Back to CheapRout
Legal Document
Legal

Privacy Policy

Effective Date: May 14, 2026  ·  Last Updated: May 14, 2026

CheapRout ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.

1. Information We Collect

Information You Provide Directly

  • Account information (name, email address) provided via OAuth authentication
  • API keys you voluntarily add for third-party AI providers (stored in masked/preview form)
  • Prompts and messages you submit to the AI routing system
  • Subscription and billing information (processed by third-party payment processors)

Information Collected Automatically

  • Usage data: token counts, model selections, cost estimates, and response times
  • Log data: IP address, browser type, pages visited, and timestamps
  • Session data: authentication cookies required to maintain your login state

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the CheapRout Service
  • Route your AI prompts to appropriate third-party providers
  • Track and display your usage statistics and cost savings
  • Process subscription payments and enforce plan limits
  • Send you operational notifications (e.g., low credit balance alerts)
  • Improve and optimize our routing algorithms and caching systems
  • Comply with legal obligations and enforce our Terms of Service

We do not sell your personal data to third parties. We do not use your prompts or AI responses to train AI models. Your data is used solely to provide the Service to you.

3. API Keys and Third-Party Providers

When you provide third-party API keys, we store only a masked preview (e.g., "sk-...abc1") for display purposes. The full key is stored in our database and used exclusively to route your requests to the respective AI provider on your behalf.

Your prompts are transmitted to third-party AI providers (Groq, DeepSeek, OpenAI, Anthropic, Google Gemini) as necessary to fulfill your requests. Each provider has their own privacy policy governing how they handle your data. We encourage you to review those policies.

We implement response caching to reduce costs. Cached responses are stored in our database keyed by a normalized hash of your prompt. No personally identifiable information is stored in cache keys.

4. Data Retention

We retain your account information for as long as your account is active. Chat history and usage logs are retained for up to 90 days for operational purposes. You may request deletion of your account and associated data at any time by contacting us at [email protected].

5. Data Security

We implement industry-standard security measures including HTTPS encryption for all data in transit, HTTP-only secure session cookies, role-based access controls, and input validation on all API endpoints. However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

6. Your Rights (GDPR / CCPA)

Depending on your location, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate personal data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restriction: Request that we restrict processing of your personal data
  • Right to Data Portability: Request a machine-readable export of your data
  • Right to Object: Object to processing of your personal data
  • California Residents (CCPA): You have the right to know, delete, and opt-out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

7. Cookies

We use strictly necessary session cookies to maintain your authenticated login state. These cookies are HTTP-only, secure, and expire when you log out or your session ends. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last Updated" date at the top of this page. Your continued use of the Service after any changes constitutes your acceptance of the new Privacy Policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at: [email protected]

Privacy PolicyTerms of Service← Back to CheapRout