose beyond operating the service as described.

4. Third-Party Data Processors

We share data with the following third-party processors strictly as necessary to operate the service:

  • Stripe: Payment processing and billing. Subject to Stripe's Privacy Policy.
  • Google Cloud Platform: Infrastructure hosting, PostgreSQL database, Redis caching.
  • Cloudflare: CDN, R2 object storage for file hosting, DDoS protection.
  • Vercel: Frontend hosting and delivery.
  • Google and GitHub (OAuth): Authentication when you choose these sign-in methods.
  • AI Model Providers: Your execution payloads are forwarded to the third-party provider selected by our routing system. ModelRoute does not own, operate, train, or control any AI model. Each provider has its own data handling and privacy policies which govern how your data is processed by their models. Because ModelRoute is provider-opaque, you may not know which specific provider processes a given execution. We have no control over and accept no responsibility for how third-party providers handle your data once it is transmitted to them.

We do not sell, rent, or trade your personal data to any third party.

5. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of account deletion request, subject to legal retention requirements.
  • Session data: Expired sessions deleted automatically within 7 days.
  • Password reset tokens: Deleted within 24 hours after use or expiration.
  • Authentication audit logs: Retained for 90 days, then archived or deleted.
  • Execution metadata: Retained for 12 months. Organizations may request earlier deletion.
  • Stored files: Retained per your organization's configured TTL. Deleted upon account termination.
  • Billing records: Retained for the legally required period (typically 7 years) for tax and accounting compliance.
  • Provider callback audit logs: Retained for 90 days for debugging and dispute resolution.

6. Your Rights

Under applicable data protection laws (including GDPR, CCPA, and similar frameworks), you have the following rights:

  • Access: Request a copy of the personal data we hold about you and your organization.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing of your data for specific purposes.
  • Restriction: Request restriction of processing in certain circumstances.
  • Withdraw Consent: Where processing is based on consent, you may withdraw at any time.
  • Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, contact us at privacy@modelroute.ai. We will respond within 30 days. We may request identity verification before processing your request.

7. Cookies

We use session cookies solely for authentication purposes. These cookies are HTTP-only, secure, SameSite=Strict, and contain an opaque session token. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. No cookie consent banner is required because we do not use cookies for tracking or advertising purposes.

8. Cross-Border Data Transfers

Our primary infrastructure is hosted in the United States on Google Cloud Platform. If you are located outside the United States, your data will be transferred to and processed in the US. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection for data transferred from the EU/EEA. AI model providers may process data in additional jurisdictions depending on their infrastructure.

9. Security

We implement industry-standard security measures including: encryption in transit (TLS 1.2+), encryption at rest, hashed passwords (Argon2), HMAC-SHA256 API key authentication, CSRF protection, rate limiting (sliding window), audit logging with trace correlation (OpenTelemetry), and infrastructure monitoring (Prometheus). While we employ commercially reasonable measures to protect your data, no method of transmission or storage is 100% secure.

10. Children's Privacy

The service is not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 18, we will delete it promptly. If you believe a child has provided us with personal data, contact us at privacy@modelroute.ai.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we will also notify you via email. Your continued use of the service after changes constitutes acceptance. If you do not agree, you must stop using the service and terminate your account.

12. Contact

If you have questions about this Privacy Policy or our data practices, contact us at:

privacy@modelroute.ai