How retention works

Data retention rules control how your organization saves and deletes Google Workspace data for compliance or regulatory reasons. 

By default, Google Workspace data stays in user accounts until the user or admin deletes it. If your organization needs more control over data retention, you can set up retention rules in Google Vault. These rules organize how data is stored, for how long, and purge data once it’s no longer needed. With Vault, you can:

  • Keep data for as long as you need it—You can set up rules to retain data for how long you need it. The data is kept even if users delete messages and files or empty their trash.
  • Remove data when you no longer need it—You can schedule Vault to delete data after a duration of time. When the retention period expires, the data is automatically removed from user accounts and purged from all Google systems. (Data under a legal hold is not purged.) The time it takes to remove expired data varies depending on the service. Learn more about how data can remain in Vault after all retention rules expire.
WARNING: An improperly set up retention rule might allow Google services to immediately and irreversibly purge data. Use caution when you create or change retention rules. We recommend that you test new rules on a small group of users before you apply them to your entire organization.

 

Two types of retention rules

Default retention rules

If you must keep all data for a service for a set time, set a default retention rule. Default rules apply to data only when a custom rule or hold doesn’t apply. You can’t apply default retention rules to only specific accounts or time periods, and you can only have one default retention rule for each service.

Custom retention rules

If you must keep specific data for a set time, set a custom retention rule. You can specify the data with conditions and terms depending on the service:

  • Gmail and Groups—Set by organizational unit, date ranges, and specific search terms.

  • Drive, Meet, and Sites—Set by organizational unit and define expiration based on last modified dates (to address staleness) and created dates (to address compliance requirements), trashed dates, or Drive label date fields.

  • Chat–Set by organizational unit or for all Chat spaces in the organization.

  • Google Voice for Google Workspace–Set by organizational unit and data type.

You can set as many custom rules as your organization needs. Data is retained according to the rule with the latest expiration. For Drive, if a Drive item in trash is subject to multiple retention rules, a moved-to-trash rule supersedes all other retention rules.

Important information about retention

Open all   |   Close all

What's the difference between a hold and a retention rule?

Holds and retention rules both retain data in Vault, but they have important differences:

  Holds Retention rules

Use

Holds are typically created in response to an investigation or legal issue.

Retention rules are used to proactively control how long data is preserved.

Scope Holds can be applied to:
  • Individual accounts
  • Organizational units
  • Groups

Retention rules can be applied to:

  • Users in organizational units or groups
  • Product entities such as shared drives and Chat spaces. 

Note: Retention rules can't be applied to individual accounts, except by matching terms.

Preservation period

Holds preserve data indefinitely, until the hold is deleted.

Retention rules preserve data for a specified period, which can be a set number of days or indefinitely.

Precedence

Holds take precedence over retention rules. When a hold is deleted, data is immediately subject to applicable retention rules.

Retention rules aren't applied to data preserved by a hold until the hold is removed.

Custom rules take precedence over default rules, even when the default rule expires later. Data can be removed from Google production systems when the last applicable retention rule expires.

Access

Only Vault users who have access to a matter can review who and what is on hold.

Only Vault users who have retention rule privileges can manage retention rules.

Data purged in Vault is purged from all Google services

Vault is fully integrated with the Google services that it supports, so there is no separate archive. 

When a retention rule is applied to a message or file, the item is deleted from the service, even if the user had not marked it for deletion.

For example, you create a default retention rule to retain Gmail messages for 365 days, and have no custom rules or holds. Vault deletes every message older than 1 year.

The start of the retention coverage period depends on the service

The start of the retention coverage period depends on the service:

  • Gmail and Groups—The retention period starts the day that the message is sent or received.
  • Drive, Meet, and Sites—Depending on how the retention rule is set up, the retention period can start:
    • When the item was created
    • When the item was last modified
    • When the item was moved to the trash
    • If a Drive label has a date field in the condition, on the value set for Drive label date field
  • Chat–The retention period starts the day the message was sent. The retention period start doesn't change when a user edits or deletes a message.
  • Voice for Google Workspace:
    • Text messages—The retention period starts at 11:59 PM UTC-7 the day that the message was sent
    • Voicemails and their transcripts—The retention period starts at 11:59 PM UTC-7 the day that the voicemail was created
    • Call logs—The retention period starts at 11:59 PM UTC-7 the day that the call was made or received
Custom retention rules and holds can extend coverage periods

When the default retention period expires, Vault purges a message or file only if:

  • It is not being retained by any custom retention rules. Data is always kept as required by the custom rule with the longest retention period. Custom retention rules always take precedence over the default retention rule, even if the custom retention rule is shorter than the default retention rule.
  • It is not subject to a hold. When the hold is removed, retention rules take effect.
Data can remain in Vault after all retention rules expire

Even when a retention rule is set to purge data, the background process that removes permanently deleted or expired data from Google systems keeps data available to Vault for approximately 30 days before it is fully purged:

  • Messages in a user’s Gmail or posted in Groups when all retention rules expire are removed from the user’s view (this process can take hours to days). Messages remain available to Vault administrators for approximately 30 more days, during which you can search for, export, or place holds on them. After 30 days, you can no longer retrieve these messages.

  • Messages deleted by users or Group Managers less than 30 days before retention coverage expires are kept until necessary to meet the maximum of 30 days. For example, if a user deletes messages and empties them from trash 20 days before the retention coverage expires, you can search for them in Vault for another 10 days. After that time, you can no longer retrieve them.

  • Gmail messages that were deleted more than 30 days before the retention coverage expires are immediately purged at the end of the retention period, and you can’t retrieve them.

  • Items and sites deleted from Drive by users or a retention rule are immediately unavailable to Vault after retention coverage expires. If files were emptied from Trash less than 25 days ago, you might be able to retrieve the files. After the 25-day period is up, it can take up to 15 days for these items to be purged.

  • Chat messages are kept for 30 more days after a user or a retention rule removes them from a conversation or a room. The purge process begins on Day 30 and may take several more days to complete depending on the number of messages being purged.

  • Voice text messages, voicemails and their transcripts, and call logs are purged up to 30 days after retention coverage expires, and you can’t retrieve them.

For examples of how retention rules work in Gmail, see Example Gmail retention rules and their effect.

Files saved to Drive by other Google services are covered by Drive retention rules

Some Google services store their data in Drive. This data is covered by Drive retention rules as follows:

Product Retention
Jamboard Vault retains jams saved to users' Drives according to Drive retention rules. Unsaved jams are discarded when the Jamboard session ends and are unavailable to Vault.
Google Meet Meet recordings and the logs for in-Meet chat, Q&A, and polls are covered by Drive retention rules by default.

To manage retention of Meet recordings differently from other items in Drive, you can set up retention rules for Meet. When retention rules for Meet are turned on, Drive retention rules don't apply to Meet recordings.

Google Sites Sites are covered by Sites retention rules by default.

To retain sites differently from other items in Drive, you can set up retention rules for Sites. When retention rules for Sites are turned on, Drive retention rules don't apply to sites.

To retain sites the same as other items in Drive, you can change retention settings so sites are retained by Drive rules.

Lapses in retention coverage can allow services to immediately purge data

Use caution when modifying existing retention rules. Services can immediately purge unprotected data that users deleted over 30 days ago.

Was this helpful?
How can we improve it?
Search
Clear search
Close search
Google apps
Main menu
16917811002102711977
true
Search Help Center
true
true
true
true
true
96539