Docs

Documentation

Launch Dashboard

Privacy Policy

Your privacy matters. Learn how ModelRiver collects, uses, and protects your information.

Current section

Privacy Policy

Updated

This week

Build time

Minutes, not hours

Effective Date: November 19, 2025

Introduction

ModelRiver Inc. ("ModelRiver," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI integration platform and services.

Information We Collect

Information You Provide

  • Account Information: Name, email address, and password when you create an account
  • Payment Information: Billing details processed securely through Stripe (we do not store complete payment card details)
  • Provider Credentials: API keys and credentials for AI providers you connect (encrypted at rest)
  • Project Data: Project names, workflow configurations, and structured output schemas
  • Support Communications: Information you provide when contacting our support team

Automatically Collected Information

  • Usage Data: API requests, response times, token usage, and error logs
  • Device Information: IP address, browser type, operating system
  • Analytics: How you interact with our dashboard and services

API Request Data

  • Request Content: Prompts, messages, and parameters sent through our API
  • Response Content: AI generated responses from providers
  • Metadata: Timestamps, provider used, model, tokens consumed, cache status

How We Use Your Information

We use the collected information to:

  • Provide and maintain our services
  • Process your API requests and route them to AI providers
  • Manage your account and billing
  • Monitor system performance and debug issues
  • Improve our platform and develop new features
  • Send service-related notifications and updates
  • Comply with legal obligations
  • Prevent fraud and ensure security

Data Storage and Security

Encryption

  • API keys and provider credentials are encrypted at rest using AES-256-GCM
  • Data in transit is protected using TLS 1.2 or higher
  • Passwords are hashed using industry-standard algorithms

Data Retention

  • Request Logs: Stored for 30 days by default (configurable per project)
  • Account Data: Retained while your account is active
  • Billing Records: Kept for 7 years for tax and legal compliance
  • Deleted Accounts: Personal data removed within 30 days of account deletion

Data Sharing and Disclosure

Third-Party Providers

We share your API requests with the AI providers you've configured (OpenAI, Anthropic, Google, Cohere, Mistral, etc.) to fulfill your requests. Each provider has its own privacy policy and data handling practices.

Service Providers

We use trusted service providers for:

  • Payment Processing: Stripe for billing and subscriptions
  • Infrastructure: Cloud hosting providers for servers and databases
  • Email Delivery: Email service providers for transactional emails
  • Analytics: Privacy-focused analytics tools

Legal Requirements

We may disclose your information if required by law, court order, or to:

  • Comply with legal process
  • Protect our rights and property
  • Prevent fraud or security threats
  • Protect the safety of our users

Your Rights and Choices

Access and Control

You have the right to:

  • Access your personal data through your dashboard
  • Update or correct your account information
  • Export your project data and configurations
  • Delete your account and associated data
  • Opt out of marketing communications

GDPR Rights (EU Users)

If you're in the European Union, you have additional rights:

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

CCPA Rights (California Users)

California residents have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Opt out of the sale of personal information (we do not sell personal information)
  • Request deletion of personal information
  • Non discrimination for exercising privacy rights

Cookies and Tracking

We use essential cookies to:

  • Maintain your login session
  • Remember your preferences (e.g., dark mode)
  • Protect against security threats

We do not use third-party advertising cookies or sell your data to advertisers.

International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Your explicit consent where required

Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by:

  • Posting the new policy on this page
  • Updating the "Effective Date" at the top
  • Sending an email notification for material changes

Data Protection Officer

For privacy-related inquiries, contact our Data Protection Officer at:

Email: [email protected]

Contact Us

If you have questions about this Privacy Policy or our data practices:

ModelRiver Inc. Email: [email protected]

Last updated: November 19, 2025