Here are the key terms you need to know when you use Google Vault.
audit report—A report of the Vault-related actions taken by Vault users in a specified time period. Vault actions are logged in a database that can’t be deleted or truncated by any Vault user or Google while your Google Workspace subscription is active. The audit report is deleted approximately one month after your organization’s Vault service is terminated.
delete—When users move messages or items to the trash. In Gmail they click Delete and in Drive they click Remove, but both are the same process.
delete forever—When users empty Trash in Gmail or Drive. Users can’t recover this data. When users delete Gmail messages forever, the messages are marked ready to purge (
^deleted) from production Google systems.
^deleted—The internal label that Google applies to Gmail messages that are removed from the trash folder and ready to purge. Gmail’s 30-day preservation policy retains messages with the
^deleted label for 30 days, during which an admin might be able to recover the data. Data that has the
^deleted label for 30 days and that isn’t subject to a retention rule or hold is purged from Google systems.
eDiscovery—The process of identifying electronically stored information relevant to a case or investigation, then preserving, collecting, and analyzing the data.
export—A downloadable set of Google Workspace data that matches your search query.
expunge—(Now called purge) When data is purged from Google production systems. After expunge, the data isn’t available in any production system and is no longer available to Vault.
Gmail’s 30-day preservation policy—In Gmail, messages removed from Trash are still available to Vault users through Vault for an additional 30 days. This preservation policy supersedes any Vault retention rules that expire during that period. If a retention rule is set to purge messages after the retention period expires, but the preservation policy hasn’t expired, messages aren’t purged until after the preservation policy expires.
held data—Any data that’s placed on hold. This data is protected from deletion and exempt from retention rules until all holds are removed.
hold—A policy you create that prevents Google Workspace services from deleting data. Holds are typically used to preserve data for legal or investigation purposes:
- You can set holds on data that is owned or shared with specific accounts or all accounts in a specific organizational unit.
- Holds override retention rules.
- Data that’s subject to a hold and a retention rule is allowed to be purged only after the hold is removed.
- Only Vault users with access privileges to a matter can manage holds and see who and what is on hold.
indefinite—For retention policies, the data is permanently available through Vault until you change the policy or for the duration of your Google Workspace subscription. Data retained indefinitely isn’t retained after your subscription is terminated or not renewed.
information governance—The process of developing and implementing data retention and deletion policies for your organization in accordance with legal and regulatory obligations. In Vault, you set retention rules to keep data in supported services for a certain time and, optionally, to delete that data after that time.
matter—A container for eDiscovery activity related to a specific litigation case or investigation. A matter includes:
- Saved search queries (if any)
- A list of accounts subject to a hold (if any)
- A list of the accounts that can access the matter
- Export sets for the matter
- An audit trail for the matter
message—A general term that includes email and on-the-record chats.
permanently deleted—Data that is deleted forever, which is data removed from the Gmail Trash folder and the Drive Trash folder.
purge—(Formerly called expunge) When data is completely removed from Google production storage systems. After data is purged, it isn’t available in any production system and is no longer available to Vault.
remove—When messages are removed from the Gmail Trash and items are removed from the Drive Trash. These data are marked as ready to purge. This action is different from when users click Remove in Drive, which moves the items to Trash but doesn’t mark them as ready to purge. Users can’t access messages and items that are removed, but Vault users can still search for and view this data in Vault.
retention rule—A Vault policy that prevents Google services from deleting data that matches specified scope and conditions. Data can be retained for a certain number of days or indefinitely. Vault users can set what happens to data when the retention period of a retention rule expires. Learn more
retention period—The number of days that data is certain to be available through Vault and not deleted by a Google service.
Vault user—A Google Workspace user who has the required privileges to configure Vault retention policies, manage holds, or search for and export data.