Privacy Policy

Effective Date: January 2026
Last Updated: January 15, 2026
Data Controller: Krugis OÜ, Tallinn, Estonia

This Privacy Policy explains how Krugis OÜ ("Company," "we," "us," or "our") collects, uses, stores, shares, and protects your information when you use Route42 ("Service"). We are committed to transparency and compliance with data protection laws, including GDPR and CCPA.

Important Context: Route42 is a Windows desktop application that acts as a pass-through routing service. We do NOT store your prompts or AI responses. Your data passes through our infrastructure for routing decisions only. All personalization training happens locally on your Windows machine—no training data leaves your device.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address (for authentication and communication)
• Username (your chosen identifier)
• Password (stored as a bcrypt hash, never in plaintext)
• Account creation date and last login timestamp
• Subscription tier (Free or Pro)
• Payment information (processed by Stripe, we do not store credit card numbers)

1.2 Prompt Metadata (Not Content)

CRITICAL PRIVACY PROTECTION: We do NOT store the actual content of your prompts or AI-generated responses. Your conversations are not logged, archived, or accessible to our staff.

We collect only anonymized metadata for service optimization and to improve our proprietary routing algorithms:

• Complexity score (0-100 numerical scale)
• Prompt category (coding, general, creative, research, etc.)
• Timestamp (when request was made)
• Model selected (which LLM was chosen by routing algorithm)
• Provider type (local vs. cloud, anonymized provider name)
• Response time (latency in milliseconds)
• Success/failure status (HTTP status code)
• User preference signals (if you manually override routing)

What we do NOT collect: Prompt text, AI response text, personally identifiable content within prompts.

PASS-THROUGH ARCHITECTURE: Route42 operates as a pass-through proxy. When you submit a prompt, it is analyzed in real-time for complexity scoring and routing decisions, then immediately forwarded to the selected LLM (local or cloud). Your prompt content is NEVER written to disk, logged to databases, or stored in memory beyond the milliseconds required for routing. Once the AI response is returned to you, no copy exists on our servers.

1.3 Usage and Analytics Data

• API key usage statistics (request counts, rate limit events)
• Error logs (sanitized to remove prompt content)
• Feature usage patterns (which API endpoints are called)
• Subscription events (upgrades, downgrades, cancellations)

1.4 Technical and Device Information

• IP address (logged temporarily for security, anonymized after 7 days)
• User agent (browser type and version)
• Device type (desktop, mobile, operating system)
• Referrer URL (how you arrived at our site)

2. How We Use Your Information

Purpose	Legal Basis (GDPR)
Service Delivery: Authenticate users, route requests, enforce rate limits	Contractual necessity
Machine Learning: Train and improve our proprietary routing algorithms using anonymized metadata. The resulting model improvements, weights, and heuristics are the exclusive intellectual property of Krugis OÜ.	Legitimate interest
Performance Optimization: Monitor service health, detect anomalies, optimize response times	Legitimate interest
Billing: Process payments, manage subscriptions, generate invoices	Contractual necessity
Security: Detect fraud, prevent abuse, enforce Terms of Service	Legitimate interest
Communication: Send service updates, security alerts, promotional emails	Consent (opt-out available)
Legal Compliance: Comply with laws, regulations, court orders	Legal obligation

3. Data Storage, Retention, and Deletion

Data Type	Storage Location	Retention Period
Prompt Content	NOT stored	Never retained (passes through servers only)
Metadata	EU servers (Estonia/Germany)	90 days (raw), indefinitely (anonymized aggregate)
Account Data	EU servers	While account active + 30 days after deletion
Pro Training Data	Encrypted temporary storage	24-48 hours (purged after training cycle)
Payment Records	Stripe (PCI-compliant)	7 years (legal requirement)
Backups	Encrypted offsite	90 days rolling window

Account Deletion Process:

1. User initiates deletion via profile settings
2. Account marked for deletion, access immediately revoked
3. Personal data deleted within 30 days
4. Anonymized metadata retained for analytics
5. Backup purge within 90 days

4. Third-Party Data Sharing and Processing

4.1 Cloud LLM Providers

IMPORTANT: When Route42 routes your requests to cloud LLM providers, your prompt content is transmitted to their servers. Their privacy policies govern how your data is used. We have no control over third-party processing.

Major providers and their policies:

• OpenAI: https://openai.com/privacy - May use API data for abuse monitoring (not training by default for API users)
• Anthropic: https://www.anthropic.com/privacy - Does not train on API usage unless explicitly opted in
• Google (Gemini/PaLM): https://cloud.google.com/privacy - Processes data per Cloud Privacy Notice
• Cohere: https://cohere.com/privacy - Enterprise API data not used for training
• Meta (Llama via Together.ai, Replicate): Varies by hosting provider

Your Responsibility: Review third-party policies before using cloud routing. Choose local routing for sensitive data.

4.2 Payment Processor (Stripe)

All payment processing is handled by Stripe. We receive only:

• Customer ID (anonymized token)
• Subscription status (active/canceled/past_due)
• Last 4 digits of card and brand (for display purposes)

Stripe's Privacy Policy: https://stripe.com/privacy

4.3 Third-Party Services We Do NOT Use

✗ Google Analytics (no cross-site tracking)
✗ Facebook Pixel or social media tracking
✗ Third-party advertising networks
✗ Email list brokers or data resellers

4.4 Legal Disclosures

We may disclose your information if required by:

• Valid court orders or subpoenas
• Law enforcement requests with proper legal authority
• National security demands (with transparency report disclosure when legally permitted)
• Emergency situations to prevent imminent harm

Transparency Commitment: We will notify users of legal requests unless prohibited by law.

5. Data Security Measures

We implement industry-standard security controls:

• Encryption in Transit: TLS 1.3 for all API communications
• Encryption at Rest: AES-256 for database storage
• Password Security: Bcrypt hashing with salt (cost factor 12)
• API Authentication: Bearer tokens with HMAC signing
• Rate Limiting: DDoS protection and abuse prevention
• Access Controls: Role-based access, principle of least privilege
• Security Audits: Quarterly vulnerability scanning and penetration testing
• Incident Response: 24-hour breach notification plan
• Data Minimization: Collect only what's necessary, delete promptly

No System is 100% Secure: Despite our best efforts, unauthorized access, hacking, or data breaches may occur. You acknowledge this risk and agree to our liability limitations in the Terms of Service.

6. Local vs. Cloud Data Handling

Aspect	Local Routing	Cloud Routing
Prompt Transmission	Stays on your device	Sent to third-party servers
Our Access	Zero (never leaves your network)	Metadata only (not content)
Third-Party Access	None	LLM provider sees full prompt
Data Retention	Controlled by you	Per provider policy
Privacy Level	Maximum	Depends on provider

Recommendation: Use local routing for sensitive, personal, or confidential data. Use cloud routing for general tasks where advanced capabilities are needed.

7. Your Privacy Rights (GDPR/CCPA)

Under GDPR (EU) and CCPA (California), you have the following rights:

7.1 Right to Access

Request a copy of all personal data we hold about you. We will provide data in machine-readable JSON format within 30 days.

7.2 Right to Rectification

Correct inaccurate information. You can update email and username directly in account settings.

7.3 Right to Erasure ("Right to be Forgotten")

Delete your account and all associated personal data. Anonymized aggregate data may be retained for analytics.

7.4 Right to Data Portability

Export your data (account info, metadata, preferences) in JSON or CSV format.

7.5 Right to Object

Opt out of marketing emails, analytics, or automated decision-making. Note: Core service functionality requires some data processing.

7.6 Right to Restriction

Limit how we process your data (e.g., storage only, no ML training).

7.7 Right to Lodge a Complaint

File a complaint with your local data protection authority if you believe we violated your rights.

How to Exercise Rights: Email privacy@krugis.com with your request. We will respond within 30 days. Verification required to prevent fraud.

8. Cookies and Tracking Technologies

We use minimal cookies:

• Authentication Cookie: Maintains login session (essential, expires after 30 days)
• CSRF Token: Security measure to prevent cross-site request forgery (essential)

We do NOT use:

✗ Advertising cookies
✗ Third-party tracking cookies
✗ Social media pixels
✗ Analytics cookies

You can disable cookies in your browser, but this will prevent login functionality.

8.5 Windows Desktop Application Data

As a Windows desktop application, Route42 stores certain data locally on your machine:

• Application Settings: User preferences, API keys, routing configurations stored in Windows AppData folder
• Cache Files: Temporary routing model cache for performance optimization
• Personalization Models (Pro): Local machine learning models trained on YOUR usage patterns, never uploaded
• Logs: Application error logs (sanitized, no prompt content) for debugging purposes

Local Data Control: You have full control over locally stored data. You can manually delete files in %AppData%\Route42 or use the application's "Clear Local Data" feature. This data never leaves your Windows machine unless you explicitly export it.

Windows Privacy Settings: Route42 respects Windows privacy settings. We do not access your Windows activity history, telemetry, or other system data beyond what's necessary for application functionality.

9. Children's Privacy (COPPA Compliance)

Route42 is not intended for users under 18. We do not knowingly collect data from minors. If you believe a child has provided us with personal information, contact privacy@krugis.com immediately for deletion.

10. International Data Transfers

• Primary Storage: EU servers (Estonia, Germany) - GDPR compliant

• Backup Storage: EU and Swiss data centers

• Cloud LLM Providers: May process data in the United States, UK, and other jurisdictions

• Safeguards: Standard Contractual Clauses (SCCs) for EU-US transfers

By using Route42, you consent to international transfers necessary for service provision.

11. Do Not Track (DNT) Signals

We do not track users across websites, so DNT signals are not applicable. We respect browser privacy settings.

12. California Privacy Rights (CCPA/CPRA)

California residents have additional rights:

• Right to Know: Categories of data collected and how it's used
• Right to Delete: Deletion of personal information (with exceptions)
• Right to Opt-Out: We do not "sell" personal information as defined by CCPA
• Non-Discrimination: We will not discriminate against users exercising privacy rights

13. Data Breach Notification

In the event of a data breach affecting personal information:

• Affected users notified within 72 hours (GDPR requirement)
• Notification includes: nature of breach, data affected, remediation steps
• Supervisory authorities notified as required by law
• Public disclosure if risk to rights and freedoms is high

13.5 Trade Secret and Proprietary Information Protection

Transparency Scope Limitation: Our commitment to transparency and user privacy does not extend to the disclosure of proprietary information. The following are expressly excluded from any transparency reports, data access requests, security audits, or legal discovery:

• Source Code: Route42's application source code, libraries, and dependencies
• Routing Algorithms: Model selection logic, scoring functions, ranking heuristics, and decision trees
• ML Models and Weights: Complexity detection models, embeddings, neural network weights, and training configurations
• Trade Secrets: Any proprietary information that derives independent economic value from not being generally known
• Internal Metrics: Performance benchmarks, A/B test results, and competitive analysis relating to routing optimization

This exclusion applies regardless of whether data is requested under GDPR Article 15, CCPA access rights, court subpoenas, or regulatory inquiries. We will assert trade secret privilege to the fullest extent permitted by law.

14. Changes to Privacy Policy

We may update this Privacy Policy to reflect:

• Changes in data practices or technology
• New legal requirements
• Feature additions or service modifications

Notification: Material changes communicated via email at least 14 days before effective date. Continued use constitutes acceptance.

Version History: Previous versions available upon request.

15. Contact Information and Data Protection Officer

Privacy Inquiries: privacy@krugis.com
Data Protection Officer: Krugis OÜ, Tallinn, Estonia
Mailing Address: [Physical address for official correspondence]
General Support: support@krugis.com

EU Representative: [If processing large volumes of EU data]
UK Representative: [If processing UK data post-Brexit]

16. Additional Resources

• Terms of Service: terms.html

• Security Practices: security@krugis.com

• Transparency Report: [Published annually]

• Bug Bounty Program: security@krugis.com

Your Privacy Matters: We are committed to protecting your data and respecting your privacy rights. If you have questions or concerns, please don't hesitate to contact us.

← Back to Home