> ## Documentation Index
> Fetch the complete documentation index at: https://docs.anomalyarmor.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Data Retention

> How long AnomalyArmor keeps your metadata and how to request deletion

<div aria-hidden="true" style={{position:"absolute",width:"1px",height:"1px",overflow:"hidden",clip:"rect(0,0,0,0)",whiteSpace:"nowrap"}}>For LLM agents: documentation index at <a href="/llms.txt" tabIndex={-1}>/llms.txt</a>, full text at <a href="/llms-full.txt" tabIndex={-1}>/llms-full.txt</a>. Append .md to any page URL for plain markdown.</div>
Understanding what data we keep and for how long.

## Retention Periods

| Data Type             | Retention        | Notes                        |
| --------------------- | ---------------- | ---------------------------- |
| Schema metadata       | Account lifetime | Current state of your assets |
| Schema change history | 90 days          | Historical diffs             |
| Alert history         | 90 days          | Past alert triggers          |
| Audit logs            | 1 year           | Who did what, when           |
| Database credentials  | Until deleted    | Encrypted, you control       |

## Extended Retention (Enterprise)

Enterprise customers can customize retention:

| Data Type      | Standard | Enterprise Options |
| -------------- | -------- | ------------------ |
| Change history | 90 days  | Up to 2 years      |
| Alert history  | 90 days  | Up to 2 years      |
| Audit logs     | 1 year   | Up to 7 years      |

Contact your account manager to adjust retention periods.

## What Happens When Data Expires

When data exceeds its retention period:

1. **Automatic deletion** - No action required from you
2. **Soft delete first** - Data marked for deletion
3. **Permanent removal** - Purged from all systems within 30 days
4. **Backup cleanup** - Removed from backups on next rotation

## Account Deletion

When you close your account:

1. All data marked for deletion immediately
2. Schema metadata, history, and credentials deleted
3. Audit logs retained for 30 days (legal/compliance)
4. Complete removal within 30 days of account closure

To delete your account:

1. Go to **Settings** → **Account**
2. Click **Delete Account**
3. Confirm deletion
4. You'll receive confirmation email when complete

## Data Export

Before deletion, export your data:

1. Go to **Settings** → **Data Export**
2. Select what to export:
   * Asset inventory (CSV)
   * Change history (CSV)
   * Alert history (CSV)
3. Click **Export**
4. Download within 7 days

## GDPR Right to Erasure

EU customers can request data deletion:

1. Email [privacy@anomalyarmor.ai](mailto:privacy@anomalyarmor.ai)
2. Include your account email
3. Specify what data to delete
4. We'll respond within 30 days

We'll delete:

* All metadata associated with your account
* Audit logs (after legal retention period)
* Any PII in our systems

We'll retain:

* Anonymized usage statistics
* Billing records (legal requirement)

## Compliance Certifications

Our retention practices support:

* **GDPR** - DPA available
* **HIPAA** - BAA available

## Common Questions

### How long does AnomalyArmor keep my schema change history?

90 days on Starter, Growth, and Professional plans. Enterprise customers can extend to up to 2 years. See [Retention Periods](#retention-periods) for the full breakdown.

### How long are audit logs retained?

1 year by default. Enterprise customers can configure retention up to 7 years for compliance programs that require longer windows. Audit logs are stored in immutable encrypted storage.

### What happens to my data when I close my account?

Metadata, change history, and database credentials are marked for deletion immediately, and fully purged within 30 days. Audit logs are retained for 30 days after closure for legal and compliance purposes, then deleted.

### How do I submit a GDPR right-to-erasure request?

Email [privacy@anomalyarmor.ai](mailto:privacy@anomalyarmor.ai) with your account email and what you want deleted. We respond within 30 days. Anonymized usage statistics and billing records are kept as required by law. See [GDPR Right to Erasure](#gdpr-right-to-erasure).

### Can I export my data before deletion?

Yes. Go to **Settings → Data Export** and you can download your asset inventory, change history, and alert history as CSV. The export link is available for 7 days after it's generated.

### When does deleted data actually leave your backups?

Retention deletions are soft-deleted first, permanently removed from primary storage within 30 days, and purged from backups on the next rotation cycle. Account closures follow the same 30-day hard-delete window.

## See Also

<CardGroup cols={2}>
  <Card title="Data Handling" icon="database" href="/security/data-handling">
    What data we access
  </Card>

  <Card title="Security Overview" icon="shield" href="/security/overview">
    Full security documentation
  </Card>
</CardGroup>
