> ## Documentation Index
> Fetch the complete documentation index at: https://docs.velatir.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Data Privacy

> How Velatir protects your data by default, with scrubbing, audit logs, and access controls.

## Privacy by Default

Velatir is built so that privacy is the starting point, not an afterthought. Session content is scrubbed unless you choose to keep it, every action is recorded in an audit trail, and you control who can access your account, including Velatir's own team.

## Session Content

By default, Velatir does not store the content of prompts and responses. It keeps the context it needs to monitor and report, such as which service was used and what an agent decided, without retaining the raw content people typed.

<AccordionGroup>
  <Accordion title="Scrubbed by default" icon="eraser">
    Out of the box, session content is removed before it is stored. You get full governance and compliance without holding raw user data.
  </Accordion>

  <Accordion title="Opt in to keep it" icon="archive">
    If your compliance needs call for access to session content, you can turn on **Save session data** at the organisation level and set a **retention period** after which it is deleted automatically.
  </Accordion>
</AccordionGroup>

See [Data storage & encryption](/security/data-storage-and-encryption) for what is stored and how it is protected when you keep it.

## Configure It

<Steps>
  <Step title="Open organisation settings" icon="settings">
    Go to **Settings → General** and find the data privacy section.
  </Step>

  <Step title="Choose your default" icon="eye">
    Keep content scrubbed, the recommended default, or turn on Save session data if you need it.
  </Step>

  <Step title="Set a retention period" icon="calendar">
    If you keep session content, choose how long to retain it before it is deleted automatically.
  </Step>
</Steps>

## Audit Logs

Velatir keeps a complete record of what happens in your account. Every change, who made it, and when, is captured.

| Event                    | What is captured                                      |
| ------------------------ | ----------------------------------------------------- |
| **Member actions**       | Invitations, role changes, removals                   |
| **Settings changes**     | Organisation and workspace configuration updates      |
| **Escalation decisions** | Who responded to an escalation, and what they decided |
| **Agent changes**        | Updates to agent configuration and instructions       |
| **Access events**        | Sign-in activity and permission changes               |

Audit logs are immutable. They cannot be edited or deleted, which keeps the record trustworthy for reviews and audits.

## Support Access

Velatir's team has no access to your account by default. No one at Velatir can view your data, traces, or settings unless you grant access, and revoking it takes effect immediately.

## EU-Based Infrastructure

Velatir runs entirely on EU-based infrastructure. Your data stays within the European Union, which supports data residency and sovereignty requirements and aligns with GDPR. There are no data transfers to non-EU jurisdictions.

***

<CardGroup cols={2}>
  <Card title="Data storage & encryption" icon="lock" href="/security/data-storage-and-encryption">
    What is stored, and how it is protected.
  </Card>

  <Card title="Roles & permissions" icon="shield" href="/platform/roles-and-permissions">
    Control who can see and change what.
  </Card>
</CardGroup>