California residents have the right under CCPA to know what personal data OpenRouter has collected, to request deletion or correction of that data, and to opt out of the sale or sharing of their personal information, without being penalized for exercising these rights.
This analysis describes what OpenRouter's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy enumerates the full set of CCPA rights available to California residents, including the right to opt out of sharing for cross-context behavioral advertising and the right to limit use of sensitive personal information, which are rights added by the CPRA amendments.
California residents can submit requests to access, delete, correct, or opt out of sharing of their personal data by contacting OpenRouter at privacy@openrouter.ai or through the designated opt-out mechanism, and the policy states they will not be discriminated against for exercising these rights.
Cross-platform context
See how other platforms handle CCPA Rights for California Residents and similar clauses.
Compare across platforms →Monitoring
OpenRouter has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"If you are a California resident, you have the following rights under the CCPA: The right to know about the personal information a business collects about you and how it is used and shared; The right to delete personal information collected from you (with some exceptions); The right to correct inaccurate personal information that a business has about you; The right to opt-out of the sale or sharing of your personal information; The right to limit the use and disclosure of your sensitive personal information; The right to non-discrimination for exercising your CCPA rights.— Excerpt from OpenRouter's OpenRouter Privacy Policy
1. REGULATORY LANDSCAPE: This provision addresses California Consumer Privacy Act obligations as amended by the CPRA, enforced by the California Privacy Protection Agency and the California Attorney General. The inclusion of rights to correct data and limit sensitive personal information use reflects CPRA amendments effective January 2023. Compliance with response timelines (45 days, extendable by an additional 45 days) is required under CCPA. 2. GOVERNANCE EXPOSURE: Medium. The policy discloses CCPA rights but does not specify the response timeline or the process for verifying requestor identity, which are operational details that regulators may scrutinize. The absence of a dedicated web form for submitting CCPA requests (the policy directs users to email privacy@openrouter.ai) may warrant review against CPPA guidance on accessible request mechanisms. 3. JURISDICTION FLAGS: Applies specifically to California residents. Organizations with California employees or customers who use OpenRouter as a vendor should note that the CCPA rights framework applies to personal data collected from those individuals. 4. CONTRACT AND VENDOR IMPLICATIONS: B2B customers subject to CCPA as businesses should confirm that OpenRouter can operationally fulfill data subject requests within the required 45-day window and that a formal service provider agreement with appropriate use restrictions is available. 5. COMPLIANCE CONSIDERATIONS: Compliance teams should verify that the email-based request mechanism at privacy@openrouter.ai is operationally resourced to meet CCPA response timelines, and should assess whether a web-based request form is required under applicable CPPA guidance. The Do Not Sell or Share link referenced in the policy should be verified as functional and accessible.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy enumerates the full set of CCPA rights available to California residents, including the right to opt out of sharing for cross-context behavioral advertising and the right to limit use of sensitive personal information, which are rights added by the CPRA amendments.
California residents can submit requests to access, delete, correct, or opt out of sharing of their personal data by contacting OpenRouter at privacy@openrouter.ai or through the designated opt-out mechanism, and the policy states they will not be discriminated against for exercising these rights.
ConductAtlas has identified this type of provision across 8 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by OpenRouter.