For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
AcademyContact SalesHelp CenterDashboard
DocumentationAPI ReferenceIntegrationsAdministrationChangelog
DocumentationAPI ReferenceIntegrationsAdministrationChangelog
  • Get Started
    • Introduction
    • Aurora
  • Build
    • Create an Agent
    • The Agent Editor
    • Single-Prompt Agents
      • General Configuration
      • Greeting Message
      • Voice Configuration
      • Languages
      • Call Configuration
      • End-Call Reasons
      • Security & Compliance
      • Additional Settings
    • Memory
    • Knowledge Base
    • Variables
    • Version Control
  • Evaluate
    • Manual Testing
    • Custom Evaluations
    • Simulations
  • Launch
    • Deployment Options
    • WhatsApp
    • Website and Apps
    • Launching a Chat Agent
    • Workflows
  • Learn
    • Analytics Dashboard
    • Logs
    • Export Call Data
  • Legal
    • Subscriber Terms
    • GTC - Direct Use (DACH)
    • GTC - Direct Use (US)
    • GTC - Distribution (DACH)
    • GTC - Distribution (US)
    • Business Associate Agreement
    • Privacy Policy
    • Imprint
    • AI Transparency Statement
    • Trust Vault
LogoLogo
AcademyContact SalesHelp CenterDashboard
On this page
  • Save Recordings
  • Save Transcripts
  • Limit Data Retention to 30 days
  • Personal Info Redaction (PII)
  • Redacted data types
  • Limitations
BuildConfiguration

Security & Compliance

Configure agent-level security and compliance settings.

||View as Markdown|
Was this page helpful?
Previous

Additional Settings

Fine-tune transcription, latency, interruption handling, and vocabulary

Next
Built with

Security & Compliance settings

The Security & Compliance section of the agent editor gives you agent-level controls for data retention and data protection. These toggles let you decide what gets stored, for how long, and whether sensitive information is redacted from records.

Save Recordings

When enabled, Synthflow retains the audio recording of every call the agent handles. Disable this toggle if your compliance requirements prohibit storing call audio, or if you simply don’t need recordings and want to minimize stored data.

Save Transcripts

When enabled, Synthflow retains the text transcript of every call. Transcripts are used throughout the platform — in logs, analytics, and post-call webhooks — so disabling this toggle also removes transcript data from those surfaces.

Limit Data Retention to 30 days

Enabling this toggle automatically deletes all transcripts, recordings, and caller IDs after 30 days. This is useful for meeting data-minimization requirements under regulations like GDPR, where you need to avoid indefinite storage of personal data.

Personal Info Redaction (PII)

When enabled, PII redaction automatically strips sensitive data from transcripts displayed in the platform, post-call webhook payloads sent to your systems, and internal logs stored by Synthflow. This helps you comply with data protection regulations and reduces the risk of exposing sensitive customer information.

You can also enable PII redaction via the API when creating or updating an agent:

1{
2  "agent": {
3    "redact_pii": true
4  }
5}

Redacted data types

The following PII types are automatically detected and redacted:

  • Credit card numbers, expiration dates, and CVVs
  • Social security numbers
  • Names
  • Email addresses
  • Phone numbers
  • Physical addresses

Limitations

  • Real-time audio is not affected — redaction applies to text transcripts and logs, not the live audio stream.
  • Redaction is one-way — original data cannot be recovered from Synthflow’s systems.
  • Due to the unstructured nature of voice data, PII redaction may not always achieve 100% accuracy. It should be part of a broader data protection strategy — ensure your own systems and integrations also handle sensitive data appropriately.
  • PII redaction applies to new calls only. Existing transcripts and logs are not retroactively redacted.
  • Information extractors cannot extract redacted PII — if you have extractors configured to capture data such as names, they will not be able to extract it because the data has already been redacted earlier in the processing pipeline.