Data Retention Policy for AIBI-Studio

Last Updated: December 30, 2025

Effective Date: January 1, 2026

This Data Retention Policy (“Policy”) outlines the principles and procedures for managing data within AIBI-Studio, a unit of Smart24x7 Response Services Pvt. Ltd.. As a central pillar of the Smart Group Incubations (SGI) ecosystem, AIBI-Studio balances the need for data-driven “Agentic AI” with strict security and legal mandates.

1. Introduction and Purpose

The core mission of AIBI-Studio is to “Turn Your Business Intelligent”. To achieve this, our “Deep Tech Framework” processes information through “The Brain” and our “Automation Engine”. This Policy ensures:

  • Data is retained only as long as necessary to provide Level 3 Agentic AI services.

  • Storage complies with high-tier security standards, including ISO 27001 and PCI DSS.

  • Business owners maintain “Full control of your data” with the ability to “Opt-in or Opt-out at any time”.

2. Scope of Data Management

This Policy applies to all data handled within the AIBI-Studio intelligence ecosystem, including:

  • Tenant Data: Business-specific information such as Excel sheets, Tally records, and WhatsApp communication.

  • AI/ML Metadata: Vectors, embeddings, and prompt chains used by our “LLM Adaptor”.

  • Operational Logs: Audit trails, sentinel monitoring logs, and system telemetry.

  • IoT Streams: Real-time data from “IOT Hubs” and remote infrastructure.

3. Data Categorization and Retention Periods

AIBI-Studio applies specific retention schedules based on the type of intelligence being generated.

3.1 Business Transaction Data (Tenant Data)

  • Description: Invoices, orders, and delivery schedules managed by our automation agents.

  • Retention Period: 7 years from the date of the transaction.

  • Purpose: To support “Advance BI” reporting and long-term historical analysis.

  • Storage: Held in “Sharded Data Sources” with row-level security by tenant ID.

3.2 Agentic AI Memory and Conversational Logs

  • Description: Multi-channel transcripts from WhatsApp, voice, and web-based customer agents.

  • Retention Period: 2 years of active memory; archived for “Historical Learning” thereafter.

  • Purpose: To enable the AI to “Think + Acts + Learns + Escalates” autonomously.

  • Privacy: Subject to automated “PI Redaction” to remove sensitive identifiers.

3.3 IoT and Sensor Telemetry

  • Description: Real-time processing data from “IOT Adaptors” and remote sensors.

  • Retention Period: 1 year for high-resolution data; 5 years for aggregated telemetry.

  • Purpose: Powering “Predictive Maintenance” and “Anomaly Detection in flows”.

3.4 System Audit and Compliance Logs

  • Description: Access logs from our “API Gateway,” “Auth: SSO/SAML,” and “RBAC: Roles”.

  • Retention Period: 10 years.

  • Purpose: Maintaining an “Audit Trail for Compliance” required by enterprise partners.

4. AI Model and Vector Retention

AIBI-Studio utilizes specialized “Vector/Embedding DBs” to support RAG and Agentic workflows.

  • Embeddings: Vectorized representations of your data are retained for the duration of the active subscription.

  • Model Tuning: Data utilized for “Shared/Tuned Models” is held for 18 months or until a new model version is validated.

  • Prompt History: “Prompt Chaining” sequences are kept for 6 months to optimize system “Guardrails”.

5. Data Deletion and Disposal

When data reaches the end of its retention lifecycle, AIBI-Studio follows a secure disposal protocol.

  • Automated Purging: Our “Orchestrator” triggers deletion based on the “Tenant Catalog” configurations.

  • Founder Requests: Upon a request to “Opt-out,” non-regulatory data is purged within 30 days.

  • Encryption Key Destruction: Deletion involves destroying the specific AES 256 keys for the targeted data shard, ensuring it is unrecoverable.

6. Security and Compliance Overlay

Retention practices are governed by a multi-layered security stack.

  • Zero Trust: We utilize a “Zero Trust” architecture to ensure data is only accessible to authorized agents.

  • Encryption: Data remains encrypted via AES 256 and TLS 1.3 throughout its entire lifecycle.

  • Data Isolation: Our framework guarantees “No data Crossover” between different business owners.

7. Limitations and Exceptions

Retention may be extended in specific cases:

  • Legal Holds: Deletion is suspended if an “Audit Trail” is required for legal or regulatory reasons.

  • Security Incidents: Data involved in “Anomaly Detection” or breach investigations is retained until the matter is resolved.

8. Founder Rights

AIBI-Studio ensures “Your Data Your control”.

  • Transparency: Founders can view sharded data status through their “Mobile Dashboard”.

  • Control: Users may “Opt-in or Opt-out at any time” regarding their data being used for model training.