The Data settings page gives workspace admins control over how long Causeloop keeps different categories of data, privacy options, and tools to export or permanently erase workspace data.
Open it from the sidebar: Settings → Data. You need the workspace.compliance:read scope to view this page and workspace.compliance:write or workspace:admin to make changes.
Actions in the Danger zone section (export, purge, and workspace deletion) are irreversible. They require you to type the workspace slug as confirmation.
Retention policies
Causeloop applies retention policies per data category. When a record’s age exceeds the configured limit, it is soft-deleted and then permanently purged after a configurable grace period.
Built-in retention categories
| Field | What it covers | Minimum | Default |
|---|
| Issues retention (days) | Issues and their linked events | 1 day | 365 days |
| Activity retention (days) | Member activity and engagement logs | 1 day | 365 days |
| Audit log retention (days) | Immutable audit trail entries | 365 days (floor, cannot be lowered) | 365 days |
| Prompt log retention (days) | AI prompt inputs and outputs | 1 day | 90 days |
The audit log floor of 365 days is enforced by the backend. Attempting to set audit_days below 365 returns 422 retention_below_minimum. This floor supports SOC 2 and GDPR Article 5 storage-limitation controls.
Editing retention periods
Adjust the number of days for each category and click Save retention policy. The UI sends PATCH /v1/settings/data-retention with the updated values.
curl -X PATCH "https://api.causeloop.ai/v1/settings/data-retention" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"issues_days": 180,
"activity_days": 90,
"audit_days": 365,
"prompt_logs_days": 30
}'
| UI field | Engine rule |
|---|
issues_days | entity=issue, action=purge |
activity_days | entity=activity, action=purge |
audit_days | entity=audit, action=purge |
prompt_logs_days | entity=prompt_log, action=purge |
Privacy controls
The Privacy section contains toggles that control how Causeloop handles personally identifiable information.
| Toggle | Description |
|---|
| Anonymize PII in AI prompts | Strip PII from issue text and activity descriptions before sending them to AI models |
| PII redaction | Redact detected PII fields in stored records |
| Pseudonymization | Replace identifiable values with pseudonymous tokens in analytical outputs |
workspace.compliance:write-gated fields. Changes take effect for new data ingested after saving; they do not retroactively reprocess existing records.
Scheduled export
Enable the Scheduled export toggle to have Causeloop automatically generate a full workspace data export on a recurring cadence. The export is delivered to the configured destination (contact support to configure S3 or GCS delivery).
Danger zone
All actions in this section are permanent and cannot be undone. Each requires you to type your workspace slug in the confirmation dialog.
Export workspace data (GDPR Article 15)
Generates a full data export of all workspace content in JSON format. This supports the GDPR right of access.
- Quota: one export per day. Exceeding the limit returns
429 export_quota_exceeded.
- The export is prepared asynchronously. You will receive an email when the download link is ready.
- Requires
workspace:admin.
Click Export workspace data
The confirmation dialog opens.
Type your workspace slug
Enter the exact slug shown in the dialog (e.g. acme-engineering).
Confirm
The export job is queued. You will receive an email with a download link when it is ready.
Purge data
Permanently deletes data that has passed its retention period without waiting for the scheduled purge run. Requires workspace:admin.
- Audit log records younger than 365 days cannot be purged (
422 audit_not_purgeable).
- Purge is scoped to the workspace; it does not affect other workspaces in the organization.
Right to erasure (GDPR Article 17)
Submit a right-to-erasure (RTBF) request for a specific user. This anonymises or deletes all records associated with that user within the workspace. Requires workspace:admin.
Delete workspace
Permanently deletes the workspace and all its data. This action cannot be reversed and removes access for all members immediately. Only a Tenant Admin can perform this action.
For the compliance and legal details behind these controls — including GDPR Article mapping, HIPAA applicability, and SOC 2 controls — see GDPR & Governance. 
