How OpenRouter Manages Data Policies
OpenRouter works with providers to understand each of their data policies and structures the policy data in a way that gives you control over which providers you want to route to. Note that a provider’s general policy may differ from the specific policy for a given endpoint. OpenRouter keeps track of the specific policy for each endpoint, works with providers to keep these policies up to date, and in some cases creates special agreements with providers to ensure data retention or training policies that are more privacy-focused than their default policies.If OpenRouter is not able to establish or ascertain a clear policy for a provider or endpoint, we take a conservative stance and assume that the endpoint both retains and trains on data and mark it as such.
Per-Model-Group ZDR Enforcement
Rather than a single global toggle, OpenRouter lets you enforce ZDR independently for different model groups. This is available in both your account-level privacy settings and in guardrails. The four model group scopes are:| Model group | Effect when enabled |
|---|---|
| Anthropic | Removes first-party Anthropic endpoints (Bedrock and Vertex remain available) |
| OpenAI | Removes first-party OpenAI endpoints (Azure remains available) |
| Removes AI Studio endpoints (Vertex remains available) | |
| Non-frontier | Removes all other non-ZDR endpoints |
Account-level settings
In your privacy settings, each model group has its own toggle. Enabling a scope restricts all your requests to ZDR endpoints for that model group.Guardrail-level settings
When creating or editing a guardrail, you can set ZDR independently for each model group. This lets you apply different ZDR policies to different API keys or organization members. In the API, these are represented as separate fields on the guardrail object:| Field | Description |
|---|---|
enforce_zdr_anthropic | Enforce ZDR for Anthropic endpoints |
enforce_zdr_openai | Enforce ZDR for OpenAI endpoints |
enforce_zdr_google | Enforce ZDR for Google endpoints |
enforce_zdr_other | Enforce ZDR for non-frontier endpoints |
The legacy
enforce_zdr field is deprecated. When provided, its value is copied into any per-model-group fields that are not explicitly set on the request. Use the per-model-group fields directly for new integrations.Per-Request ZDR Enforcement
In addition to account-level and guardrail-level settings, you can enforce Zero Data Retention on a per-request basis using thezdr parameter in your API calls.
The request-level zdr parameter operates as an “OR” with your account-wide and guardrail ZDR settings — if any is enabled, ZDR enforcement will be applied. This means the per-request parameter can only be used to ensure ZDR is enabled for a specific request, not to override or disable account-wide or guardrail enforcement.
This is useful for customers who don’t want to globally enforce ZDR but need to ensure specific requests only route to ZDR endpoints.
Usage
Include thezdr parameter in your provider preferences:
zdr is set to true, the request will only be routed to endpoints that have a Zero Data Retention policy. When zdr is false or not provided, ZDR enforcement still applies if enabled in your account or guardrail settings.