Name: Moji Router
Availability: PreOrder
Author: Frequency AI Ltd

Who We Are

Moji Router is operated by Frequency AI Ltd ("we", "us", "our"), a company registered in England and Wales (Company number 16990328), with its registered office at 71-75 Shelton Street, Covent Garden, London WC2H 9JQ, United Kingdom.

For your account and contact data, we are the data controller. For the inference traffic we route on your behalf, you are the controller and we act as your processor under a data processing agreement. This policy explains what we collect, why, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Our Approach to Privacy

Moji Router sits between your application and the AI providers you already use, and routes each request to where it runs for less. We collect only what is necessary to route your traffic, prove the saving, and bill for it. We do not train on your content, and we do not sell it.

What We Collect

Account and Contact Data

When you set up an account, we collect your work email, name, and organisation, and the configuration you provide so we can route your traffic. We use this to operate your account, support you, and contact you about the service.

Routed Traffic

To route a request, we receive it in transit and forward it to the provider you have configured, then return the response to you. The content of these requests and responses is processed on your behalf as your processor:

Request content is held only for as long as needed to route it and return the response
We hold session state for the length of a conversation so we can route it well, and use that state only for routing
Content is encrypted in transit
We do not use your content to train models, and we do not sell or share it for any purpose beyond delivering the routing you have asked for
Any retention beyond live routing (for example, a short error log) is minimised and configurable in your agreement

Routing and Billing Metadata

To route well and to measure the saving and bill for the service, we record metadata about each request: token counts, which model and provider handled it, cache hit and miss rates, timing, and cost. This metadata describes how a request was handled, not what it contained.

Calibration and Traffic Samples

Before you commit, we model the saving on a calibration sample of your traffic, with your permission and under agreement. The sample is used to tune the router to your workflow and to produce the measured estimate, handled under the same processor terms, and deleted once the measurement is complete unless you ask us to keep it.

Waitlist Data

If you ask us to estimate your saving or join our list through the website, we store your email for the sole purpose of getting back to you. This data is retained for a maximum of 24 months and is not shared with third parties.

What We Do Not Do

We do not train models on your content
We do not sell, rent, or trade your personal data or your content
We do not use third-party advertising networks, tracking pixels, or advertising cookies
We do not read your content for any purpose other than routing the request you sent

Lawful Bases for Processing

We process personal data under the following lawful bases:

Contract: processing your account data and routing your traffic is necessary to provide the service you have signed up for
Legitimate interest: processing routing and billing metadata to operate, secure, and improve the service, with safeguards to minimise impact on your rights
Consent: storing your email on our list and sampling your traffic for a measurement, each of which you can withdraw at any time

Controller and Processor Roles

Where your routed traffic contains personal data, you are the controller and we are your processor. We process that data only on your documented instructions, as set out in our data processing agreement. You remain responsible for the lawful basis on which you collected it and for the notices you give to the people it concerns.

Data Sharing

We forward your requests to the AI providers you configure, so that those providers can serve the response. We also work with a small number of infrastructure providers who help us run the service, under strict data processing agreements. We may disclose data when required by law, regulation, or valid legal process.

International Data Transfers

Your data may be processed in jurisdictions outside the United Kingdom, including the United States, depending on the providers and infrastructure involved. Where such transfers occur, they are protected by appropriate safeguards including Standard Contractual Clauses (SCCs) or equivalent mechanisms recognised under UK GDPR.

Data Retention

Account and contact data: retained for the lifetime of your account
Routed content: held only for the duration of routing each request; not retained as a record of your content
Routing and billing metadata: retained as needed to bill, support, and secure the service
Traffic samples: deleted once the measurement is complete, unless you ask us to keep them
Waitlist entries: retained for a maximum of 24 months
Account deletion: all personal data we control is permanently removed within 30 days

Your Rights

Under UK GDPR, you have the right to:

Access your personal data and receive a copy
Rectify inaccurate or incomplete personal data
Erase your personal data ("right to be forgotten")
Restrict processing of your personal data
Data portability: receive your data in a structured, machine-readable format
Object to processing based on legitimate interest
Withdraw consent at any time where processing is based on consent

For account and contact data we control, contact us at [email protected] and we will respond within one month as required by UK GDPR. Where a request concerns personal data inside the traffic we route for a customer, that customer is the controller, and we will support their handling of your request.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Cookies

Our website uses only the essential cookies and local storage it needs to function. We do not use advertising cookies, tracking cookies, or any third-party cookies.

Children

Moji Router is a service for businesses and is not directed at children under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe a child under 16 has provided us with personal data, please contact us and we will delete it promptly.

Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via email or a notice on the service at least 14 days before they take effect. Continued use of Moji Router after changes constitutes acceptance of the updated policy.

Contact

For privacy-related enquiries:
[email protected]

Frequency AI Ltd
71-75 Shelton Street, Covent Garden
London WC2H 9JQ, United Kingdom