AI data handling
How Seldon handles API data
A plain-language current-state explanation for prompts, outputs, traces, provider routing, response caching, and audit retention.
Last updated: July 9, 2026
We retain API data
We retain customer API data for audit, billing, reliability, security, debugging, and product operation.
We do not resell it
We do not resell customer prompts, outputs, traces, cached responses, or API traffic.
We do not train generalized models
We do not use customer prompts, outputs, traces, or cached responses to train generalized AI models.
BYOK keys are transient
BYOK provider keys are used for the request and are not stored by Seldon.
What Seldon Stores
Seldon may store request metadata, response metadata, token counts, costs, latency, status, selected provider and model, workspace and API key identifiers, trace records, redacted request and response trace payloads, and exact response-cache entries.
Provider Routing
Seldon routes requests to configured model providers. Providers receive the prompt, messages, tools, attachments, options, and other request fields needed to perform the model call. Provider data-retention and training policies are controlled by those providers and may vary by account, deployment, model, region, and request option.
Trace Payloads
Trace payload capture redacts sensitive headers and secret-like values before storage. Current default trace payload retention is 90 days. Dashboard trace detail is available for 30 days, and payload references are shown only to workspace admin or owner roles when payloads have not expired.
Response Cache
The response cache is currently enabled by default at the exact-match tier. That means Seldon may store exact response-cache entries for reuse unless a request or workspace configuration disables cache storage for that request path.
Privacy-Forward Controls
Request controls such as provider.zdr, provider.data_collection = "deny", and cache.no_store can be used for stricter routing or storage preferences. When provider policy metadata is unknown or unverified, policy-compliant routing can fail with no_policy_compliant_provider rather than silently routing to an unknown provider.
Provider Policy Metadata
Seldon provider catalog data defaults provider data-policy metadata to unknown or unverified unless the current app data explicitly contains verified values. Public disclosures and model-provider tables should treat unknown metadata as unknown.