Privacy Policy

Last updated: March 21, 2026

Overview

Manifest ("we", "us", "our") is an open source LLM routing platform. We are committed to protecting your privacy. This policy explains what data we collect, why we collect it, and how we handle it.

Our architecture

Manifest is designed with privacy as a core principle. The routing engine analyzes query complexity entirely on your machine. It never sends the content of your prompts or responses to our servers.

  • Local version: All routing and telemetry stays on your machine. No data is sent to Manifest.
  • Cloud version: Uses a blind proxy that forwards requests to LLM providers without reading their content. We collect only metadata (token counts, model used, cost, timestamps).

Data we collect

Account data

When you create a Manifest account, we collect your email address and display name to provide and manage your account.

Usage telemetry (cloud version only)

When using the cloud version, we collect metadata about your LLM requests using the OpenTelemetry standard:

  • Token counts (input and output)
  • Model and provider used
  • Request cost
  • Timestamps and latency
  • Routing decisions (which tier was selected)

We do not collect the content of your prompts, responses, or any data processed by the LLM.

Website analytics

We use Vercel Analytics to collect anonymous, aggregated website usage data (page views, referrers). No personal identifiers are tracked.

How we use your data

  • To provide and maintain the Manifest service
  • To display your cost and usage dashboards
  • To improve routing accuracy and performance
  • To communicate service updates (if you opt in)

Data sharing

We do not sell your data. We do not share your data with third parties except:

  • LLM providers (Anthropic, OpenAI, etc.) receive only the requests you explicitly route through them
  • Infrastructure providers (hosting, databases) process data on our behalf under strict confidentiality agreements

Data retention

Telemetry data is retained for 90 days by default. Account data is retained until you delete your account. You can request data deletion at any time.

Security

All data in transit is encrypted via TLS. Account credentials are hashed. The blind proxy architecture means we cannot access your prompt content even if our systems were compromised.

Your rights

You have the right to:

  • Access the data we hold about you
  • Request correction or deletion of your data
  • Export your telemetry data
  • Use the fully local version with zero data sent to Manifest

Open source

Manifest is open source. You can inspect exactly how data is handled in our GitHub repository.

Contact

For privacy questions or data requests, reach out on our Discord or open an issue on GitHub.

Changes to this policy

We may update this policy from time to time. Changes will be posted on this page with an updated revision date.