OpenRouter uses cookies and tracking scripts to collect browsing data automatically, personalize the site, and market additional products or services to users.
This analysis describes what OpenRouter's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy states that tracking technologies are used to market additional products or services, which may constitute cross-context behavioral advertising subject to opt-out rights under CCPA and consent requirements under GDPR.
Interpretive note: The specific third-party cookie vendors used for marketing are not disclosed, limiting assessment of the full scope of tracking; the existence of a GDPR-compliant consent management mechanism cannot be confirmed from the document alone.
Browsing behavior, pages visited, and links clicked on the OpenRouter site may be collected via cookies and tracking scripts and used for marketing purposes; California users have the right to opt out of cross-context behavioral advertising by contacting privacy@openrouter.ai.
Cross-platform context
See how other platforms handle Cookies and Cross-Context Behavioral Advertising and similar clauses.
Compare across platforms →Monitoring
OpenRouter has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may use cookies, embedded scripts, and other similar tracking technologies ("Tracking Technologies") to collect additional personal data automatically as you interact with the Site and to personalize your experience with our Site. These technologies help us recognize you, customize or personalize your experience, market additional products or services to you, and analyze the use of our Service to make them safer and more useful to you.— Excerpt from OpenRouter's OpenRouter Privacy Policy
1. REGULATORY LANDSCAPE: CCPA as amended by CPRA defines sharing personal information for cross-context behavioral advertising as a regulated activity subject to opt-out rights. GDPR and the EU ePrivacy Directive require prior informed consent for non-essential cookies, enforced by national data protection authorities. The FTC Act applies to representations about tracking and marketing practices. 2. GOVERNANCE EXPOSURE: Medium. The policy discloses the use of tracking technologies for marketing but does not detail the specific third-party vendors involved or whether a consent management platform is deployed for EU users. The absence of a cookie consent banner or consent mechanism disclosure may be relevant for GDPR ePrivacy compliance. 3. JURISDICTION FLAGS: EU and UK users are most affected by ePrivacy Directive requirements for prior consent to non-essential cookies. California users have CCPA opt-out rights for cross-context behavioral advertising. Other US state privacy laws (Virginia, Colorado, Connecticut) also provide opt-out rights for targeted advertising. 4. CONTRACT AND VENDOR IMPLICATIONS: Organizations deploying OpenRouter-branded or white-labeled services should confirm that any tracking technologies operating on the platform comply with applicable cookie consent requirements in their deployment jurisdictions. Procurement teams should request a list of third-party cookie vendors. 5. COMPLIANCE CONSIDERATIONS: Legal teams should audit whether OpenRouter's cookie implementation for EU-facing deployments includes a compliant consent management mechanism. California users should confirm that the Do Not Sell or Share opt-out mechanism extends to cross-context behavioral advertising conducted via cookies.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy states that tracking technologies are used to market additional products or services, which may constitute cross-context behavioral advertising subject to opt-out rights under CCPA and consent requirements under GDPR.
Browsing behavior, pages visited, and links clicked on the OpenRouter site may be collected via cookies and tracking scripts and used for marketing purposes; California users have the right to opt out of cross-context behavioral advertising by contacting privacy@openrouter.ai.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by OpenRouter.