Provider Data Policies
Every upstream provider (OpenAI, Anthropic, Google, DeepSeek, etc.) has its own terms of service governing:- Whether prompts are used for training
- How long prompts and completions are retained
- Whether responses are logged for abuse detection
Training on Prompts
By default, most major providers (OpenAI, Anthropic, Google) do not train on API traffic under their enterprise or standard API terms. However, policies vary by provider and plan. You can review each provider’s current data policy by checking their official documentation or terms of service page. ARouter surfaces known provider data policies in the Providers reference.Controlling Provider Selection
If your use case requires strict data handling guarantees, you can control which providers ARouter routes to:- Specify a provider explicitly — use the
provider/modelformat (e.g.,openai/gpt-5.4) to ensure only that provider handles your request. - Use an ordered candidate list — set
modelsto a prioritized list of provider-specific model IDs, all of which meet your data requirements.
Data Retention by Provider
Below is a general summary. Always verify with the provider’s current terms:| Provider | Prompt Retention | Training Use |
|---|---|---|
| OpenAI (API) | 30 days (abuse monitoring) | No (API terms) |
| Anthropic | Up to 30 days | No (API terms) |
| Google Gemini | Varies by product | No for Gemini API |
| DeepSeek | Varies | Check provider terms |
This table reflects general policy summaries and may be outdated. Check each provider’s official API terms for the authoritative answer.