ModelRoute

Privacy Policy

Last updated: February 7, 2026

1. Introduction

AI Model Marketplace ("we", "us", "our") operates the ModelRoute platform, a unified API for AI models. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Data We Collect

Account Information

When you register, we collect your name, email address, and organization name. If you sign up via OAuth, we receive your name and email from Google or GitHub.

Payment Information

Payment processing is handled by Stripe. We do not store your credit card numbers. We retain Stripe customer IDs and payment method metadata for billing purposes.

Usage Data

We collect API request logs, model execution history, token usage, and cost data associated with your organization.

Technical Data

We collect IP addresses, user agent strings, and session metadata for security and authentication purposes.

3. How We Use Your Data

  • Authentication and access control: Verifying your identity and managing sessions.
  • Service delivery: Routing API requests to AI providers and tracking usage.
  • Billing: Processing payments, managing balances, and generating invoices.
  • Fraud prevention and security: Detecting suspicious activity, rate limiting, and audit logging.
  • Service improvement: Analyzing usage patterns to improve reliability and performance.
  • Communication: Sending transactional emails such as verification, password reset, and billing notifications.

4. Third-Party Data Processors

We share your data with the following third-party processors as necessary to operate our service:

  • Stripe: Payment processing and billing.
  • Google Cloud Platform: Infrastructure hosting and data storage.
  • Vercel: Frontend hosting and delivery.
  • Google and GitHub (OAuth): Authentication when you choose to sign in with these providers.
  • AI Model Providers (OpenAI, Anthropic, etc.): Prompt and completion data is forwarded to the provider you select for execution. We do not store prompt or completion content.

5. Data Retention

  • Account data: Retained for as long as your account is active. Deleted upon account deletion request.
  • Session data: Expired sessions are automatically deleted within 7 days after expiry.
  • Password reset tokens: Deleted within 24 hours after use or expiration.
  • Authentication audit logs: Retained for 90 days, then archived or deleted.
  • Execution history and usage data: Retained for 12 months. Organizations may request earlier deletion.
  • Billing records: Retained for the legally required period (typically 7 years) for tax and accounting compliance.

6. Your Rights

Under applicable data protection laws (including GDPR), you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing of your data for specific purposes.
  • Restriction: Request restriction of processing in certain circumstances.

To exercise any of these rights, contact us at privacy@aimodelmarketplace.com. We will respond within 30 days.

7. Cookies

We use session cookies solely for authentication purposes. These cookies are HTTP-only, secure, and contain a session token that identifies your login session. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

8. Cross-Border Data Transfers

Our primary infrastructure is hosted in the United States on Google Cloud Platform. If you are located outside the United States, your data will be transferred to and processed in the US. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection for data transferred from the EU/EEA.

9. Security

We implement industry-standard security measures including encryption in transit (TLS), hashed passwords (Argon2), CSRF protection, rate limiting, and audit logging. While we strive to protect your personal data, no method of transmission over the Internet is completely secure.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

privacy@aimodelmarketplace.com