A vendor commitment not to retain customer prompts, outputs, or associated data beyond the duration necessary to process the request and return a response. ZDR is often offered as an API option or enterprise tier feature to address confidentiality, privacy, and "no training on our data" concerns. However, ZDR policies vary significantly in scope: clarify whether ZDR covers abuse monitoring logs, trust and safety reviews, debugging data, error logs, metadata, and cached embeddings. Some vendors retain data briefly (e.g., 30 days) for abuse detection even under "zero retention" labels; others exclude certain content flagged for safety review. ZDR does not address what happened to data before the policy was enabled, nor does it prevent data exposure during transmission or processing.
See: Confidential information; Data retention; Logging; No training on our data; Service improvement; Usage data / telemetry