Short version
- We don’t persist the content of your prompts or model outputs.
- We do keep a metadata log per request — timestamp, model, token counts, latency, HTTP status code — for billing, security, and debugging.
- We never sell your data.
- For the complete legally-binding policy, see our Privacy Policy.
What we store
Account metadata- Your email address and display name
- Password hash (never stored in clear)
- OAuth provider IDs (Google, Microsoft, GitHub, OIDC) if you sign in that way
- Timestamp
- API key identifier (not the secret value)
- Model requested and whether it was resolved from a router
- Input and output token counts
- Latency and HTTP status code
- Truncated error message if the upstream returned one
- Source IP address (for rate-limiting and abuse prevention)
- Stripe customer ID and invoice metadata
- Last four digits of the card (not the full number — Stripe holds that)
What we do not store
- Prompt content
- Model outputs (response text, generated images, audio, etc.)
- Embeddings you generate
- Tool call arguments or tool call results
- Files you upload to
/v1/audio/*or/v1/images/edits
Where your data goes
OrcaRouter is a proxy. When you send a request, we forward it to the upstream provider (OpenAI, Anthropic, Google, etc.) under their own terms and privacy policy. We don’t transform the content. The list of subprocessors and their roles is in our Privacy Policy.How to delete everything
- Delete your account from the dashboard. We purge your account data within 30 days (brief grace period in case of accidental deletion).
- Request-level metadata (the per-request log rows) has its own retention — 13 months from the request date by default. This retention is necessary to respond to billing disputes and detect abuse.
- Billing records are retained for 7 years under accounting law requirements. These are numbers, not prompts.