How your data flows through BrainstormRouter
BrainstormRouter is a BYOK AI gateway. Understanding what happens to your data at each stage is important.
Request lifecycle
Ingress. Your request arrives over HTTPS (TLS 1.2+). The gateway authenticates your br_live_ key, checks rate limits and budget constraints, determines routing strategy.
Routing. The router selects the optimal provider and model based on Thompson sampling scores, complexity assessment, cost/quality frontiers, and your configuration. Content is read to assess complexity; not stored at this stage.
Provider call. The request is forwarded to your chosen AI provider using your own API key (stored encrypted in the Virtual Key Vault). BrainstormRouter acts as a transparent proxy — the provider sees your key and bills you directly.
Response. Streamed back to you. Metadata (model, tokens, latency, estimated cost, validity score) is recorded for your usage dashboard.
Caching (optional). If semantic caching is enabled, a hash of the request is stored in Redis with the response. Subsequent similar requests may be served from cache. Cache entries expire automatically.
Data categories & retention
| Category | Encryption | Retention |
|---|---|---|
| Account (name, email) | at rest | until deletion |
| Provider API keys | app-level + at rest | until you delete |
| Gateway API keys | hashed only, at rest | until revoked |
| Request content | cache only, at rest | cache TTL |
| Usage metadata | at rest | 90 days |
| Memory (if enabled) | at rest | until you clear |
What we never do
- • Train models on your data.
- • Sell or share your data with third parties.
- • Access your provider accounts beyond routing requests.
- • Store provider API keys in plaintext after initial encryption.
- • Log request/response content to persistent storage (except cache).
Tenant isolation
All data is scoped to your tenant. Row-level security (RLS) in PostgreSQL ensures that one tenant cannot access another's data. Provider keys, usage records, memory, and configuration are fully isolated.
Semantic cache
When enabled, the semantic cache uses pgvector embeddings (OpenAI text-embedding-3-small) to detect similar requests. 0.9 cosine similarity threshold — only near-identical requests hit. PostgreSQL (pgvector) + in-memory LRU. TTL configurable per tenant. LRU eviction. Model-agnostic: an auto request can serve a cached gpt-4o response if semantically identical.
Memory retention
The Relational Memory Manager stores memories in 4 blocks: Human (user preferences, corrections), System (config, constraints, rules), Project (goals, decisions, context), General (shared knowledge, facts). Session-isolated by default. Nightly synthesis compacts memories into durable knowledge (configurable). All memory operations logged to audit trail. View, search, delete via dashboard or MCP tools.
PII scanning
The streaming firewall scans request content for PII before forwarding to providers. Detection includes email addresses, phone numbers, credit card numbers, SSNs, and other patterns. When PII is detected, the request is blocked or redacted based on your tenant configuration.
Data deletion
Delete individual provider keys and API keys through the dashboard at any time. For full account deletion, contact hello@brainstormrouter.com. All associated data will be permanently removed within 30 days.