Data Retention
How PacSpace handles your data — what persists permanently, what is retained temporarily, and how you control retention windows.
PacSpace operates as a neutral verification layer. Only cryptographic fingerprints are written to the permanent record. Your business data is retained privately on PacSpace infrastructure according to your retention settings.
What Persists Permanently
The following data is stored indefinitely and is never affected by retention settings. This is the minimum information PacSpace needs to power balance derivation, comparison, checkpointing, and receipt generation.
| Data | Purpose |
|---|---|
| Record IDs (anchor IDs) | Identify each delta record |
| Receipt IDs (proof roots) | Enable proof generation and verification |
| Item hashes (content fingerprints) | Individual delta content verification |
| Delta amounts and customer IDs | Balance computation |
| Timestamps (submission and verification) | Ordering and audit trail |
| Verification status | Track whether each delta is verified |
| Operation type | Classify delta operations |
| Checkpoint proofs | Period-end audit snapshots |
This permanent data powers all four core API endpoints — emit, derive, compare, and checkpoint — regardless of your retention settings.
What Is Retained Temporarily
The following data is retained according to your configured retention window. Once the window expires, this data is removed from PacSpace infrastructure.
| Data | Purpose |
|---|---|
| Raw event payloads (reasons, reference IDs, custom metadata) | Enrich webhook deliveries and API responses |
| Webhook delivery payloads | Enable replay and debugging |
| Optional fact metadata | Support fact-based workflows |
After removal, API responses will continue to work — they will include all permanent verification data (hashes, amounts, timestamps, proofs) but will not include the raw business context (reasons, metadata, reference IDs). The dataPurged flag in delta responses indicates when raw data has been removed.
Retention Windows
You control how long PacSpace retains raw business data. Choose from:
| Setting | Retention Period |
|---|---|
| Forever (default) | Raw data is never removed |
| 90 days | Removed after 90 days |
| 30 days | Removed after 30 days |
| 7 days | Removed after 7 days |
The retention window applies to all raw business data for your account. Permanent verification data (hashes, amounts, proofs) is never affected.
Configuring Retention
Via the Dashboard
Navigate to Settings in the PacSpace dashboard. The Data Retention section lets you select your preferred retention window.
Via the API
Update your retention settings programmatically:
curl -X PATCH https://balance-api.pacspace.io/dashboard/tenant/retention \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"dataRetentionDays": 30
}'
Accepted values for dataRetentionDays: null (forever), 7, 30, or 90.
How It Works
Once per day, PacSpace checks for raw business data that has exceeded your retention window. Data older than the configured period is removed in batches. The process:
- Identifies records where the verification timestamp exceeds your retention window
- Removes raw event payloads (reasons, reference IDs, metadata) from delta records
- Removes webhook delivery payloads and URLs from completed deliveries
- Removes optional metadata from fact records
- Marks affected records with a
purgedAttimestamp
Permanent verification data — hashes, amounts, timestamps, proofs, and verification status — is never modified or removed.
What This Means for Your Integration
- All API endpoints continue to work after removal. Balance derivation, comparison, checkpointing, and receipt generation all use permanent data that is never removed.
- Store webhook payloads in your own systems upon delivery. Once your retention window passes, PacSpace no longer holds the raw business context. Your webhook handler is the best place to capture and store this data for your own records.
- The
dataPurgedflag tells you when raw data has been removed. Delta objects in API responses include adataPurgedboolean so your application can handle this gracefully. - Verification proofs are always available. Proof roots, item hashes, and checkpoint proofs persist permanently. You can always verify the integrity of your records regardless of retention settings.
Retention Is Available on All Plans
Data retention settings are available to all PacSpace plans. The default setting is forever — no data is removed unless you explicitly configure a shorter window.