Data Privacy & Compliance
Eloquent is designed with data isolation, automatic retention policies, and clear data lifecycle management. This guide covers how long data is kept, how it's protected, and how to manage it.
Data Retention
| Data Type | Default Retention | Auto-Purge |
|---|---|---|
| Chat messages | 10 days | Yes — automatically deleted after expiry |
| Agent context | 30 days | Yes — automatically deleted after expiry |
| Audit trail | 30 days | Yes |
| Job execution history | 7 days | Yes |
| User profiles | Permanent | No — manual deletion via Admin App |
| Entity records | Permanent | No — soft delete supported |
| Uploaded documents | Permanent | No — manual deletion |
| Knowledge graph data | Permanent | No — deleted with organization |
| Analytics | 30+ days | Configurable |
Chat messages and agent context are the primary ephemeral data types. They are automatically purged after their TTL expires with no manual intervention required.
For organizations that require longer chat retention, the platform can archive conversations before expiry.
Data Isolation
Every organization's data is fully isolated. A request from Organization A can never read, write, or even discover data belonging to Organization B.
Isolation is enforced at every layer:
- API Gateway — JWT claims bind every request to a specific organization
- Databases — dedicated schemas and databases per organization
- File storage — separate containers per organization
- Cache — isolated key space per organization
User-Uploaded Files & Document Libraries
File Uploads
Users can upload files (PDF, Word, images, etc.) through chat conversations and agent interactions. Uploaded files are:
- Stored in cloud object storage (Azure Blob or S3-compatible), isolated per organization
- Processed automatically for text extraction and AI analysis
- Indexed into the organization's knowledge graph for semantic search
- Retained permanently until manually deleted by an administrator or user
Document Libraries
Organizations can create curated document libraries — collections of policies, procedures, compliance documents, and reference material. These libraries:
- Are scoped to the organization and only accessible by its members
- Power agent knowledge — agents reference library documents when answering questions
- Support versioning — updated documents replace previous versions in the knowledge graph
- Can be managed by organization admins through the platform UI
Data Flow for Documents
- Upload — file stored in isolated cloud storage
- Processing — text extraction, chunking, and embedding generation
- Indexing — content indexed into the organization's knowledge graph
- Search & retrieval — agents and users can query documents via semantic search
Deletion
- Deleting a file removes it from cloud storage and the knowledge graph
- Deleting an organization removes all associated files and indexed content
- File deletion is permanent and cannot be undone
Encryption
In Transit
- All client-to-gateway traffic uses HTTPS/TLS
- Database connections use TLS
- Internal service-to-service traffic runs within the Kubernetes network
At Rest
- All persistent data is encrypted using cloud-provider disk encryption (e.g., Azure Disk Encryption, GCP CMEK, AWS EBS Encryption)
- Cloud storage (Azure Blob, S3) uses server-side encryption
Encryption at rest relies on your cloud provider's storage encryption. Ensure encryption is enabled on the persistent volumes and storage accounts used by the platform.
Data Deletion
Organization Deletion
Deleting an organization permanently removes all associated data — database schemas, analytics data, cached data, and all related entries across the platform.
Cloud storage objects for that organization should be manually cleaned up.
This is irreversible. Back up data before deletion if retention is required.
User Deletion
Two options are available:
| Action | Scope | Effect |
|---|---|---|
| Remove from organization | Single org | User loses access to this org but retains their account and access to other orgs |
| Delete completely | All orgs | User account is permanently deleted from all organizations |
Complete deletion removes the user from all organization memberships and deletes their profile data.
Right to Erasure
To fulfill a data erasure request:
- User profile — delete the user completely from the Admin App
- Chat history — auto-purged after 10-day TTL; contact the Eloquent team for immediate removal
- Agent context — auto-purged after 30-day TTL
- Uploaded documents — delete from cloud storage and remove knowledge graph entries
- Entity records — delete any entity records associated with the user
PII Handling
| Data Type | Retention | Notes |
|---|---|---|
| User profile (name, email) | Until user deletion | Core account data |
| Chat messages | 10-day TTL | May contain user-entered PII |
| Agent context | 30-day TTL | May contain conversation PII |
| Uploaded documents | Permanent | May contain document PII |
| Analytics | 30+ days | Aggregated metrics, minimal PII |
Chat content is the primary area where user-entered PII may appear. The 10-day TTL ensures this data is automatically purged. Organizations requiring immediate chat deletion should contact the Eloquent support team.