Have you noticed yesterday's update to OpenRouter's terms of service and privacy policy?

I've gathered the key changes that, in my opinion, require action from anyone who sends confidential or NDA-protected content to LLM models. The changes are significant.

1. Perpetual license for prompts and responses

The new version states that if you leave prompt or chat logging enabled, OpenRouter obtains an irrevocable right to further commercial use of Inputs and Outputs. This means the possibility of selling anonymized fragments to our competitors or any analytical partners.

Worth comparing: OpenAI in API doesn't train on client data by default, and retention is maximum 30 days (or 0 days with ZDR enabled).

2. Session recording (session replay)

The platform has implemented PostHog with full user session recording: mouse movements, scrolling, input field content. This raw data - before being anonymized - passes through an external service. For organizations subject to GDPR or ISO 27001, this is a serious change in risk vectors.

3. No data retention limit

The old terms and privacy policy omitted the retention topic; the new ones declare that storage lasts "as long as necessary", and deletion requires a manual request. In practice, data may remain on servers indefinitely, making it difficult to demonstrate minimization in audits.

4. Disclaimer of responsibility for model suppliers

If - for example - the model provider (OpenAI, Anthropic, Mistral) does retain and train on our data, OpenRouter explicitly disclaims contractual liability. The burden of proof and potential claims fall on us.

Practical recommendations

Completely disable prompt and chat logging - option in Settings → Privacy → Disable: "Enable providers that may train on inputs" & "Enable input/output logging".
Block session replay on the browser or server side (traffic filter to .posthog.com).
For projects requiring full confidentiality, consider using OpenAI API directly with Zero Data Retention enabled or other providers (without intermediaries!).
In client agreements (NDA, SLA), specify that all materials sent to external services are pseudonymized and not subject to secondary trading.

For some people, the above might sound like typical corporate "CYA" (Cover Your Ass policy). However, from the perspective of a company that operates daily on confidential client documents, I consider these changes significant and worth immediate action - if only to peacefully pass the next security audit.

I'd like to hear your experiences and opinions. Are you planning to change configuration or migrate to other solutions?

2 comments