> For the complete documentation index, see [llms.txt](https://docs.toucanai.cloud/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.toucanai.cloud/govern/security-model/ai-assistant-data-handling.md). # AI assistant data handling {% hint style="info" %} **Target Audience**: Developers building AI chat or embed experiences with Toucan AI. {% endhint %} ### TL;DR * The AI assistant **processes** your questions, database metadata, and query results to answer and build visualizations. * **Conversation history is stored** on the platform so users can continue a thread. * **Sub-agents** (query building, chart building, exploration) run in isolated steps; only the main assistant thread keeps long-lived history. * **Third-party AI providers** may receive prompts and context when AI features run — see [Third-party subprocessors](/govern/security-model/third-party-subprocessors.md). *** ### When to use this Use this page when assessing privacy impact of AI chat, what may be retained after a session, and what may be sent to external AI services. *** ### What the assistant processes During a conversation, the assistant may use: * **User messages** and assistant replies * **Database metadata** (table and column names, descriptions) to understand your data model * **Query results** from your connected database (for example previews or aggregated answers) * **Optional context** from your embed integration (non-identifying clues you provide) Query results used in AI workflows are fetched **on demand** from your database; they are not bulk-downloaded into a Toucan data store. See [Data storage & retention](/govern/security-model/data-storage-and-retention.md). *** ### What the assistant stores | Item | Stored? | Notes | | --------------------------------------- | ------- | ----------------------------------------------- | | Conversation messages | Yes | Per user/thread; can be cleared in product | | Structured “plans” for complex tasks | Yes | Linked to the conversation thread | | Full copy of your database | No | Queries run against your DB when needed | | Query result rows (platform-wide cache) | No | Results may appear inside a stored conversation | Clearing a conversation removes that thread’s stored assistant history. *** ### Third-party processing Depending on configuration, AI requests may be processed by: * An **LLM provider** (by default Anthropic, or another provider configured for your deployment) * **Analytics or tracing tools** (for example product analytics or execution tracing) *** ### Best practices * Do not include personal data in optional AI context fields. * Use row-level security so the assistant only queries data the end user is allowed to see. * Clear conversation history when your product requires it (for example on logout or account closure workflows you implement). * Review subprocessors if your compliance program requires a register of external processors. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.toucanai.cloud/govern/security-model/ai-assistant-data-handling.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.