Data policies

Logging, retention, and boundaries.

When you route requests to third-party model providers, data handling becomes a first-order product and compliance issue. This section describes how lmchat is intended to give you control over what is logged and retained.

What we mean by “data policy”

Definition

A data policy is a set of rules that controls whether prompts/outputs are stored, for how long, and for what purpose (debugging, abuse detection, usage reporting).

Typical policy controls

Prompt/output logging

Whether raw content is stored. Many teams prefer metadata-only logging by default.

Retention window

How long logs are kept before deletion (e.g., 0 days, 7 days, 30 days).

PII minimization

Redaction or hashing of identifiers, and guidance for client-side redaction.

Important reality check

Third-party providers

Even if lmchat logs nothing, upstream providers may have their own logging and retention rules. Your policy must be compatible with both lmchat settings and the provider’s terms.