Why Zero Data Retention Should Be Non-Negotiable When Your Team Uses LLMs
What "Zero Data Retention" Actually Means
When you interact with an LLM API without a ZDR agreement, the provider's default behavior often includes logging your inputs and outputs — sometimes for days, sometimes indefinitely. This data may be used for model improvement, abuse monitoring, or simply held in transit storage that outlasts the session.
Under a ZDR policy, the provider contractually commits that your prompts and completions will not be stored, logged, or used beyond serving the immediate request. The exchange happens, the response returns, and no persistent copy is retained on the provider's infrastructure.
At Xint, we store your source code only while analyses are being run, with a fail-safe deletion mechanism after 2 days of storage, and we have Zero Data Retention agreements in place with our model API providers to keep our clients’ data safe.
The Threat Surface You're Opening Without It
By default, standard consumer and API accounts store data (context, prompts, and outputs) for 30 days. That is 30 days for an intruder to potentially access those logs. ZDR eliminates that possibility. Instead, an attacker would need to intercept requests in real-time which is a lot harder than accessing logs.
Even for enterprise accounts, they often require opt-in, explicit agreements, or specific API configurations to get ZDR.
Consider what flows through a typical pentest: source code, vulnerabilities and vulnerability locations, POCs, and internal triage metadata.
Without ZDR, each of these becomes a data point that persists beyond your control. Your exposure isn't just from the provider — it's from every third party the provider contracts with, every breach their infrastructure could suffer, and every regulatory jurisdiction their data centers operate in.
If your product handles health data, financial records, or any category covered by GDPR, HIPAA, SOC 2, or PCI-DSS, the absence of ZDR may not just be a security gap — it may be a compliance violation waiting to surface during your next audit.
Why Standard Terms Aren't Enough
Many organizations assume that a provider's privacy policy or standard enterprise agreement provides adequate protection, but general privacy policies govern how providers handle data in aggregate, not how your organization's specific inputs are treated in real time. Enterprise agreements may limit data use for model training but still permit operational logging and retention for abuse detection purposes.
A genuine ZDR commitment requires explicit contractual language. Look for:
Specific retention windows (ideally zero days)
Clear definitions of what constitutes "retention"
Enumerated exceptions
Audit rights that let you verify compliance.
If a vendor can't produce this language, treat the absence as a red flag.
The Posture Shift
AI is a powerful weapon for defenders to analyze their code and applications at a scale and speed no human pentester could match. But AI in AppSec can create as big of a vulnerability unless the proper governance is in place. ZDR is one of the clearest, most enforceable controls available to you. Require it, verify it, and build your AI stack around it.
As model providers update their terms and infrastructure, the guarantees you negotiated last year may have drifted. Treat this like any other third-party risk control — periodic review, not a one-time checkbox.