Blog

Engineering updates and practical guides

All posts
Security

Why We Never Store Your Prompts

How RoutePlex's stateless architecture protects your data and why it matters for trust.

RoutePlex TeamJanuary 28, 20263 min read
Why We Never Store Your Prompts

Why We Never Store Your Prompts

When you send a request through RoutePlex, your prompt and the model's response pass through our servers in-memory and are immediately discarded. We never write them to disk, never log them, and never use them for anything other than routing your request.

This is by design.

The Privacy Problem with AI Gateways

Most AI platforms store your data by default. Some use it for training. Some log it for debugging. Some keep it for analytics. Even when they offer opt-out options, you're trusting that the opt-out actually works.

For developers building applications with AI, this creates real problems:

  • Compliance risk — Healthcare, finance, and legal applications have strict data handling requirements
  • Customer trust — Your users didn't consent to having their data stored by a third party
  • Attack surface — Stored data can be breached. Data that doesn't exist can't be

Our Architecture

RoutePlex's approach is simple: if we don't need to store it, we don't.

Here's what happens when you make a request:

  1. Your request arrives over TLS-encrypted connection
  2. We authenticate your API key (hashed, never stored in plaintext)
  3. Your request is forwarded to the selected AI provider in-memory
  4. The provider's response is forwarded back through our servers to you
  5. We record metadata only: timestamp, token count, cost, model used
  6. The prompt and response are gone. No traces.

What We DO Keep

We're transparent about what we retain:

  • Request metadata — Timestamps, token counts, costs, model selections (90 days)
  • Billing records — Financial records as required by law (7 years)
  • Account information — Your profile, API keys (hashed), and settings

This metadata is necessary for billing, analytics, and abuse prevention. None of it contains your actual prompts or model responses.

Why This Matters for Enterprise

Enterprise customers care about data handling because they have to. Their customers, regulators, and compliance teams demand it.

RoutePlex's stateless design means:

  • No Data Processing Addendum needed for prompt data (there's nothing to process)
  • No data residency concerns for prompt content
  • No breach notification requirements for data that doesn't exist
  • Simplified compliance for GDPR, HIPAA-adjacent, and SOC workflows

The Trade-off

Yes, this means we can't offer prompt logging, conversation history, or replay features. We believe that's the right trade-off. If you need those features, build them in your own infrastructure where you control the data.

We route requests. That's it.

Learn more about our security practices →

All posts

Related Posts

Built-in Content Moderation: 3-Layer Safety Pipeline

Built-in Content Moderation: 3-Layer Safety Pipeline

How RoutePlex's automatic content moderation keeps your AI applications safe with zero configuration.