Privacy

Privacy Policy

Last updated: June 2026. We take privacy seriously. When you self-host, we collect nothing. When you use our cloud, we collect the minimum needed for billing — and never your prompt content.

What We Collect

  • API keys you provide for model providers (stored encrypted, never logged in plaintext).
  • Usage metadata: model IDs, token counts, timestamps, and request status — for billing and analytics.
  • Account information: email address (only for cloud users).
  • We do NOT collect or store: the content of your prompts or completions (in cloud mode, these pass through transitively but are not persisted).

Self-Hosted Mode

  • When self-hosting, 1Router collects zero data. No telemetry, no analytics, no phone-home.
  • All data stays in your infrastructure — your database, your logs, your rules.
  • You are responsible for your own privacy compliance when self-hosting.

Data Storage

  • Cloud mode: usage metadata is stored in our PostgreSQL database for billing and dashboard analytics.
  • Prompt and completion content is NOT persisted in cloud mode — it streams through and is discarded.
  • API keys are encrypted at rest using AES-256-GCM.
  • You can request complete data deletion at any time by emailing privacy@1router.com.

Your Rights

  • Access: Request a copy of all data we hold about you.
  • Deletion: Request permanent deletion of your account and all associated data.
  • Portability: Export your usage data in JSON format at any time.
  • Opt-out: Self-host 1Router to eliminate all data sharing with us.

Questions about privacy?

Email us at privacy@1router.com or consider self-hosting for complete data sovereignty.