Privacy Policy

1. Introduction

Routeway ("we," "our," or "us") operates an AI API routing service and dashboard platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services at https://routeway.ai and https://api.routeway.ai (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

  • Account Information: Name, email address, username, and password
  • Payment Information: Credit card details, billing address, and payment history (processed through secure third-party payment processors)
  • Contact Information: Email addresses and any information you provide when contacting support

2.2 Usage Data

We automatically collect information about how you use our Service:

  • API Usage: Number of API calls, endpoints accessed, timestamps, response codes, model names used
  • Dashboard Activity: Features used, settings configured, login times
  • Performance Data: Response times, error rates, usage patterns
  • Error Logs: API prompts and responses may be temporarily stored only when errors occur for troubleshooting purposes and are deleted within 48 hours

Important Note on Prompt Storage: We do NOT store your API prompts, requests, or responses under normal operating conditions. Prompts and responses are only temporarily retained (maximum 48 hours) when system errors occur to facilitate debugging and service improvement. However, the third-party AI model providers we route requests to may have their own data retention policies.

2.3 Technical Data

We collect technical information including:

  • Device Information: IP address, browser type and version, operating system
  • Log Data: Server logs, access logs, error logs
  • Cookies and Tracking Technologies: Session cookies, analytics cookies, preference cookies

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Provision

  • Providing and maintaining our AI API routing services
  • Managing your account and dashboard access
  • Processing API requests and routing to appropriate AI models
  • Authenticating users and preventing unauthorized access

3.2 Business Operations

  • Processing payments and managing billing
  • Providing customer support and responding to inquiries
  • Monitoring service performance and uptime
  • Detecting and preventing fraud or abuse

3.3 Communications

  • Sending service-related notifications and updates
  • Responding to support requests

3.4 Improvement and Analytics

  • Analyzing usage patterns to improve our services
  • Developing new features and functionality
  • Conducting research and analytics
  • Optimizing API routing performance

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We share information with trusted third parties who assist in operating our Service:

  • Payment Processors: Dodo Payments or other payment providers for billing
  • Analytics Providers: Google Analytics, or similar services
  • Cloud Infrastructure: AWS, Google Cloud, or other hosting providers
  • AI Model Providers: OpenAI, Anthropic, and other AI service providers for API routing

Important Notice Regarding AI Providers: When you use our API routing service, your prompts and requests are forwarded to third-party AI model providers (such as OpenAI, Anthropic, etc.). Each AI provider has their own data retention and usage policies. We recommend reviewing the privacy policies of the specific AI providers you use through our service, as they may store, process, or use your prompts according to their own terms. We are not responsible for how third-party AI providers handle your data.

4.2 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal obligations, court orders, or government requests
  • Protect our rights, property, or safety, or that of our users
  • Investigate potential violations of our Terms of Service
  • Prevent fraud or other illegal activities

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.

5. Data Security

5.1 Security Measures

We implement appropriate technical and organizational measures to protect your data:

  • Encryption: Data transmission
  • Regular Audits: Security assessments and vulnerability testing
  • Secure Infrastructure: Industry-standard cloud security practices

5.2 Data Breach Notification

In the event of a data breach that may compromise your personal information, we will:

  • Notify affected users within 72 hours of discovery
  • Report to relevant supervisory authorities as required by law
  • Take immediate steps to contain and remedy the breach

6. Your Rights and Choices

6.1 Data Subject Rights (GDPR)

If you are located in the EU/EEA, you have the following rights:

  • Access: Request access to your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Request transfer of your data to another service
  • Restriction: Request limitation of data processing
  • Objection: Object to certain types of data processing

6.2 Account Management

You can:

  • Update your account information through the dashboard
  • Delete your account and associated data
  • Review your API usage history

6.3 Exercising Your Rights

To exercise these rights, contact us at [[email protected]]. We will respond within 30 days of receiving your request.

7. Cookies and Tracking Technologies

7.1 Types of Cookies

We use the following types of cookies:

  • Essential Cookies: Required for the Service to function properly
  • Analytics Cookies: Help us understand how users interact with our Service
  • Preference Cookies: Remember your settings and preferences
  • Marketing Cookies: Used for targeted advertising (with consent)

7.2 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.

7.3 Third-Party Tracking

We use third-party analytics and advertising services that may track your activity across websites. You can opt out through:

  • Google Analytics Opt-out Browser Add-on
  • Industry opt-out tools like YourOnlineChoices.eu

8. International Data Transfers

8.1 Data Processing Locations

Your data may be processed in:

  • European Union (primary data centers)
  • United States (cloud infrastructure and AI model providers)
  • Other countries where our service providers operate

8.2 Transfer Safeguards

For transfers outside the EU/EEA, we ensure adequate protection through:

  • EU-U.S. Data Privacy Framework participation
  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission

9. Data Retention

9.1 Retention Periods

We retain your data for the following periods:

  • Account Data: Until account deletion plus 30 days
  • Payment Data: 7 years for tax and accounting purposes
  • Usage Logs: As long the service exists for service optimization
  • Support Communications: 3 years for quality assurance
  • API Prompts/Responses: NOT stored under normal conditions; only temporarily retained (maximum 48 hours) when errors occur for debugging purposes

9.2 Deletion Procedures

Upon account deletion or retention period expiry, we:

  • Permanently delete personal data from active systems
  • Remove data from backups within 90 days
  • Anonymize data used for analytics and research

10. Children's Privacy

Our Service is not intended for children under 13 (or 16 in the EU). We do not knowingly collect personal information from children. If we discover we have collected such information, we will delete it immediately.

11. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising privacy rights

We do not sell personal information to third parties.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will:

  • Post the updated policy on our website
  • Announce material changes in our Discord server
  • Update the "Last Updated" date at the bottom of this policy

Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Information

For privacy-related questions or requests, contact us at:

Email: [email protected]

For EU residents, you also have the right to lodge a complaint with your local supervisory authority.

Last Updated: 28.06.2025