Legal

Privacy Policy

Plain-language privacy practices. Last updated May 2026.

Never used to train models
Routed by privacy tier
US & EU region routing
01

Data we collect

Account info (email, name), batch metadata (item counts, timing, status), and billing records. Batch item payloads are processed but never used to train models.

02

How we use it

To route, retry, deliver, and settle batches. To send transactional emails. To operate fraud and abuse controls. Never to train models, never sold.

03

Providers

Customer payloads are forwarded only to providers selected by routing. Provider privacy posture (ZDR, data retention, region) is matched against the batch's privacy tier before dispatch.

04

Retention

Item payloads are deleted 30 days after batch terminal state. Receipts and accounting records are retained for 7 years where required by the Swedish Bookkeeping Act (Bokföringslagen) and tax law — a legal-obligation basis under GDPR Art. 6(1)(c). This statutory retention overrides erasure requests only to the extent legally required; all other personal data is deleted or anonymised on request.

05

Your rights

Export, correction, deletion, and objection requests honored within 30 days under GDPR and CCPA, except where we are legally required to retain certain records (see Retention). Email privacy@batchrouter.com.

06

Subprocessors

Cloudflare (compute, storage), Stripe (payments), Resend (email). See the full sub-processor list on our Legal page.

07

Cookies & tracking

Strictly-necessary cookies keep you signed in and run the product; optional analytics cookies are set only if you choose “Accept all” in the cookie banner. Your consent choice is stored in your browser. We set no advertising or cross-site tracking cookies, and you can change your choice anytime via the banner.

Exercising a data right?

GDPR and CCPA requests are honored within 30 days — email privacy@batchrouter.com.