Legal

Privacy Policy

This policy explains what data Neural Router collects, how we use and protect it, and the choices and rights you have. It applies to the Neural Router platform, API, and website.

Last updated June 24, 2026

Overview

Neural Router, Inc. ("Neural Router," "we," or "us") provides an inference control plane that routes API requests to third-party model providers. We act as a processor of the prompts and completions you send through the API, and as a controller of the account and operational data needed to run the service.

We designed the platform to minimize the data we hold: routing decisions are made on metadata, and workspaces can enable zero-retention so prompt content is never stored.

Information we collect

  • Account data — name, work email, organization, and authentication identifiers when you sign up or sign in via SSO.
  • Workspace & billing data — workspaces, API keys (we store only a one-way prefix and the last four characters), plan, usage counts, and invoices.
  • Request metadata — model selected, token counts, latency, cost, region, and timestamps, used for routing, billing, analytics, and the audit log.
  • Prompt & completion content — only as described in Prompt & completion data.
  • Website & device data — standard log and analytics data (IP, browser, pages) for security and product improvement.

How we use data

We use data to:

  • Provide, route, and secure API requests.
  • Enforce budgets, guardrails, residency, and access controls.
  • Bill accurately and prevent fraud and abuse.
  • Provide observability, analytics, and the audit log.
  • Support you and communicate service updates.

We do not use your prompts or completions to train models, and we do not sell personal information.

Prompt & completion data

When you send a request, prompt content is transmitted to the selected model provider to generate a response. By default, prompts and completions are retained only transiently to deliver the response and, if you enable request logging, for the retention window you configure.

Workspaces with zero-retention enabled route only to providers that contractually commit to zero retention, and Neural Router stores no prompt or completion content for those requests — only metadata.

Retention & zero-retention

Account and billing records are kept for the life of your account and as required by law. Request metadata is retained per your workspace log-retention setting (default 30 days). Request content, when logged, is deleted at the end of the configured window; with zero-retention, it is never written to disk. You can export or delete workspace data from the dashboard or by contacting us.

Sub-processors

To deliver the service we use sub-processors, including the model providers that fulfill your requests (e.g. OpenAI, Anthropic, Mistral, and others you route to), cloud hosting, and payment processing. Model providers receive prompt content only for requests routed to them, and only providers that meet your residency and retention policy are eligible. A current list of sub-processors is available on request, and we provide advance notice of material changes.

International transfers

We operate in multiple regions and support pinning inference to a jurisdiction (US, EU, MENA, Gulf) via residency controls. Where data is transferred across borders, we rely on appropriate safeguards such as Standard Contractual Clauses. Residency-pinned workspaces keep inference within the selected region.

Your rights

Depending on your location, you may have rights to access, correct, export, delete, or restrict the processing of your personal data, and to object or withdraw consent. We honor GDPR, UK GDPR, and CCPA/CPRA rights. To exercise them, contact privacy@neuralrouter.ai; we respond within the timelines required by applicable law.

Security

We encrypt data in transit and at rest, enforce least-privilege access, and undergo independent audits. See our Security page for details and how to report a vulnerability.

Changes to this policy

We may update this policy as the service evolves. We will post the revised version here with a new effective date and, for material changes, provide additional notice. Continued use after an update constitutes acceptance.

Contact

Questions about this policy or our data practices? Reach our privacy team at privacy@neuralrouter.ai.