ParrotRouter LogoParrotRouter
Feature

Privacy and Logging

Enterprise-grade privacy controls and comprehensive logging for compliance

Privacy First Architecture

ParrotRouter is designed with privacy at its core. We never store or train on your data, and provide granular controls for enterprise compliance requirements.

Zero Data Retention

Your prompts and completions are never stored by default

End-to-End Encryption

All data in transit encrypted with TLS 1.3

No Training on Your Data

Your data is never used to train AI models

Logging Options

Control exactly what gets logged for debugging, compliance, and analytics:

Configure Loggingpython
from openai import OpenAI

client = OpenAI(
    base_url="https://api.parrotrouter.com/v1",
    api_key="your-api-key"
)

# Minimal logging - only errors
response = client.chat.completions.create(
    model="gpt-4-turbo-preview",
    messages=[{"role": "user", "content": "Hello"}],
    extra_headers={
        "X-Logging-Level": "error",
        "X-Log-Request": "false",
        "X-Log-Response": "false"
    }
)

# Full logging for debugging
response = client.chat.completions.create(
    model="gpt-4-turbo-preview",
    messages=[{"role": "user", "content": "Debug this"}],
    extra_headers={
        "X-Logging-Level": "debug",
        "X-Log-Request": "true",
        "X-Log-Response": "true",
        "X-Log-Metadata": "true"
    }
)

# Compliance logging - metadata only
response = client.chat.completions.create(
    model="gpt-4-turbo-preview",
    messages=[{"role": "user", "content": "Process payment"}],
    extra_headers={
        "X-Logging-Level": "info",
        "X-Log-Request": "false",
        "X-Log-Response": "false",
        "X-Log-Metadata": "true",
        "X-Log-User-ID": "user-123",
        "X-Log-Session-ID": "session-456"
    }
)

Logging Levels

Error
Default level

Only logs errors and failures. No request/response content is stored.

{
  "timestamp": "2024-01-15T10:30:00Z",
  "level": "error",
  "request_id": "req_abc123",
  "error": "Model timeout",
  "status_code": 504,
  "model": "gpt-4-turbo-preview"
}
Info
Metadata logging

Logs request metadata without content. Useful for analytics and billing.

{
  "timestamp": "2024-01-15T10:30:00Z",
  "level": "info",
  "request_id": "req_abc123",
  "model": "gpt-4-turbo-preview",
  "tokens": {
    "prompt": 150,
    "completion": 200,
    "total": 350
  },
  "latency_ms": 1234,
  "user_id": "user-123",
  "status_code": 200
}
Debug
Full logging

Complete logging including request/response content. Use only for debugging.

{
  "timestamp": "2024-01-15T10:30:00Z",
  "level": "debug",
  "request_id": "req_abc123",
  "request": {
    "model": "gpt-4-turbo-preview",
    "messages": [
      {"role": "user", "content": "Hello"}
    ],
    "temperature": 0.7
  },
  "response": {
    "choices": [{
      "message": {
        "role": "assistant",
        "content": "Hello! How can I help you today?"
      }
    }]
  },
  "metadata": {
    "tokens": {"prompt": 10, "completion": 15},
    "latency_ms": 456
  }
}

Data Retention Policies

Standard Tier

  • Error logs: 30 days retention
  • Metadata logs: 90 days retention
  • No content logging by default
  • Automatic deletion after retention period

Enterprise Tier

  • Customizable retention periods
  • Bring your own storage (S3, GCS)
  • Custom encryption keys
  • Audit logs with immutability

Compliance Features

GDPR Compliance

Full support for GDPR requirements including data portability and right to deletion.

# Request data deletion
import requests

response = requests.post(
    "https://api.parrotrouter.com/v1/privacy/delete",
    headers={
        "Authorization": "Bearer your-api-key",
        "Content-Type": "application/json"
    },
    json={
        "user_id": "user-123",
        "delete_type": "all",  # or "logs_only"
        "reason": "user_requested"
    }
)

# Export user data
response = requests.post(
    "https://api.parrotrouter.com/v1/privacy/export",
    headers={
        "Authorization": "Bearer your-api-key",
        "Content-Type": "application/json"
    },
    json={
        "user_id": "user-123",
        "format": "json",  # or "csv"
        "include_logs": True
    }
)

PCI DSS Support

Automatic PII detection and masking for payment card data.

# Enable PII masking
response = client.chat.completions.create(
    model="gpt-4-turbo-preview",
    messages=[{
        "role": "user", 
        "content": "Process payment for card 4111-1111-1111-1111"
    }],
    extra_headers={
        "X-PII-Detection": "true",
        "X-PII-Masking": "true",
        "X-PII-Types": "credit_card,ssn,email"
    }
)

# Logged as: "Process payment for card ****-****-****-1111"

HIPAA Compliance

Healthcare data protection with audit trails and encryption.

# HIPAA-compliant request
response = client.chat.completions.create(
    model="gpt-4-turbo-preview",
    messages=[{
        "role": "user", 
        "content": "Summarize patient symptoms"
    }],
    extra_headers={
        "X-Compliance-Mode": "HIPAA",
        "X-Audit-User": "dr-smith-123",
        "X-Audit-Reason": "patient-consultation",
        "X-Encryption": "AES-256-GCM"
    }
)

Best Practices

  • 1.
    Minimize Logging

    Only log what's necessary for your use case

  • 2.
    Use Metadata Instead of Content

    Track requests with IDs and metadata rather than full content

  • 3.
    Implement Client-Side Encryption

    Encrypt sensitive data before sending to any API

  • 4.
    Regular Audit Reviews

    Periodically review logs and access patterns

Related Features

API Key Management

Secure key provisioning and rotation

Enterprise Security

Advanced security features

Authentication

Secure API authentication