Privacy Policy
1. Introduction
Routeway ("we," "our," or "us") operates an AI API routing service and dashboard platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services at https://routeway.ai and https://api.routeway.ai (the "Service").
By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.
2. Information We Collect
2.1 Personal Information
We collect the following personal information:
- Account Information: Name, email address, username, and password
- Payment Information: Credit card details, billing address, and payment history (processed through secure third-party payment processors)
- Contact Information: Email addresses and any information you provide when contacting support
2.2 Usage Data
We automatically collect information about how you use our Service:
- API Usage: Number of API calls, endpoints accessed, timestamps, response codes, model names used
- Dashboard Activity: Features used, settings configured, login times
- Performance Data: Response times, error rates, usage patterns
- Error Logs: API prompts and responses may be temporarily stored only when errors occur for troubleshooting purposes and are deleted within 48 hours
Important Note on Prompt Storage: We do NOT store your API prompts, requests, or responses under normal operating conditions. Prompts and responses are only temporarily retained (maximum 48 hours) when system errors occur to facilitate debugging and service improvement. However, the third-party AI model providers we route requests to may have their own data retention policies.
2.3 Technical Data
We collect technical information including:
- Device Information: IP address, browser type and version, operating system
- Log Data: Server logs, access logs, error logs
- Cookies and Tracking Technologies: Session cookies, analytics cookies, preference cookies
3. How We Use Your Information
We use collected information for the following purposes:
3.1 Service Provision
- Providing and maintaining our AI API routing services
- Managing your account and dashboard access
- Processing API requests and routing to appropriate AI models
- Authenticating users and preventing unauthorized access
3.2 Business Operations
- Processing payments and managing billing
- Providing customer support and responding to inquiries
- Monitoring service performance and uptime
- Detecting and preventing fraud or abuse
3.3 Communications
- Sending service-related notifications and updates
- Responding to support requests
3.4 Improvement and Analytics
- Analyzing usage patterns to improve our services
- Developing new features and functionality
- Conducting research and analytics
- Optimizing API routing performance
4. Data Sharing and Disclosure
4.1 Third-Party Service Providers
We share information with trusted third parties who assist in operating our Service:
- Payment Processors: Dodo Payments or other payment providers for billing
- Analytics Providers: Google Analytics, or similar services
- Cloud Infrastructure: AWS, Google Cloud, or other hosting providers
- AI Model Providers: OpenAI, Anthropic, and other AI service providers for API routing
Important Notice Regarding AI Providers: When you use our API routing service, your prompts and requests are forwarded to third-party AI model providers (such as OpenAI, Anthropic, etc.). Each AI provider has their own data retention and usage policies. We recommend reviewing the privacy policies of the specific AI providers you use through our service, as they may store, process, or use your prompts according to their own terms. We are not responsible for how third-party AI providers handle your data.
4.2 Legal Requirements
We may disclose your information when required by law or to:
- Comply with legal obligations, court orders, or government requests
- Protect our rights, property, or safety, or that of our users
- Investigate potential violations of our Terms of Service
- Prevent fraud or other illegal activities
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.
5. Data Security
5.1 Security Measures
We implement appropriate technical and organizational measures to protect your data:
- Encryption: Data transmission
- Regular Audits: Security assessments and vulnerability testing
- Secure Infrastructure: Industry-standard cloud security practices
5.2 Data Breach Notification
In the event of a data breach that may compromise your personal information, we will:
- Notify affected users within 72 hours of discovery
- Report to relevant supervisory authorities as required by law
- Take immediate steps to contain and remedy the breach
6. Your Rights and Choices
6.1 Data Subject Rights (GDPR)
If you are located in the EU/EEA, you have the following rights:
- Access: Request access to your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Portability: Request transfer of your data to another service
- Restriction: Request limitation of data processing
- Objection: Object to certain types of data processing
6.2 Account Management
You can:
- Update your account information through the dashboard
- Delete your account and associated data
- Review your API usage history
6.3 Exercising Your Rights
To exercise these rights, contact us at [[email protected]]. We will respond within 30 days of receiving your request.
7. Cookies and Tracking Technologies
7.1 Types of Cookies
We use the following types of cookies:
- Essential Cookies: Required for the Service to function properly
- Analytics Cookies: Help us understand how users interact with our Service
- Preference Cookies: Remember your settings and preferences
- Marketing Cookies: Used for targeted advertising (with consent)
7.2 Cookie Management
You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.
7.3 Third-Party Tracking
We use third-party analytics and advertising services that may track your activity across websites. You can opt out through:
- Google Analytics Opt-out Browser Add-on
- Industry opt-out tools like YourOnlineChoices.eu
8. International Data Transfers
8.1 Data Processing Locations
Your data may be processed in:
- European Union (primary data centers)
- United States (cloud infrastructure and AI model providers)
- Other countries where our service providers operate
8.2 Transfer Safeguards
For transfers outside the EU/EEA, we ensure adequate protection through:
- EU-U.S. Data Privacy Framework participation
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
9. Data Retention
9.1 Retention Periods
We retain your data for the following periods:
- Account Data: Until account deletion plus 30 days
- Payment Data: 7 years for tax and accounting purposes
- Usage Logs: As long the service exists for service optimization
- Support Communications: 3 years for quality assurance
- API Prompts/Responses: NOT stored under normal conditions; only temporarily retained (maximum 48 hours) when errors occur for debugging purposes
9.2 Deletion Procedures
Upon account deletion or retention period expiry, we:
- Permanently delete personal data from active systems
- Remove data from backups within 90 days
- Anonymize data used for analytics and research
10. Children's Privacy
Our Service is not intended for children under 13 (or 16 in the EU). We do not knowingly collect personal information from children. If we discover we have collected such information, we will delete it immediately.
11. California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act:
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of the sale of personal information
- Right to non-discrimination for exercising privacy rights
We do not sell personal information to third parties.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically. We will:
- Post the updated policy on our website
- Announce material changes in our Discord server
- Update the "Last Updated" date at the bottom of this policy
Continued use of the Service after changes constitutes acceptance of the updated policy.
13. Contact Information
For privacy-related questions or requests, contact us at:
Email: [email protected]
For EU residents, you also have the right to lodge a complaint with your local supervisory authority.
Last Updated: 28.06.2025