How Long Your AI Keeps Your Data
The delete button on a cloud AI tool is a request, not a command. What actually happens next is decided by the vendor's retention policy, and the policy bends to whoever can compel the vendor.
If your business carries retention obligations of its own, that difference is not a technicality. It decides whose schedule your client data actually lives on.
Deletion Is a Policy
When you delete a conversation, it leaves your screen immediately and the vendor's systems on a schedule. OpenAI's standard practice, typical for the industry, removes deleted chats and API data within 30 days.1
For those 30 days the data exists, readable, on infrastructure you do not control. And "within 30 days" holds only as long as nothing overrides it.
What Vendors Keep by Default
Prompts and outputs are logged even on paid API tiers, and consumer tiers may also use conversations for training unless you opt out. Retention windows, log access, and training defaults all differ by product and change by announcement.
Zero-retention arrangements exist, but they are negotiated exceptions for enterprise contracts. The default for everyone else is that the vendor holds a copy for a while, on terms the vendor sets.
When a Court Overrides the Policy
In 2025, a federal court in The New York Times' copyright suit ordered OpenAI to preserve consumer ChatGPT and API output data indefinitely, explicitly including chats users had deleted.1 The 30-day promise was suspended by a judge neither the users nor the vendor chose.
The order stood until September 26, 2025, and user data from April through September 2025 remains stored under legal hold today.1 OpenAI fought the order, and it did not matter: when policy meets legal process, policy loses.
Why Retention Is Your Problem
Your obligations do not transfer just because the data moved. A clinic's minimum-necessary rules, a firm's privilege, and a written retention schedule all assume you can actually destroy data when the schedule says so.
A copy sitting in a vendor's legal hold is a copy your schedule does not govern. It is also a discovery surface in someone else's lawsuit, holding whatever your staff pasted into a chat box.
Retention You Can Enforce
On hardware you own, retention is a setting rather than a promise. Data lives on your disks, inside trust boundaries you drew, and deleted means the disk you control no longer holds it.
Legal process still exists, but it arrives at your door, addressed to you, answered by your counsel. That is how retention worked for your paper files, and FactoryOS is built so it keeps working that way for your AI: the conversations, the audit trail, and the deletions all happen on the box in your office.
Nobody who typed into a chatbot in May 2025 thought they were creating a court-preserved record. Whose retention schedule is your client data on today -- yours, or your vendor's?