Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Data storage & retention

Target Audience: Developers, security reviewers, and compliance stakeholders evaluating how Toucan AI handles data.

TL;DR

  • Your business data stays in your databases. Toucan AI does not maintain a separate copy of your warehouse or tables as a downloadable dataset.

  • Query results are fetched on demand for each chart view or AI action, then held only for the duration of that operation (and related UI/AI workflows).

  • Toucan AI stores platform data (accounts, Dashboard JSON configuration file refering the different components WITHOUT the related data, chart JSON Configuration including the query but not the underlying data, AI conversation history) in its PostgreSQL database.

  • Database connection credentials are stored encrypted at rest on the platform.

  • There is no dedicated long-term cache of query result rows on the platform; see Query data flow & caching below.

When to use this

Use this page to understand what Toucan AI persists versus what it processes transiently, and how that relates to retention and deletion.

What Toucan AI stores (platform data)

Category
Examples
Stored by Toucan AI?

Account & organization

Users, memberships, invitations

Yes

Product configuration

Dashboards, charts, themes, variables, access policies

Yes

Chart definitions

Query pipeline, chart type, visualization config

Yes (definition only — not a snapshot of all result rows)

Database credentials

Connection secrets for your connected databases

Yes, encrypted

AI conversation history

Chat messages and related assistant state

Yes

Your table rows / warehouse data

Sales records, HR data, etc.

No — remains in your database

Query data flow & caching

This section answers: Does Toucan download my data? Is there a cache? Is that cache encrypted?

Does Toucan copy or download my database?

No. Toucan AI does not ingest or replicate your connected database into a Toucan-owned data lake.

When a user opens a chart, runs a filter, or asks the AI assistant a data question, Toucan AI:

  1. Builds a query from the chart definition or AI workflow.

  2. Applies your security rules (row-level and column-level policies).

  3. Sends the query to your database through a dedicated query execution service.

  4. Receives the result for that request only.

  5. Uses the result to render the visualization or answer the question.

Your data remains the system of record in your database.

Is there a query result cache?

There is no separate, platform-wide cache of query result datasets (for example, no shared Redis or disk store of “all rows returned from customer DB X”).

Layer
What happens
Persisted?

Connected database

Source of truth for your rows

Yes — in your infrastructure

Query execution

Runs the pipeline against your DB for each request

No copy kept after the operation completes

Application memory

Holds the result while building a response (chart data, AI tool output)

No — scoped to the request/worker lifecycle

Chart / dashboard config

Stores the query definition and visualization settings

Yes — not the resulting dataset

AI conversation

May retain messages and tool outputs from a session

Yes — see AI assistant data handling

Charts are re-executed when data is needed again (for example when a user refreshes a dashboard or changes a filter), rather than served from a long-lived Toucan cache of your rows.

Encryption of “cached” data

Because query results are not stored in a dedicated Toucan query cache, there is no separate “cache encryption” layer for result rows.

Protection instead relies on:

  • Encryption in transit between Toucan services and your database (TLS as configured for your connection).

  • Encryption at rest for connection credentials stored on the platform (see Secrets & encryption).

  • Encryption at rest for the Toucan platform database.

  • Access control on every query (tokens, permissions, RLS/CLS) and roles (ADMIN, MAKER or EXPLORER).

What about Redis?

Redis is used for background job queues (asynchronous tasks such as AI message processing), not as a long-term store of your query results. Job metadata is kept for a short period, then removed automatically.

AI and conversation data

AI assistant conversations (including text you type and outputs from data tools) can be persisted so users can continue a thread across sessions.

  • Clearing a conversation removes that thread’s stored history through the product API.

  • Automatic time-based purge of all conversations is a product/policy topic — confirm current behavior with Toucan AI support if you need a specific retention period.

See AI assistant data handling and PII & personal data.

Retention & deletion (overview)

Data type
Typical retention
Deletion

Platform account data

While the account/organization exists

Contact Toucan AI support for organization-level requests

Chart & dashboard config

Until deleted in the product

User/admin deletion in product

AI conversation (per thread)

Until cleared or org removed

Clear conversation in product

Query result rows

Not retained as a platform dataset

N/A — not stored as a bulk copy

Connection credentials

Until database connection removed

Delete connection in product

For third parties that may also hold data (LLM providers, analytics), see Third-party subprocessors.

Best practices

  • Treat Toucan as a query-and-visualize layer, not a second database for your raw data.

  • Use row-level security so every query is scoped to the end user.

  • Avoid typing sensitive personal data into AI chat unless you accept it may be stored in conversation history.

  • For embed integrations, use pseudonymous identifiers in tokens rather than email or legal name (see PII & personal data).

PreviousAPI securityNextPII & personal data

Last updated

Was this helpful?