corouter
Get API key

Privacy Policy

Last updated June 30, 2026

This policy explains what data corouter collects, how we use it, who we share it with, and the choices you have. It applies to corouter.co, the console, and the corouter API.

1. Data we collect

  • Account data: your email address, authentication credentials, and any profile or preference settings you provide.
  • Billing data: your top-up history and credit balance. Payment card details are handled by our payment processor (Creem); we do not store full card numbers.
  • Usage data: metadata about your API requests — timestamps, model, token counts, status codes, and computed cost — used for billing, support, and abuse prevention.
  • Request content: by default we do not retain the content of your prompts or the model responses. If you opt in to audit logging, the data is streamed to a storage destination you control (for example, your own S3 bucket).
  • Technical data: IP address, browser and device information, and a locale preference cookie, used for security, fraud prevention, and to remember your language.

2. How we use data

  • To provide, operate, and improve the service.
  • To process payments and maintain your credit balance.
  • To detect, prevent, and investigate fraud, abuse, and security incidents.
  • To provide customer support and respond to your requests.
  • To comply with legal, tax, and accounting obligations.

3. How requests are processed and who we share data with

To fulfill your API requests, we transmit them to third-party AI model providers. We also share limited data with infrastructure, analytics, and payment providers — including our Merchant of Record, Creem — strictly to operate the service, and with authorities where we are legally required to do so.

We do not sell your personal data.

4. Cookies

Our marketing site uses a single locale-preference cookie. The console uses authentication and session cookies that are necessary to keep you signed in. We do not use third-party advertising cookies.

5. Data retention

We keep account and billing records for as long as your account is active and for as long as we are required to for legal and tax purposes. Usage metadata is retained for a limited period for billing, support, and security. Prompt and response content is not retained by default.

6. Security

We protect data with encryption in transit, access controls, and secret management. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

7. International transfers

Your data may be processed in countries other than the one you live in. Where required, we rely on appropriate safeguards for those transfers.

8. Your rights

Depending on where you live (for example, under the EU/UK GDPR or the California CCPA/CPRA), you may have the right to access, correct, delete, port, or restrict the processing of your personal data, and to object to certain processing. To exercise these rights, contact us at hi@corouter.co. You may also have the right to complain to your local data-protection authority.

9. Children

The service is not directed to, and may not be used by, anyone under 18 (or the age of majority where they live). We do not knowingly collect data from children.

10. Changes and contact

We may update this policy from time to time; material changes will be posted here with a new date. Questions or requests: hi@corouter.co.