Privacy Policy

1. Overview

MaxRouter ("we", "us", "our") operates an AI API gateway service that routes API requests between clients and AI model providers. This privacy policy explains how we handle information when you use our service.

2. Zero Data Retention

We do not store, log, or retain any API request or response data. Your prompts, completions, and conversation content pass through our gateway in real-time and are immediately discarded after the response is delivered.

• We do not use your data for model training or fine-tuning
• We do not store conversation histories
• We do not analyze or process your content beyond routing
• Temporary in-memory processing is used solely for request routing and rate limiting

3. Account Information

When you create an account, we collect only the minimum information necessary:

• Email address (for account access and communication)
• API key (generated for authentication)
• Usage metrics (token counts for billing purposes only, no content)

4. Third-Party Model Providers

Your API requests are forwarded to third-party AI model providers (OpenAI, Anthropic, Google, etc.). Each provider has its own privacy policy and data handling practices. We encourage you to review their policies:

• OpenAI Privacy Policy
• Anthropic Privacy Policy
• Google Privacy Policy

5. Cookies & Analytics

Our website uses minimal cookies for essential functionality (session management). We use privacy-respecting analytics to understand site usage patterns. We do not track users across third-party websites.

6. GDPR Compliance

For users in the European Economic Area (EEA):

• Legal basis: Processing is necessary for performance of our service contract
• Data retention: Account data is retained while your account is active; deleted within 30 days of account closure
• Your rights: Access, rectification, erasure, portability, and objection — contact us to exercise these rights
• Data transfers: API requests may be processed by model providers in various jurisdictions

7. Security

All API traffic is encrypted with TLS 1.3. API keys are stored using industry-standard hashing algorithms. We conduct regular security audits and maintain enterprise-grade infrastructure protections.

8. Contact

For privacy-related inquiries, contact us at [email protected] or visit our contact page.