Privacy policy
How Lore Hex Corp collects, uses, shares, and protects information when you use TrustedRouter.
What this policy covers
This Privacy Policy explains how Lore Hex Corp, a Delaware C Corporation, collects, uses, discloses, and protects information when you use TrustedRouter websites, dashboards, APIs, SDKs, plugins, and related services.
Information we collect
Account and contact information
We may collect your email address, authentication identifiers, wallet address when you use wallet sign-in, workspace and organization membership, support communications, and preferences.
Billing information
Payment processors handle payment-card, PayPal, and supported stablecoin payment details. TrustedRouter receives transaction identifiers, payment status, amounts, and limited payment-method metadata needed for billing, fraud prevention, refunds, and accounting.
API and service metadata
We collect operational metadata such as request and generation identifiers, selected model and provider, token counts, latency, status, cost, region, API-key hash and display hint, rate-limit state, and security events. Raw API keys are shown once and stored only as protected hashes. BYOK provider credentials are encrypted.
Prompts and outputs
TrustedRouter does not store prompt or output content by default. Prompt traffic is designed to terminate inside the attested gateway. If a workspace explicitly enables a content-bearing Broadcast destination or another content feature, the selected content is sent to that destination under the workspace's configuration and the destination's terms. Downstream model providers process content according to the selected route and provider terms.
Website information
We may collect IP address, browser and device information, referring page, coarse location derived from IP, cookie or session identifiers, and page interaction data needed to operate, secure, and improve the service.
How we use information
We use information to provide and secure the service, authenticate users, route requests, meter usage, process payments, prevent abuse, respond to support, maintain reliability, comply with law, and improve product performance. We do not use customer prompts or outputs to train our own models.
How we disclose information
We disclose information to infrastructure, authentication, payment, communications, monitoring, and model-provider subprocessors as needed to provide the service. The current platform and downstream model-provider list is published at /legal/subprocessors. We may also disclose information when required by law, to protect rights and safety, during a corporate transaction, or with your direction or consent.
Retention
We retain account, billing, security, and service metadata only as reasonably necessary for the purposes described above, including legal, tax, accounting, fraud-prevention, dispute, and security obligations. Retention periods vary by record type and contractual requirements. Prompt and output content is not retained by TrustedRouter by default. Deleting an account does not require us to delete records that law, security, fraud prevention, or financial controls require us to preserve.
Security
We use access controls, encryption, secret isolation, security monitoring, and an attested prompt gateway. No system is perfectly secure. Review current architecture and attestation evidence at /security and trust.trustedrouter.com.
Your choices and rights
You may request access, correction, deletion, or export of personal information, or object to or restrict certain processing, where applicable. You may disable optional content exports and revoke API keys in the console. Contact security@trustedrouter.com. We may verify identity before completing a request.
International processing
TrustedRouter and its providers may process information in the United States and other countries. Available regions and provider routes have different locations and legal terms. Customers requiring a specific region or provider must use the corresponding route controls and contractual terms.
Children
The service is not directed to children under 13, and we do not knowingly collect their personal information. Users must be able to form a binding contract for the service in their jurisdiction.
Changes
We may update this policy as the service changes. We will post the updated policy here and change the effective date. Material changes may also be communicated through the service or account email.
Contact
Lore Hex Corp
1111 Brickell Ave, Floor 10, Miami, FL 33131
+1-305-239-7350
security@trustedrouter.com