gahorouter Privacy Policy

Version: v1.0

Release Date: June 1, 2026

Effective Date: June 1, 2026

1. Introduction

1.1 Beijing Cloudwild Infinity Technology Co., Ltd. (hereinafter referred to as "we" or "us") is the operator of the gahorouter platform (hereinafter referred to as "this Platform"). This Platform provides users with AI model aggregation and routing services, allowing users to invoke various artificial intelligence models via API. The Platform's web address is console.gahorouter.com.

1.2 This Privacy Policy (hereinafter referred to as "this Policy") applies to the personal information processing activities involved when you interact with us through this Platform's website, API interfaces, console, and related services.

1.3 This Policy is formulated in accordance with the Personal Information Protection Law of the People's Republic of China, the Data Security Law of the People's Republic of China, the Cybersecurity Law of the People's Republic of China, and other relevant laws and regulations.

1.4 Before using this Platform's services, please carefully read and fully understand all the content of this Policy. If you do not agree with any content of this Policy, you should immediately stop using this Platform's services. By using or continuing to use this Platform's services, you indicate your agreement to our processing of your personal information in accordance with this Policy.

1.5 This Policy may be updated from time to time. The updated Privacy Policy will be published on this Platform, and material changes will be notified to you separately in the manner described in Article 8 of this Policy.

2. Personal Information We Collect

To provide services to you, we need to collect and process the following personal information. We follow the principles of legality, legitimacy, necessity, and good faith, and only collect the minimum personal information necessary to achieve the service purposes.

2.1 Account Registration Information

2.1.1 When you register an account on this Platform, we will collect the following information based on the enterprise user type you select (sole proprietorship, small enterprise, medium enterprise, large enterprise):

(1) Mobile phone number or email address (used for account registration, identity verification, and security notifications);
(2) Username (used for account identification);
(3) Password (stored in hashed and encrypted form; we do not store your plaintext password);
(4) Enterprise user type (used to determine service tier and available features).

2.1.2 Small, medium, and large enterprise users must also provide a Unified Social Credit Code and contact person's job title information, used for enterprise identity verification.

2.1.3 The above information is required to register an account on this Platform. If you do not provide the above information, we will be unable to create an account for you or provide services.

2.2 Identity and Organization Information

2.2.1 When you use this Platform's organization management features, we may collect the following information:

(1) Affiliated tenant information;
(2) Organization name;
(3) Your role information within the organization.

2.2.2 The above information is used to implement multi-tenant management, access control, and organizational collaboration features.

2.3 Device and Network Information

2.3.1 When you access this Platform or invoke services via API, we will automatically collect the following information:

(1) IP address;
(2) Device identification information;
(3) Browser type and version information;
(4) Operating system type and version information;
(5) Region information (inferred from IP address).

2.3.2 The above information is used to ensure service security, perform anomaly detection, and provide compliance audit support.

2.4 Service Usage Information

2.4.1 When you invoke AI model services via this Platform's API, we will record the following call log information:

(1) The name of the model invoked;
(2) Call time (precise to the millisecond);
(3) Number of input and output tokens;
(4) Response status code;
(5) Request latency;
(6) Call source identifier (API Key identifier).

2.4.2 The above information is used for billing and settlement, service quality monitoring, troubleshooting, and compliance auditing.

2.5 Financial Information

2.5.1 When you top up or incur consumption on this Platform, we will collect the following information:

(1) Top-up records (top-up amount, top-up time, top-up channel);
(2) Billing details (consumption amount, consumption time, consumption items);
(3) Payment method information (payment channel, partially masked payment account information).

2.5.2 We do not directly store your complete bank card number, payment password, or other sensitive payment information. The collection and processing of the above information is completed through a qualified third-party payment service provider.

2.6 Customer Service and Feedback Information

2.6.1 When you communicate with our customer service team through the ticket system, email, or other channels, we will collect the following information:

(1) Ticket content (including problem descriptions, attachments, etc. that you submit);
(2) Feedback records (including suggestions, complaints, etc.);
(3) Communication records (records of interactions between customer service and you).

2.6.2 The above information is used to resolve your issues, improve service quality, and fulfill customer service obligations.

2.7 Statement on Processing of User Input and Output Content

2.7.1 Regarding the role positioning of this Platform, the following is hereby stated:

As an intermediary layer for AI model aggregation and routing services, this Platform assumes the role of request forwarding and routing scheduling. When you invoke an AI model via this Platform's API, the prompts you submit and the output content (Completion) returned by the model will be forwarded through this Platform to the corresponding model service provider, and the results will be returned to you.

2.7.2 This Platform does not persistently store your prompts and model output content. Specifically:

(1) Your prompts and model output content are processed only as real-time transit data during transmission and will not be written to persistent storage by this Platform;
(2) This Platform will record metadata related to the calls (such as the call log information described in Article 2.4), which is used for billing and settlement, audit compliance, and troubleshooting;
(3) In scenarios where troubleshooting is necessary, system logs may briefly retain summary information of some requests/responses; such information will be promptly cleared after troubleshooting is completed, with a retention period not exceeding 72 hours.

2.7.3 Although this Platform does not persistently store prompts and output content, such content will be transmitted to the corresponding domestic model service provider for processing. For information on how model service providers handle data, please refer to the relevant statements in Article 5 of this Policy (Third-Party Data Sharing).

3. How We Use Personal Information

We strictly follow the principles of legality, legitimacy, and necessity, and use the collected personal information for the following purposes:

3.1 Billing and Settlement

3.1.1 Calculate your service usage fees based on your API call logs (model name, token count, etc.).

3.1.2 Generate billing details and process top-ups and deductions.

3.2 Audit Compliance

3.2.1 Record and retain necessary operation logs to fulfill the log retention obligations stipulated by the Cybersecurity Law and other laws and regulations.

3.2.2 Cooperate with inspections, investigations, and evidence collection conducted by regulatory authorities in accordance with the law.

3.3 Risk Control and Security

3.3.1 Detect and prevent abnormal call behavior (such as abnormal call frequency, malicious attacks, etc.).

3.3.2 Safeguard account security (such as abnormal login detection, risk alerts).

3.3.3 Prevent fraud, abuse, and other illegal or non-compliant behavior.

3.4 Service Quality Monitoring

3.4.1 Monitor the availability, response time, and error rate of API services.

3.4.2 Evaluate the service quality of each model service provider and optimize routing strategies.

3.5 Troubleshooting

3.5.1 In the event of a service failure, use call logs and related metadata to locate and resolve problems.

3.5.2 Analyze the causes of failures and develop preventive measures.

3.6 Product Improvement

3.6.1 Analyze service usage trends based on anonymized and de-identified statistical data.

3.6.2 Optimize platform features and user experience.

3.6.3 We commit that the data used for product improvement is anonymized or de-identified and cannot identify any specific individual.

4. Data Storage and Security

4.1 Storage Location

4.1.1 Your personal information is stored within the territory of the People's Republic of China.

4.1.2 We will not store or transmit your personal information outside the territory of the People's Republic of China. This Platform provides only domestic model services to users in mainland China, and all processing of user data is completed within China.

4.2 Security Measures

4.2.1 We adopt the following technical measures to protect the security of your personal information:

(1) Data Encryption: Apply TLS/SSL encryption protocols to data in transit, and use industry-standard encryption algorithms to encrypt sensitive data at rest;
(2) Access Control: Implement a Role-Based Access Control (RBAC) mechanism to strictly limit internal personnel's access to personal information, following the principle of least privilege;
(3) Audit Logging: Record all access and operation logs related to personal information to ensure traceability;
(4) Network Security: Deploy firewalls, intrusion detection systems, and other network security protection measures;
(5) Data Backup: Implement regular data backup and disaster recovery plans.

4.2.2 We adopt the following management measures to protect the security of your personal information:

(1) Establish and improve personal information security management systems and operating procedures;
(2) Provide security training and confidentiality obligation constraints to employees who may have access to personal information;
(3) Designate a person responsible for personal information protection to supervise personal information protection work;
(4) Regularly conduct personal information security impact assessments.

4.2.3 Despite the above security measures, please understand that no technical measure is absolutely secure in the internet environment. In the event of a personal information security incident, we will promptly report to you and the relevant regulatory authorities in accordance with the requirements of laws and regulations.

4.3 Retention Period

4.3.1 We will retain your personal information for the shortest period necessary to achieve the purposes described in this Policy. The specific retention periods for each category of information are as follows:

Information Category	Retention Period	Notes
Account Registration Information	Account lifetime + 3 years	Calculated from the date of account deregistration
Identity and Organization Information	Account lifetime + 3 years	Consistent with account information
Device and Network Information	12 months	Calculated from the date of collection
API Call Logs	12 months	Calculated from the date of generation
Billing Records	5 years	To meet fiscal and tax law and regulation requirements
Customer Service Ticket Records	3 years	Calculated from the date the ticket is closed

4.3.2 After the above retention periods expire, we will delete or anonymize your personal information.

4.3.3 Where laws and regulations otherwise provide for a retention period, or where you consent to an extended retention period, or where it is necessary to extend the retention period to safeguard the public interest, we will extend the retention period in accordance with the law.

5.1 Categories of Third Parties That May Access Your Data

5.1.1 In the course of providing services, the following categories of third parties may access your relevant data:

(1) Domestic Model Service Providers

Including but not limited to various domestic AI model providers. The data that model service providers may access includes: the prompts you submit via API calls and the output content returned by the models.

(2) Cloud Infrastructure Providers

Cloud service providers that provide infrastructure services such as servers, storage, and networking for this Platform. As data processors, cloud infrastructure providers process data in accordance with our instructions.

(3) Payment Service Providers

Licensed payment institutions that provide top-up and payment settlement services for this Platform. The data that payment service providers may access includes: transaction amounts, payment accounts, and other payment-related information.

5.2 Data Processing Agreements

5.2.1 We have signed data processing agreements or cooperation agreements containing data protection clauses with all of the above third parties, requiring the third parties to:

(1) Process personal information only within the agreed purposes and scope;
(2) Adopt security measures commensurate with the sensitivity of the data;
(3) Not sub-entrust personal information to other parties for processing without our written consent;
(4) Delete or return personal information as agreed after the cooperation terminates;
(5) Cooperate with our data protection compliance audits.

5.2.2 We require all third parties to strictly comply with the above obligations to ensure that data processing complies with the requirements of relevant laws and regulations.

6. Your Rights

In accordance with the Personal Information Protection Law and relevant laws and regulations, you have the following rights regarding your personal information:

6.1 Right of Access

6.1.1 You have the right to access the personal information we hold about you. You may exercise this right in the following ways:

(1) Log in to this Platform's console (console.gahorouter.com) and view your account information, call records, and billing information in the account settings;
(2) Submit an access request to us through the contact methods listed in Article 9 of this Policy.

6.2 Right to Copy

6.2.1 You have the right to request a copy of the personal information we hold about you. You may submit a request to us through the contact methods listed in Article 9 of this Policy.

6.3 Right to Rectification

6.3.1 When you find that the personal information we hold about you is inaccurate or incomplete, you have the right to request that we correct or supplement it. You may exercise this right in the following ways:

(1) Directly modify your account information in this Platform's console;
(2) Submit a rectification request to us through the contact methods listed in Article 9 of this Policy.

6.4 Right to Erasure

6.4.1 Under the following circumstances, you have the right to request that we delete your personal information:

(1) The processing purpose has been achieved, can no longer be achieved, or is no longer necessary to achieve the processing purpose;
(2) We cease to provide services, or the retention period has expired;
(3) You withdraw your consent;
(4) We process personal information in violation of laws, administrative regulations, or agreements;
(5) Other circumstances stipulated by laws and administrative regulations.

6.4.2 Where the retention period stipulated by laws and regulations has not expired, or where deletion is technically difficult to achieve, we will cease processing other than storage and taking necessary security protection measures.

6.5.1 For personal information processing activities conducted based on your consent, you have the right to withdraw your consent at any time.

6.5.2 You may withdraw consent in the following ways:

(1) Adjust the relevant authorization settings in this Platform's console;
(2) Submit a withdrawal request to us through the contact methods listed in Article 9 of this Policy.

6.5.3 Your withdrawal of consent does not affect the legality of personal information processing activities already conducted based on your consent prior to the withdrawal.

6.6 Right to Account Deregistration

6.6.1 You have the right to deregister your account on this Platform. You may submit a deregistration application in the following ways:

(1) Initiate the account deregistration process in this Platform's console;
(2) Submit a deregistration request to us through the contact methods listed in Article 9 of this Policy.

6.6.2 After account deregistration, we will cease to provide services to you and process your personal information in accordance with the provisions of Article 4.3 of this Policy. Please confirm before deregistration that there are no unsettled fees or incomplete transactions in your account.

6.7 Right to Data Portability

6.7.1 You have the right to request the export of the following data in a structured, common format:

(1) Account registration information;
(2) API call logs;
(3) Billing records and top-up records;
(4) Customer service ticket records.

6.7.2 You may submit a data export request through this Platform's console or through the contact methods listed in Article 9 of this Policy.

6.8 Right to Complain

6.8.1 If you believe that our processing of your personal information has infringed your legitimate rights and interests, you have the right to complain or report to the relevant regulatory authorities. You may file a complaint with the following authorities:

(1) The cyberspace administration department in the location of this Platform;
(2) The market supervision and administration department in the location of this Platform;
(3) Other regulatory authorities with lawful jurisdiction.

6.9 Methods of Exercising Rights and Response Time Limits

6.9.1 You may exercise the above rights in the following ways:

(1) Console Operations: Log in to console.gahorouter.com and operate directly on the relevant feature pages;
(2) Email: Send an email to support@gahorouter.com, and indicate "Personal Information Rights Request" in the email subject.

6.9.2 We will respond within fifteen (15) business days of receiving your request. If an extension is required due to the complexity of the situation, we will notify you of the reason for the extension and the estimated response time before the aforementioned period expires; the extension period shall not exceed fifteen (15) business days.

6.9.3 For reasonable requests, we will in principle not charge a fee. However, for repeated requests that exceed reasonable limits, we may charge a reasonable fee as appropriate.

7. Protection of Minors

7.1 This Platform provides services only to enterprise users (including sole proprietorships, small enterprises, medium enterprises, and large enterprises) and does not provide services to individual consumers.

7.2 We will not intentionally collect personal information of minors under the age of fourteen (14). If you are a minor under the age of fourteen (14), please do not register an account on this Platform or provide any personal information to us.

7.3 If we discover that we have collected personal information of a minor under the age of fourteen (14) without first obtaining verifiable consent from a parent or legal guardian, we will take measures to delete the relevant data as soon as possible.

7.4 If you are a parent or legal guardian of a minor under the age of fourteen (14) and you believe that the minor has provided personal information to us, please contact us through the contact methods listed in Article 9 of this Policy, and we will handle it promptly.

8. Updates to This Policy

8.1 In order to provide you with better services, and as laws, regulations, and policies change, we may update this Policy from time to time.

8.2 After this Policy is updated, we will notify you in the following ways:

(1) Publish an update announcement in this Platform's console;
(2) Send an update notice via the email address you provided at registration;
(3) Display a pop-up prompt the next time you log in.

8.3 For material changes (including but not limited to changes in the purpose, method, or category of personal information processed, or material adjustments involving the scope of third-party sharing), we will notify you in a prominent manner and obtain your consent again.

8.4 So-called "material changes" include but are not limited to:

(1) Material changes in our purpose or method of processing personal information;
(2) Material changes in the categories of personal information processed or the retention period of personal information;
(3) Material changes in your rights regarding participation in personal information processing and the ways of exercising them;
(4) Changes in the contact information of the person responsible for personal information protection and the complaint channels;
(5) The personal information protection impact assessment report indicates the existence of high risk.

9. Contact Us

9.1 Beijing Cloudwild Infinity Technology Co., Ltd. has designated a person responsible for personal information protection. If you have any questions, comments, or suggestions about this Policy, or wish to exercise your personal information rights, you may contact us in the following ways:

Email of the Person Responsible for Personal Information Protection: support@gahorouter.com

Email Subject: Please indicate "Personal Information Protection"

Platform Address: console.gahorouter.com

9.2 Under normal circumstances, we will reply within fifteen (15) business days.

9.3 If you are dissatisfied with our reply, particularly when you believe that our handling of personal information has harmed your legitimate rights and interests, you may seek resolution through the following channels:

(1) File a complaint or report with the cyberspace administration department having jurisdiction in the location of this Platform;
(2) File a lawsuit with the people's court having jurisdiction in the location of this Platform.

Beijing Cloudwild Infinity Technology Co., Ltd.

Release Date: June 1, 2026

Effective Date: June 1, 2026

gahorouter Privacy Policy ​

1. Introduction ​

2. Personal Information We Collect ​

2.1 Account Registration Information ​

2.2 Identity and Organization Information ​

2.3 Device and Network Information ​

2.4 Service Usage Information ​

2.5 Financial Information ​

2.6 Customer Service and Feedback Information ​

2.7 Statement on Processing of User Input and Output Content ​

3. How We Use Personal Information ​

3.1 Billing and Settlement ​

3.2 Audit Compliance ​

3.3 Risk Control and Security ​

3.4 Service Quality Monitoring ​

3.5 Troubleshooting ​

3.6 Product Improvement ​

4. Data Storage and Security ​

4.1 Storage Location ​

4.2 Security Measures ​

4.3 Retention Period ​

5. Third-Party Data Sharing ​

5.1 Categories of Third Parties That May Access Your Data ​

5.2 Data Processing Agreements ​

6. Your Rights ​

6.1 Right of Access ​

6.2 Right to Copy ​

6.3 Right to Rectification ​

6.4 Right to Erasure ​

6.5 Right to Withdraw Consent ​

6.6 Right to Account Deregistration ​

6.7 Right to Data Portability ​

6.8 Right to Complain ​

6.9 Methods of Exercising Rights and Response Time Limits ​

7. Protection of Minors ​

8. Updates to This Policy ​

9. Contact Us ​