Zero Data Retention

What works today

ZDR is determined by your upstream provider contract. If you have a ZDR agreement with OpenAI, Anthropic, or another vendor, register that endpoint as a model mapping (or attach your provider key via BYOK) — Meridian Blue forwards prompts to that endpoint and the provider's ZDR posture applies.

To make ZDR enforceable in your chain, list only ZDR-eligible providers in models. The router never substitutes a provider not in the list.

Meridian Blue side

Meridian Blue stores the full prompt and completion in the Conversation log by default — that's how the dashboard shows you your past requests. To opt out of full retention on the gateway side, set the tenant's policy.log_level to "metadata" (the default for non-regulated industry templates). Metadata-only mode keeps token counts, latency, and cost but discards the prompt/completion bytes.

Regulated-industry policy templates (eu_bank, healthcare) set log_level: "full" by default — encrypted full retention with per-tenant AES-256-GCM keys.

Roadmap

• A request-level zdr_required: true flag that filters routing to ZDR-eligible mappings only — currently you build that filter into your models chain manually.
• A registry of upstream providers with their ZDR posture published as part of the model catalogue.
• An automated audit confirming each registered provider's contract terms still hold.