Skip to main content

Data Retention

The RetentionManager enforces configurable retention policies: 
import { RetentionManager } from "@radaros/core";
import { SqliteStorage } from "@radaros/core";

const retention = new RetentionManager(new SqliteStorage("audit.db"), {
  defaultRetentionDays: 365,
  personalDataRetentionDays: 730,
  anonymizeAfterDays: 180,
  tenantOverrides: {
    "tenant-eu": { retentionDays: 90 },
  },
});

// Purge expired entries
const { purgedCount } = await retention.purge();

// Anonymize old entries (strip PII, keep metadata)
const { anonymizedCount } = await retention.anonymize();

// Check compliance status
const status = await retention.getRetentionStatus();
// { totalEntries, oldestEntry, entriesNeedingPurge, compliant }

Right to Erasure (GDPR Article 17)

The ErasureManager purges all user data across all stores: 
import { ErasureManager } from "@radaros/core";

const erasure = new ErasureManager(storage);

const result = await erasure.eraseUser("user-123");
// {
//   userId: "user-123",
//   erasedAt: Date,
//   stores: [
//     { name: "user-facts", itemsErased: 12 },
//     { name: "sessions", itemsErased: 5 },
//   ],
//   auditEntriesAnonymized: 47
// }
The erasure manager:
  1. Deletes user data from all memory stores (facts, profile, entities, sessions, etc.)
  2. Anonymizes audit entries (regulatory requirement — cannot delete audit trail, but strips PII)
  3. Emits compliance.erasure event

Compliance Reports

Generate structured compliance reports: 
import { ComplianceReporter } from "@radaros/core";

const reporter = new ComplianceReporter(auditLogger, retentionManager);

const report = await reporter.generateReport({
  fromDate: new Date("2025-01-01"),
  toDate: new Date("2025-12-31"),
});

// report.totalEntries
// report.entriesByAction  — { "llm.call": 1234, "tool.exec": 567, ... }
// report.entriesByAgent   — { "support-agent": 800, "sales-agent": 400, ... }
// report.retentionStatus  — { compliant: true, entriesNeedingPurge: 0 }
// report.hashChainIntegrity — { verified: true }

Retention Policy

FieldDefaultDescription
defaultRetentionDays365General log retention
personalDataRetentionDays730PII data retention (GDPR)
anonymizeAfterDaysStrip PII after N days
tenantOverridesPer-tenant retention