OpenRouter Provider Data Policy
This policy explains how Expansas handles data when serving the expansas/glm-5.2-nvfp4-b200-262k model through the OpenRouter provider marketplace.
Effective Date: June 30, 2026 · Version 1.0 · Last updated: June 2026
1. Scope
This OpenRouter Provider Data Policy applies only to inference requests that reach Expansas through the OpenRouter provider marketplace for the published model expansas/glm-5.2-nvfp4-b200-262k. It supplements our general Privacy Policy and Terms of Service. In the event of any conflict or inconsistency between this Policy and our general Privacy Policy or Terms of Service regarding the processing of OpenRouter-routed inference content, this Policy shall control.
This Policy applies only to Expansas processing after OpenRouter routes a request to Expansas. OpenRouter's own logging, privacy settings, Input & Output Logging, and external observability tools are governed by OpenRouter and customer settings and are not covered by this Policy.
As of June 2026, Expansas publishes a single model on the OpenRouter provider marketplace. This Policy does not apply to other models or services hosted internally or offered under separate enterprise agreements by Expansas.
2. No Content Retention or Training
Expansas is a no-content-retention, no-training provider on the OpenRouter marketplace. Expansas does not intentionally retain, store, or collect prompt bodies, completion bodies, tool schemas, attachments, or any request or response content from OpenRouter-routed inference requests. Expansas does not use OpenRouter-routed traffic for model training, fine-tuning, distillation, evaluation, synthetic-data generation, or any other model improvement purpose, including human review for evaluation.
Request and completion content is processed in memory for the duration of inference and is not intentionally persisted to application logs, databases, or training pipelines. System-level infrastructure logs (e.g., error traces, crash dumps) generated during unexpected system failures may contain incidental fragments of in-memory data; such logs are restricted to systems engineering staff, are not used for any training or analysis purpose, are subject to standard security controls and retention limits, and are automatically purged on schedule.
Expansas applies provider-level Zero Data Retention (ZDR) handling to all OpenRouter-routed traffic regardless of the data-collection setting on the request. ZDR is enforced at the provider level and supersedes any per-request collection preference. Users do not need to set ZDR or deny data collection to receive no-retention handling — it is the default and only posture for this provider.
3. Operational Metadata Retention
To operate, bill, enforce limits, and plan capacity, Expansas retains a minimal set of operational metadata. This metadata does not include prompt text, completion text, attachments, or tool schemas and is not designed to reveal the semantic content of requests or responses. The retained metadata includes:
- Request counts and timestamps
- Token counts (prompt, completion, and cached input tokens)
- Model id and routing outcome (success or error class)
- Latency metrics and time-to-first-token
- Cache hit rates and 429/5xx rates
Operational metadata is retained for a maximum of 90 days for billing reconciliation, capacity planning, abuse prevention, and OpenRouter provider reporting, after which it is deleted or aggregated into non-identifiable statistics. Expansas does not retain request IDs, OpenRouter org/user IDs, API key hashes, IP addresses, or billing IDs beyond what is necessary for the operational purposes listed above.
4. Hosting and Capacity
OpenRouter-routed inference is served from United States-hosted GPU capacity on Expansas-controlled infrastructure. Request and response content is processed on Expansas-controlled US inference infrastructure and may transit Expansas-controlled gateways, load balancers, TLS terminators, and monitoring/security infrastructure within the same data center. Content is not sent to third-party model or API providers.
Expansas does not route OpenRouter traffic to GPU hosts outside the United States for any reason, including failover or disaster recovery. In the event of regional failure, OpenRouter is expected to route traffic to other providers according to its own routing and fallback configuration.
Non-US users' inference content is processed in the United States. This endpoint is not part of OpenRouter's EU in-region routing.
5. Saturation and Early 429 Behavior
When Expansas capacity is saturated, the provider gateway returns an early HTTP 429 (Too Many Requests) rather than queueing requests deeply. This allows OpenRouter or the requesting client to handle capacity according to its routing and fallback configuration. An HTTP 429 response represents a temporary capacity limitation at the Expansas provider layer and does not indicate that the request payload is invalid.
Expansas uses admission control mechanisms designed to allocate and reserve compute and memory for accepted requests, minimizing the risk of mid-inference preemption under normal operating conditions.
6. Security Measures
Expansas protects OpenRouter-routed traffic with the following technical and organizational measures:
- Encryption in transit (TLS) for all inference traffic between OpenRouter and Expansas infrastructure
- Network segmentation isolating inference workloads from administrative and monitoring networks
- Access controls restricting infrastructure logs and system-level diagnostics to authorized systems engineering staff only
- Automated purging of system-level logs on a defined retention schedule
- No long-term storage of request or response content in any form
These measures are designed to substantiate the Zero Data Retention posture described in this Policy. Expansas continually reviews and strengthens its security controls.
7. Subprocessors
Expansas uses the following categories of third-party service providers to host and operate the inference infrastructure serving OpenRouter-routed traffic. These providers do not receive request or response content and are bound by contractual confidentiality obligations:
- Data center and GPU hosting partners providing physical compute capacity within the United States
- Networking and security infrastructure providers (load balancers, DDoS protection, TLS termination)
- Observability and monitoring services receiving only operational metadata, not content
Expansas will update this section with named subprocessors upon execution of new agreements. Users may request the current subprocessor list by contacting [email protected].
8. Data Breach Notification
In the event of a security incident affecting OpenRouter-routed inference content or operational metadata, Expansas will notify OpenRouter and affected users without undue delay, and in any case within 72 hours of confirming the breach. Notification will describe the nature of the incident, the categories of data potentially affected, the measures taken, and the steps users can take to protect themselves.
Because Expansas does not intentionally retain request or response content, the primary risk in a breach scenario involves operational metadata or incidental fragments in system-level logs, as described in Section 2.
9. User Rights (GDPR / CCPA)
Expansas acts as a Data Processor (or Service Provider under CCPA) for OpenRouter-routed traffic. OpenRouter is the Data Controller (or Business) responsible for responding to user data-subject requests regarding inference content.
With respect to the operational metadata Expansas retains (Section 3), users may exercise the following rights by contacting [email protected]:
- Request access to operational metadata associated with their account
- Request correction of inaccurate operational metadata
- Request deletion of operational metadata, subject to legal retention
- Object to processing of operational metadata for legitimate interests
Expansas will respond to verified requests within 30 days. For rights related to inference content itself (prompt/completion bodies), users should contact OpenRouter directly, as Expansas does not retain that content.
10. Children's Data
Expansas does not knowingly process data from children under 13 (under 16 where applicable) through the OpenRouter marketplace. Expansas's inference services are intended for use by developers and businesses. If Expansas becomes aware that it has processed data from a child, it will take steps to delete the associated operational metadata and notify OpenRouter.
11. Policy Changes
Expansas may update this Policy from time to time. Material changes will be posted on this page with an updated effective date. Expansas will make reasonable efforts to notify OpenRouter of material changes to data-handling practices in advance.
Users are encouraged to review this page periodically. The version and effective date at the top of this page indicate when the Policy was last revised.
12. Limitation of Liability
This Policy describes Expansas's current data-handling practices for OpenRouter-routed traffic. While Expansas implements the measures described herein and is committed to a no-content-retention, no-training posture, Expansas does not warrant that inference processing will be entirely free from incidental system-level data exposure (such as crash dumps or error traces) as described in Section 2.
To the maximum extent permitted by law, Expansas's liability for any breach of this Policy is limited to the fees paid by OpenRouter to Expansas for the affected inference requests during the 90 days preceding the breach.
13. Contact
Questions about this OpenRouter Provider Data Policy, data-protection inquiries, or user-rights requests may be sent to [email protected]. For data-protection inquiries that cannot be resolved through that channel, users may reference the rights process described in our general Privacy Policy.