Documentation Index
Fetch the complete documentation index at: https://docs.retellai.com/llms.txt
Use this file to discover all available pages before exploring further.
Data Storage Privacy Settings
By default, we store these potentially sensitive data related to your calls, including:- Call logs
- Transcriptions
- Call recordings
- Caller ID for inbound call
- Callee ID for outbound call
- Knowledge base retrieved contents logs
- Dynamic variables
- Metadata
How to Manage Data Storage
You can opt out of sensitive data storage at any time:- Navigate to your agent
- Under Security & Fallback Settings → Data Storage Settings, select:
- Everything — store transcripts, recordings, and logs
- Everything except PII — store content, excluding PII when possible
- Basic Attributes Only — store only metadata (no transcripts/recordings/logs)
You can also configure a data retention period to automatically delete stored data after a set number of days. See Data Retention Policy for details.
What Happens When You Change Storage Settings
When you opt out:- You will continue to receive webhook events, where you can access the transcript, call recording, and other sensitive data in it
- The call recording link will expire after 10 minutes upon receiving the webhook
- Everything: All artifacts (transcripts, recordings, logs) are stored
- Everything except PII: Artifacts are stored with PII removed according to the categories you select in your
pii_config. See PII scrubbing below for exactly which fields are affected. - Basic Attributes Only: No transcripts/recordings/logs are stored; if you query the call with the get call API later, you will not get these fields
PII scrubbing
When you choose “Everything except PII”, you can configure which personally identifiable information (PII) is removed after the call completes. Scrubbing is applied across the transcript, recording, public logs, and structured fields on the call record itself (dynamic variables, metadata, call analysis, tool call arguments and results). PII configuration is defined on the agent. Per-call storage behavior can still be limited viadata_storage_setting inherited onto the call.
Content categories
When any of these categories are selected, occurrences are detected post-call and replaced with[category number] placeholders (e.g. [email 1], [person name 2]):
person_nameaddressemailssnpassportdriver_licensecredit_cardbank_accountpasswordpinmedical_iddate_of_birthcustomer_account_number
- Transcript — user and agent utterances
- Recording — audio is replaced with a beep over the PII intervals (surfaced as
scrubbed_recording_url) - Public logs — log file content
- Dynamic variables —
retell_llm_dynamic_variables, collected dynamic variables, and override dynamic variables (surfaced as theirscrubbed_*counterparts) - Metadata —
metadata(surfaced asscrubbed_metadata) - Call analysis —
call_analysis.call_summaryandcall_analysis.custom_analysis_data(surfaced asscrubbed_call_analysis) - Tool calls — arguments and results
- DTMF digits — replaced with
[PII INFO]whenever any PII category is enabled, to avoid exposing touch-tone passwords or PINs - SMS message text (for chat agents)
phone_number (directional)
phone_number behaves differently from the content categories. Selecting it redacts the customer’s phone number from the call record itself, not just the transcript:
- Inbound calls:
from_numberis removed - Outbound calls:
to_numberis removed - SMS chats:
user_numberis removed
phone_number in your categories.
What is always preserved
Regardless of the categories you configure, these fields are never altered or removed by PII scrubbing:- Identifiers:
call_id,agent_id - Timing:
start_timestamp,end_timestamp,duration_ms - Outcome:
call_status,disconnection_reason,call_successful,user_sentiment,in_voicemail - Operational:
direction,transfer_destination,call_latency,cost_metadata,call_cost,custom_attributes - Tool call records — the name, timing, and success of each tool call (their arguments and results are still scrubbed when content categories are selected)
