Security & Data

Privacy, Security, and Data Controls

Retention controls, zero-retention mode, training opt-in, data purge, and enterprise-safe defaults.

10 minUpdated 2026-02-15
Summary

Retention controls, zero-retention mode, training opt-in, data purge, and enterprise-safe defaults.

5 deep-dive sections1 code samples
Quick Start
  1. Pick default retention and privacy mode.
  2. Set webhook secrets and verify signatures.
  3. Limit key scope and rotate periodically.
  4. Run access and data-deletion checks quarterly.

Control matrix

ControlDefaultEffect
Training opt-inOffNo training on prompts/responses unless explicit opt-in
Zero-retention modeOffRetention paths disabled or purged when enabled
Semantic memoryFeature onCross-session recall when retention policy allows
BYOKOptionalProvider-billed traffic when key is active

Retention impact

Standard mode vs zero-retention
Standard
  • Usage logs retained
  • Optional semantic memory
  • No training unless opt-in
Zero-retention
  • Prompt/response text redacted
  • Memory entries unavailable
  • Training opt-in forced off

Managing privacy settings

Toggle controls via PUT /api/v1/settings/privacy:

{
  "zero_retention_mode": true,
  "data_training_opt_in": false,
  "purge_existing_data": true
}
  • zero_retention_mode — when enabled, all new requests skip prompt/response storage and semantic memory
  • data_training_opt_in — explicit consent for training data collection (auto-disabled when zero-retention is on)
  • purge_existing_data — when enabling zero-retention, purge previously stored data

Check current settings with GET /api/v1/settings/privacy.

Data purge

When you enable zero-retention mode with purge_existing_data: true, the following data is permanently removed:

  • Semantic memories — all vector embeddings deleted
  • Training samples — all opted-in training data deleted
  • Request logs — prompt and response text redacted (metadata preserved for billing)
  • Conversations — titles scrubbed

The API returns a count of affected records so you can verify the purge was complete.

Enterprise baseline checklist

  1. Enable zero-retention for regulated workloads.
  2. Keep training opt-in disabled by default.
  3. Rotate API and webhook secrets on a schedule.
  4. Use BYOK when customer contract requires provider-direct billing.
  5. Verify purge counts after enabling zero-retention.
Practical policy

LLMWise does not train on user prompts/responses by default. If teams enable opt-in, scope and consent should be explicit and auditable.

Semantic memory APIAuthentication and keysWebhooks and sync
Docs Assistant

ChatKit-style guided help

Product-scoped assistant for LLMWise docs and API usage. It does not answer unrelated topics.

Sign in to ask implementation questions and get runnable snippets.

Sign in to use assistant
Previous
Rate Limits and Reliability
Next
Semantic Memory API Reference