Data Retention & Deletion
Last updated: 2026-07-10
Privatedec is designed with data minimization in mind. Retention defaults can be adjusted by the deployment owner.
At a glance
Short defaults
Retention is designed to minimize long-term storage of sensitive data.
User deletion
Users can delete sessions and associated stored objects from the app.
Metadata retention
Limited session metadata may remain longer for audit and reporting.
Default Retention
- Original uploads: 7 days (typical default for sensitive healthcare workflows).
- Anonymized results: 30 days.
- Session metadata: up to 365 days.
User-Controlled Deletion
- You can delete a session at any time from the session or results pages.
- Deletion attempts to remove stored objects (original and result) and then remove the database record.
What Happens When Data Expires
- Original files may be removed after the original retention window ends.
- Anonymized result files may be removed after the result retention window ends.
- When files expire, the application may continue to retain limited session metadata for audit and reporting purposes.