Global Compliance & Transparency Center

Unified privacy, terms, cookie governance, AI transparency disclosures, DPA signing, and sub-processor registry for enterprise deployments.

Privacy Policy (GDPR Article 13 & 14 Compliance)

Last Updated: June 15, 2026

This Privacy Policy describes how Routara collects, processes, and protects your personal data under GDPR, CCPA/CPRA, LGPD, PDPA, and equivalent global guidelines.

1. Data Controller & Contact

Routara Ltd., incorporated in the Republic of Singapore, acts as Data Controller. Company registration number and registered office address are available on request. DSAR via Trust Center or developer dashboard. Contact: [email protected] (Jack Lee · Director).

2. Categories of Processed Data

We process the following categories:

  • Account Credentials: email, encrypted passwords, billing addresses, VAT IDs.
  • Developer Payload Telemetry: prompts processed statelessly unless audit mode is active.
  • Export & Sanction Data: country and IP for compliance screening.
  • Payment Metadata: transaction IDs and amounts via Stripe (we do not store full card numbers).

3. Data Retention

Query telemetry is discarded instantly unless you enable audit logging. Billing logs retained up to 3 years. High-Risk AI deployments: 6 years per EU AI Act 2026.

4. International Transfers

Where personal data leaves the EEA/UK, we rely on EU Standard Contractual Clauses (SCCs) and supplementary technical measures. Model inference may route to certified cloud regions; sub-processors are listed in the Trust Center.

5. Your Rights (GDPR / Global)

You may request access, rectification, erasure, restriction, portability, or object to processing. EU/UK users may lodge a complaint with their supervisory authority. We respond within 30 days.

6. California Privacy Rights (CCPA/CPRA)

California residents have the right to know, delete, correct, and opt out of the sale or sharing of personal information. Routara does not sell personal data. To exercise rights, submit a DSAR in the Trust Center or email [email protected]. We do not discriminate against consumers who exercise privacy rights.

  • Do Not Sell or Share: Routara does not sell or share personal information for cross-context behavioral advertising.
  • Sensitive Personal Information: we do not use or disclose sensitive PI beyond permitted service-delivery purposes.
  • Authorized Agent: California residents may designate an authorized agent with written permission.
  • Contact: [email protected] (general, privacy & compliance).