Glossary

What is zero retention?

Zero retention is a guarantee that raw prompts and responses are never persisted — only structural counters are kept.

Definition

Zero retention is a guarantee that raw prompts and responses are never persisted — only structural counters are kept.

Definition

Zero retention — short definition

Why it matters

Why this matters

Most data-exposure incidents around LLMs are storage incidents — logs, traces or backups containing prompt bodies. Zero retention eliminates that class of risk by design.

Most data-exposure incidents around LLMs are storage incidents — logs, traces or backups containing prompt bodies. Zero retention eliminates that class of risk by design.

How it works

How it works

The application sends a raw prompt to the gateway. The gateway replaces sensitive values with placeholders and forwards the masked prompt to the LLM provider. The provider returns a response with placeholders. The gateway rehydrates placeholders to the original values before returning the response to the application. The provider never sees original values.ApplicationRaw promptPrivian gatewayMask · Route · RehydrateLLM providerSees masked prompt onlypromptmasked promptresponse w/ placeholdersrehydratedBYOK trust boundary
Prompt path through a privacy-first gatewayOriginal values never cross the BYOK boundary.

Framework

Zero retention process

  1. 01

    In-memory only

    Prompts and responses live in the request lifecycle, not in durable storage.

  2. 02

    Structural metrics

    Token counts, latencies and masked entity types are captured instead of bodies.

  3. 03

    Auditable pipeline

    The observability sink rejects any payload that includes raw bodies.

Implementation

Learn how this works in Privian

From definition to implementation, docs and architecture — the same idea at different layers.

FAQ

Frequently asked questions

What is actually stored?
Structural data only: token counts, latency, model identifiers, masked entity types. No prompt or response bodies.
Does zero retention apply to the provider too?
It applies to Privian. Whether the provider retains data depends on their terms and your account configuration with them.
How is zero retention verified?
By auditing the storage layer and the observability pipeline. The gateway has no code path that writes prompt or response bodies to durable storage.

Where to go next

From definition to implementation

This entry is part of the Privian content library. If you are evaluating how this concept is implemented in practice, the links below are the most direct paths.

Related product

Privian LLM Gateway

A privacy-first gateway that keeps no raw prompts or responses — structural counters only.

Open product page →