Praisma Hub LogoPraisma Hub

4.1.3 Integrations — Data Retention & Deletion — Platform Compliance

Data Retention & Deletion defines how integration-related data is stored, retained, and removed over time. The objective is to balance operational continuity with regulatory compliance and external platform obligations while ensuring transparency and predictability for tenants.

Data Categories

Integration data is classified to apply appropriate retention rules.

Primary categories:

Authentication and authorization metadata

Retrieved content references

Engagement and analytics data

Message and conversation metadata

Raw payloads are retained only where required for audit or retry purposes.

Retention Policies

Retention periods are defined per data category and may be influenced by platform terms or tenant configuration.

Policy characteristics:

Deterministic expiration

Category-specific durations

Tenant-level overrides where permitted

Example policy definition:

RetentionPolicy::define('integration.metrics', days: 365);

Deletion Triggers

Data deletion may be triggered by multiple events.

Common triggers:

User-initiated disconnection

OAuth token revocation

Platform compliance request

Retention period expiration

Deletion processes are explicit and logged.

Deletion Execution

Deletion removes data from active storage and search indexes. Backups follow their own retention lifecycle and are not modified retroactively.

Example deletion job:

IntegrationDataPurger::run($channel->id);

Platform Compliance Requirements

External platforms may impose additional deletion or minimization requirements. These requirements are enforced automatically where applicable.

Compliance guarantees:

Timely deletion on request

Scope-limited removal

No silent data persistence

Audit and Verification

All retention and deletion actions are logged with timestamps and scope identifiers. Logs support regulatory audits and internal verification without exposing content.

Security and Isolation

Retention and deletion processes are tenant-scoped. Data is never removed across tenant boundaries. Access to deletion operations is restricted to authorized roles only.