Skip to main content
Enigm is designed around data minimization and purpose-limited retention. The platform should collect and retain only the information required to operate platform services, maintain security functions, support compliance obligations, and protect users. This document is intended for enterprise customers, security auditors, privacy reviewers, and technical partners.

Overview

The Enigm data retention model is aligned with the Enigm Privacy Model. Retention decisions are guided by:
  • Data minimization.
  • Purpose limitation.
  • Security requirements.
  • Operational requirements.
  • Legal or contractual obligations.
  • Risk reduction.
Legal inquiries related to retention may be directed to legal@enigm.io.

Data Minimization

Enigm is designed around collecting and retaining only the information required to operate platform services and security functions. Data minimization means:
  • Avoid collecting unnecessary data.
  • Retain data only for defined purposes.
  • Limit access to authorized workflows.
  • Reduce unnecessary identity metadata where possible.
  • Separate security visibility from message confidentiality.

Account Data

Account data may include information required to operate account and identity workflows. Conceptual examples include:
  • Account state.
  • Device associations.
  • Security state.
  • Administrative metadata.
Account data supports identity lifecycle, device association, access control, account recovery boundaries, and security review.

Security Data

Security monitoring may require limited retention of security-relevant events. Security data may support:
  • Threat detection.
  • Risk assessment.
  • Security investigation.
  • Incident response.
  • Defensive response.
  • Auditability of security-relevant decisions.
Retention should be proportional to operational and security requirements. Security data should not be used as a substitute for message content access.

Device Data

Device management and trust systems may require device-related state information. Device data may include:
  • Device association state.
  • Trust state.
  • Security posture.
  • Managed device state where enabled.
  • Device lifecycle status.
Device data supports trusted device workflows, Trust Security Center visibility, managed device operations where enabled, and security review.

Operational Data

Operational services may require limited retention for reliability, abuse prevention, fraud prevention, and security. Operational data may support:
  • Service reliability.
  • Abuse prevention.
  • Fraud prevention.
  • Security monitoring.
  • Incident response.
  • Compliance obligations.
Operational data should be scoped to defined service and security purposes.

Retention Principles

Retention is guided by:
  • Least retention.
  • Purpose limitation.
  • Risk reduction.
  • Security requirements.
  • Operational necessity.
  • Legal and contractual requirements.
Retention periods should be defined according to the purpose of the data, the risk profile, and applicable obligations.

Deletion Principles

Data should be deleted when no longer required for operational, security, or legal purposes. Deletion principles include:
  • Remove data after its defined purpose expires.
  • Preserve only what is required for security, compliance, or legal obligations.
  • Avoid retaining unnecessary identity or device metadata.
  • Apply deletion workflows consistently where supported.
Deletion may be constrained by security investigations, legal obligations, abuse prevention, or required operational records.

Security Limitations

Retention reduction improves privacy but does not eliminate all operational data requirements. Limitations include:
  • Some account state is required to operate the platform.
  • Security monitoring may require limited event retention.
  • Device trust workflows may require device-related state.
  • Legal or contractual obligations may require defined retention.
  • Deletion may not affect information already disclosed by authorized users or captured outside Enigm controls.
  • Retention minimization does not replace encryption, device trust, access control, or user security awareness.