Privacy Policy

Last Updated: May 4, 2025

FirstRouter, Inc. ("FirstRouter," "we," "us," or "our") respects your privacy and is committed to protecting it. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit and use our website and API services (collectively, the "Service"). By accessing or using our Service, you agree to the practices described in this policy.

1. Information We Collect

1.1 Personal Data You Provide

  • Account Registration: name, email address, password
  • Billing & Payments: payment method details (handled by our processor)
  • Support & Correspondence: any information included in support tickets or emails

1.2 Usage & Log Data

  • API Usage: timestamps, endpoints called, request volumes, diagnostic data
  • Technical Details: IP address, device/browser type, operating system, error logs

2. How We Use Your Information

We use your personal data to:

  • Provide, maintain, and improve the Service
  • Process payments and prevent fraud
  • Respond to support inquiries
  • Analyze usage trends via analytics tools
  • Send account notices, updates, and (with opt‑out) marketing communications
  • Comply with legal obligations and protect our rights

3. Third‑Party Services

We engage trusted third‑party providers to support our operations, including:

  • Analytics: Google Analytics (and/or PostHog) for usage insights
  • Payment Processing: Stripe for secure billing
  • Hosting & Infrastructure: AWS (or equivalent) for cloud services

These providers are contractually bound to protect your data and use it only for the services they perform.

4. Cookies & Tracking Technologies

Although FirstRouter's public website currently does not deploy cookies, we provide the following framework so you can enable tracking technologies in the future without updating this policy:

4.1 What Are Cookies?

Cookies are small text files placed on your device by your browser when you visit websites. They allow us—or third parties—to recognize your browser and remember certain information.

4.2 Types of Cookies We Might Use

CategoryPurposeExamples
Strictly NecessaryCore functionality (e.g. authentication, security)Session ID, CSRF tokens
Functional/PreferenceRemember settings (e.g. language, dashboard layout)Language selector, UI theme
Performance/AnalyticsAggregate usage data to improve performance and reliabilityGoogle Analytics, PostHog
Advertising/MarketingDeliver personalized content and measure ad effectivenessGoogle Ads, Facebook Pixel

4.3 Managing Your Cookie Preferences

  • Upon future deployment, we will display a cookie banner asking for consent (except for strictly necessary cookies).
  • You can modify preferences at any time via the banner or your account settings.
  • To disable cookies entirely, follow instructions at http://www.allaboutcookies.org. Note that blocking strictly necessary cookies may break core features.

5. Data Retention

We retain your personal data only as long as necessary to:

  • Provide the Service (for the duration your account is active)
  • Fulfill legal, tax, or accounting requirements

Typical Retention Periods

  • Account & Profile Data: until you delete your account, plus 2 years in backups
  • API Usage Logs: 1 year, after which detailed records are deleted or aggregated

When data is no longer needed, we securely delete or anonymize it.

6. Your Rights & Choices

6.1 U.S. Users (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know what personal data we collect and how it's used
  • Delete your personal data (subject to exceptions)
  • Opt Out of sale of personal data (we do not sell your data)
  • Non‑Discrimination for exercising these rights

6.2 EU Users (GDPR)

If you are located in the European Economic Area, you have the right to:

  • Access your personal data
  • Rectify inaccurate information
  • Erase data ("right to be forgotten")
  • Restrict processing under certain conditions
  • Object to processing (including profiling)
  • Data Portability to receive your data in a structured format
  • Withdraw Consent at any time (for consent‑based processing)

To exercise any right, contact us at privacy@firstrouter.ai. We will respond within one month.

6.3 Marketing Communications

You may opt out of promotional emails by clicking "unsubscribe" or emailing privacy@firstrouter.ai. Opt‑out requests may take up to 10 business days to process.

7. International Data Transfers

When you use our Service, your data may be transferred to, stored, and processed in the United States or other countries. For transfers from the EEA/UK, we rely on Standard Contractual Clauses approved by the European Commission to ensure an adequate level of protection.

8. Data Security

We implement industry‑standard measures to protect your data, including:

  • Encryption in transit (TLS)
  • Secure data storage with access controls
  • Regular security assessments and vulnerability testing

However, no system is entirely secure. You are responsible for protecting your account credentials.

9. Children's Privacy

Our Service is not intended for individuals under 13. We do not knowingly collect data from children under 13. If you believe we have, please contact privacy@firstrouter.ai so we can delete it.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be posted here with a new "Last Updated" date, and—if required by law—we'll notify you at least 30 days in advance via email.

11. Contact Us

For questions or to exercise your rights, email: privacy@firstrouter.ai