Privacy Policy

Last updated: 2026-05-02

This Privacy Policy explains what AllRoutes.ai (“we”, “us”) collects, why, and what control you have. It applies to AllRoutes.ai, the unified AI gateway. It does not cover the upstream AI providers we forward your requests to — each has its own privacy policy that governs how they handle the prompt content you choose to send through them.

1. What we collect

  • Account data: name, email, password hash, account-creation timestamp, and (if you sign in with OAuth) the third-party identity provider’s user id.
  • Request metadata: for every API call routed through the gateway, we record the timestamp, model id, prompt token count, completion token count, latency, upstream provider, HTTP status, and any error code. We do not persist the prompt or the response body.
  • Workspace data: the workspaces you belong to, your role in each, and who invited you.
  • Billing data: credit balance, transaction history, currency, and the identifier issued by our payment processor (we do not see or store your card details — those live with the processor).
  • Provider keys (BYOK): if you bring your own upstream API key, we encrypt it at rest with AES-256-GCM and only decrypt it long enough to attach it to the outbound request to the provider you chose.
  • Cookies: a session cookie for authentication, plus localStorage entries for theme preference and active workspace id. See Cookie Policy.

2. What we do NOT collect

  • We do not train AI models on your prompts.
  • We do not store the body of your AI prompts or responses. Only metadata (token counts, latency, status) is retained.
  • We do not sell your personal data, ever.

3. How we use it

To run and improve the Service: authenticate your account, route requests, charge for usage, surface analytics in your dashboard, prevent abuse and fraud, debug failures, and comply with legal obligations.

4. Who we share it with

  • Upstream AI providers (OpenAI, Anthropic, Google, AWS Bedrock, etc.) — we forward your prompts to whichever provider you chose. Their privacy policies govern what they do with that content.
  • Payment processor — for billing and refunds. They see card details and your billing email; we don’t.
  • Hosting + database — Hetzner Cloud (EU) for application and Postgres, Cloudflare for edge proxy and CDN.
  • Email — transactional email (account verification, password reset) via SMTP. We do not use marketing email lists.
  • Law enforcement — only when compelled by valid legal process or required by applicable law.

5. Retention

  • Account data: kept while your account is active; deleted within 30 days of account closure.
  • Request metadata: kept 90 days, then aggregated and the per-request rows deleted.
  • Billing records: kept 7 years, as required by tax law.
  • Audit logs (admin actions): kept 1 year.

6. Your rights

You have the right to access, correct, export, and delete your personal data. From the Settings page you can: download a JSON export of your account, request deletion of your account, and revoke any provider keys. EU/UK residents additionally have the right to lodge a complaint with their data protection authority.

7. International transfers

Your data may be processed in any country where we, our hosting provider, or our payment processor operate. Where applicable, we rely on Standard Contractual Clauses for transfers out of the EU/UK.

8. Security

We use AES-256-GCM at rest for sensitive credentials, TLS 1.2+ in transit, hashed passwords (bcrypt with cost factor 12), and least-privilege access for employees. No system is perfect; if you discover a vulnerability, please report it to [email protected].

9. Children

The Service is not directed at people under 18. We do not knowingly collect data from children.

10. Changes

We may update this policy. Material changes take effect 30 days after we notify you by email or banner.

11. Contact

Questions or requests? Email [email protected]. We respond within 30 days.