What we keep, and for how long
| Data type | Default retention | Notes |
|---|---|---|
| Conversation messages | Indefinite while account active | Cleared on account deletion |
| Memories (vector + structured) | Indefinite while account active | You can delete individually |
| Records | Indefinite while account active | Or until you archive/delete |
| Attachments (images, PDFs) | Indefinite while account active | Cleared on account deletion |
| OAuth tokens | Until you revoke | Encrypted at rest |
| BYOK keys | Until you revoke | Encrypted at rest |
| Audit logs | 13 months | Required for security/compliance |
| Usage logs (credits) | 25 months | Required for billing reconciliation |
| Backups | 7 days rolling | Supabase standard |
What's never kept
- LLM provider doesn't see your data beyond inference (per their contract terms).
- We don't train models on conversation data.
- Browser session cookies (cleared every session unless you explicitly saved login).
- Voice raw audio (kept only briefly for transcription; transcript persists).
Account deletion
Settings › Account › Delete Account. Within 30 days:
- Conversations, memories, records, attachments — purged.
- OAuth tokens — revoked at the provider and overwritten locally.
- BYOK keys — overwritten with zeroes.
- User row in DB — removed.
- Backups containing your data — naturally roll off within 7 days.
Audit logs are retained for security/compliance purposes per the table above; they don't contain conversation content, only metadata (action, time, target).
Right-to-be-forgotten requests
Email privacy@niyra.ai. We confirm within 48 hours and complete within 30 days. GDPR and India DPDP-aligned process.