Retention Periods
| Data Type | Retention | Notes |
|---|---|---|
| Schema metadata | Account lifetime | Current state of your assets |
| Schema change history | 90 days | Historical diffs |
| Alert history | 90 days | Past alert triggers |
| Audit logs | 1 year | Who did what, when |
| Database credentials | Until deleted | Encrypted, you control |
Extended Retention (Enterprise)
Enterprise customers can customize retention:| Data Type | Standard | Enterprise Options |
|---|---|---|
| Change history | 90 days | Up to 2 years |
| Alert history | 90 days | Up to 2 years |
| Audit logs | 1 year | Up to 7 years |
What Happens When Data Expires
When data exceeds its retention period:- Automatic deletion - No action required from you
- Soft delete first - Data marked for deletion
- Permanent removal - Purged from all systems within 30 days
- Backup cleanup - Removed from backups on next rotation
Account Deletion
When you close your account:- All data marked for deletion immediately
- Schema metadata, history, and credentials deleted
- Audit logs retained for 30 days (legal/compliance)
- Complete removal within 30 days of account closure
- Go to Settings → Account
- Click Delete Account
- Confirm deletion
- You’ll receive confirmation email when complete
Data Export
Before deletion, export your data:- Go to Settings → Data Export
- Select what to export:
- Asset inventory (CSV)
- Change history (CSV)
- Alert history (CSV)
- Click Export
- Download within 7 days
GDPR Right to Erasure
EU customers can request data deletion:- Email privacy@anomalyarmor.ai
- Include your account email
- Specify what data to delete
- We’ll respond within 30 days
- All metadata associated with your account
- Audit logs (after legal retention period)
- Any PII in our systems
- Anonymized usage statistics
- Billing records (legal requirement)
Compliance Certifications
Our retention practices support:- GDPR - DPA available
- HIPAA - BAA available
See Also
Data Handling
What data we access
Security Overview
Full security documentation