Data Collection

How TheRouter.ai handles prompts, outputs, and request metadata

TheRouter.ai is built for production privacy. Prompt and completion bodies are not retained unless you intentionally enable prompt logging for debugging or quality review workflows.

What TheRouter.ai stores by default

By default, TheRouter.ai stores request metadata only: model ID, provider used, latency, token counts, status code, and billing counters. This powers activity analytics and spend controls without retaining prompt text.

metadata-example.json

{
  "request_id": "req_01JZ...",
  "model": "anthropic/claude-sonnet-4.5",
  "prompt_tokens": 1240,
  "completion_tokens": 302,
  "latency_ms": 2190,
  "provider": "bedrock-us-east-2"
}

Optional prompt logging

For incident triage, evaluation, or regression testing, you can explicitly enable prompt logging at the account, key, or request level. Keep retention windows short and restricted to trusted staff.

TypeScript

const response = await fetch("https://api.therouter.ai/v1/chat/completions", {
  method: "POST",
  headers: {
    Authorization: "Bearer <THEROUTER_API_KEY>",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    model: "openai/gpt-4o",
    messages: [{ role: "user", content: "Summarize this log" }],
    metadata: {
      logging: { prompt: true, retention_days: 7 },
    },
  }),
});

Default to least retention

Enable content logging only for flows that truly need it. For most production traffic, metadata-only mode is enough for billing and reliability analysis.

Governance checklist

Pair TheRouter.ai settings with your internal controls: data classification, legal review, and access auditing. If you process regulated data, enforce request-level policy tags in your gateway before forwarding to TheRouter.ai.

privacy-checklist.txt

- Define allowed data classes per endpoint
- Require approved models/providers for sensitive workloads
- Set prompt retention to 0 unless an exception exists
- Rotate API keys and review activity export monthly