← Back to ROUTEXOR

Privacy Policy

Effective July 9, 2026

1. Overview

This Privacy Policy explains how ATERNA AI ("we", "us") collects, uses, and protects information when you use ROUTEXOR (the "Service"). We designed ROUTEXOR to hold as little of your data as possible: it is a bring-your-own-key router, so your AI usage runs on your own provider keys.

2. Information We Collect

Account information: your email address, an encrypted password hash, and an optional display name. Provider keys: the third-party API keys you choose to add, which we store encrypted (see Security). Usage metadata: per-request records such as timestamp, model, provider, token counts, latency, computed cost, and status, used for your analytics and billing limits. Payment information: handled by our payment provider, Polar; we do not store your card details.

3. What We Do Not Do

We do not sell your personal information. We do not use your prompts or model outputs to train models. We do not log the content of your prompts or completions as part of normal routing beyond what is necessary to deliver the response.

4. How We Use Information

We use your information to operate the Service: authenticate you, route your requests using your keys, show you usage analytics, enforce plan limits, process subscriptions, provide support, maintain security, and comply with legal obligations.

5. Security

Provider keys are encrypted at rest using AES-256-GCM with per-user key derivation, and are used only to route your requests. Passwords are stored as salted bcrypt hashes. We use encrypted transport (HTTPS) and per-tenant isolation. No system is perfectly secure, but we take reasonable measures to protect your data.

6. Third Parties

To deliver the Service we share limited data with: your chosen AI providers (your requests, routed with your keys, are sent to them under your own agreements); Polar, our payment processor and merchant of record; and infrastructure providers that host the Service. These parties process data on our behalf or under their own terms as applicable.

7. Cookies

We use a single essential, http-only session cookie to keep you logged in. We do not use advertising or third-party tracking cookies.

8. Data Retention

We retain account and usage data for as long as your account is active and as needed to provide the Service and meet legal or accounting requirements. You may delete your provider keys at any time, and you may request deletion of your account and associated data.

9. Your Rights

Depending on your location, you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. To exercise these rights, contact us at privacy@routexor.com.

10. Children

The Service is not directed to individuals under 18, and we do not knowingly collect their information.

11. Changes

We may update this Policy from time to time. Material changes will be reflected by updating the effective date, and where appropriate we will provide notice.

12. Contact

Questions about this Policy or your data can be sent to privacy@routexor.com.