7 Total
1 High severity
6 Medium severity
0 Low severity
Summary

This is OpenRouter, Inc.'s privacy policy, covering how the company collects and uses personal data from users of the openrouter.ai website and its AI model routing service. The policy authorizes collection of user Inputs sent through the Service, device identifiers, IP addresses, browsing history, location data, and transaction details, and states that OpenRouter does not control how third-party AI model providers use those Inputs, including for model training. The policy also reserves the right to share personal data with advertising and analytics partners, service providers, and in connection with business transfers such as mergers or acquisitions.

Technical / Legal Breakdown

This document is OpenRouter, Inc.'s Privacy Policy, last updated April 15, 2025, governing the collection, use, and disclosure of personal data across the openrouter.ai website, its Service, and third-party applications that link to this policy; the stated legal basis for processing is user consent established by continued use of the Site or Service. The policy authorizes collection of name, email address, mailing address, telephone number, user Inputs to the Service, transaction and Credits purchase details, search queries, IP address, operating system and browser type, location data, browsing history, and cookie-derived behavioral data across third-party sites and over time; the terms also authorize sharing with service providers, business partners, advertising and analytics partners, and in connection with corporate transactions such as mergers or acquisitions. The policy expressly disclaims responsibility for how third-party AI model providers handle user Inputs or Outputs, including for model training purposes, and reserves the right to modify the policy at any time without prior notice for non-material changes, with material changes communicated by email to registered users only. The policy references CCPA rights for California residents, including disclosure, deletion, and opt-out rights, and engages GDPR-relevant concepts such as data subject rights and cross-border data transfers, though specific transfer mechanisms are not detailed; applicability of these frameworks depends on user jurisdiction and the company's classification under each regime. Compliance teams should evaluate the adequacy of consent mechanisms under GDPR given that the policy relies on continued use as a consent signal, and should assess the scope of third-party AI provider data flows given the explicit disclaimer of responsibility for downstream handling of user Inputs.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

3 important changes detected

4 versions captured · Last updated: June 2026

What changed OpenRouter's privacy policy header was updated on June 23, 2026 to include a search function (noted as 'Search ⌘ K') in the navigation bar. No substantive policy language was modified. This is a formatting and navigation change to the policy document's interface, not a change to the privacy terms or data practices themselves.
Why this matters This change does not alter OpenRouter's privacy practices, data collection, or user rights. The updated language consists of a navigation interface change only. No new permissions, restrictions, or obligations are introduced by this modification.
View full change record →
What changed OpenRouter's Privacy Policy was updated on May 24, 2026. The navigation menu now displays 'No models found' instead of a direct 'Models' link in the header. This appears to be a minor UI or navigation change in how the policy document presents itself rather than a substantive change to privacy practices or user data handling.
Why this matters This change does not materially affect the privacy terms or data handling practices described in OpenRouter's Privacy Policy. The detected modification appears to be a navigation menu adjustment in the document header rather than a substantive change to privacy rights, data collection, or user obligations.
View full change record →

May 13, 2026 low

OpenRouter's Privacy Policy header was updated on May 13, 2026 to change navigation labeling from 'Fusion Models' to 'Models'. This appears to be a navigation reorganization in the header section …

View change record →

Recent Provision Changes Jun 23, 2026

7 provisions unchanged.

View full change record →
High — 1 provision
Medium — 6 provisions

Monitoring

OpenRouter has updated this document before.

Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

Compliance Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Compliance free trial

Cross-platform context

See how other platforms handle Disclaimer of Responsibility for LLM Provider Handling of User Inputs and similar clauses.

Compare across platforms →
Archival ProvenanceSource & Archival Record
Last Captured June 23, 2026 01:31 UTC
Capture Method Automated scheduled archival capture
Document ID CA-D-000811
Version ID CA-V-004153
SHA-256 ce3009070af8195007da7369af5637458db8fff2df70be5415413a6283ebd9fc
✓ Snapshot stored ✓ Text extracted ✓ Change verified ✓ Hash verified

Governance Monitoring

Monitor governance changes across the platforms you rely on.

Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.

Create free account Compare plans