coulomb/the-custodian
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
65152e25ea9ef4e6ed026db4e7ff7dcc8601b7fd
the-custodian/canon/tpsc/openrouter-api.yaml
tegwick c7a893f068 feat(tpsc): Third-Party Services Catalog (CUST-WP-0023) 
Introduces TPSC for tracking external service dependencies with GDPR
compliance maturity (CNIL/IAPP CMMI scale), pricing model, ToS, and
data retention information across all repos.

Primary data:
- canon/tpsc/{openai,anthropic,gemini,openrouter}-api.yaml — service definitions
- tpsc.yaml in each repo (llm-connect seeded with 4 services)

State-hub additions:
- Migration j7e8f9a0b1c2: tpsc_catalog + tpsc_snapshots + tpsc_entries
- api/models/tpsc.py, api/schemas/tpsc.py, api/routers/tpsc.py
- /tpsc/catalog/, /tpsc/ingest/, /tpsc/snapshots/, /tpsc/report/gdpr endpoints
- 4 MCP tools: register_service, list_services, ingest_tpsc_tool, get_gdpr_report
- scripts/ingest_tpsc.py + make ingest-tpsc[/-all] targets
- Dashboard: tpsc.md page + docs/tpsc.md

GDPR maturity scale: unknown | non_compliant | initial | developing | defined | managed | certified
Warnings triggered at: unknown, non_compliant, initial

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-03-20 00:15:26 +01:00

28 lines
1.2 KiB
YAML
Raw Blame History

slug: openrouter-api
name: OpenRouter API
provider: OpenRouter, Inc.
category: llm_routing
website_url: https://openrouter.ai
pricing_model: usage_based
gdpr_maturity: initial
gdpr_notes: >
OpenRouter is a US-based routing proxy for multiple LLM providers.
Privacy policy exists but as of early 2026 no formal DPA or SCCs are
publicly available. Requests are forwarded to underlying providers
(OpenAI, Anthropic, Google, Mistral, etc.) each with their own data
handling. GDPR compliance is therefore dependent on both OpenRouter
and the selected downstream model provider. Not recommended for
processing personal data in corporate/regulated environments without
a signed DPA. Suitable for development, prototyping, model comparison.
Reference: https://openrouter.ai/privacy
dpa_available: false
tos_url: https://openrouter.ai/terms
privacy_policy_url: https://openrouter.ai/privacy
data_processing_regions:
- us
data_retention_notes: >
Requests forwarded to upstream providers. OpenRouter may log requests
for billing and abuse prevention. Retention policy not formally published.
Downstream provider retention policies apply per selected model.
status: active
Reference in New Issue View Git Blame Copy Permalink