Link Menu Expand (external link) Document Search Copy Copied
This website is for Zenphi public documentation.

Configuring Dynamic Data Purging for Security & Compliance

In strict regulatory environments or high-volume data scenarios, simply stopping a flow isn’t always enough—you often need to ensure the data processed during that execution is completely erased.

The Terminate action now includes an optional “Purge Execution Data” toggle. This allows you to dynamically enforce a “Right to be Forgotten” policy at the end of a specific flow run.

Definition & Overview

Previously, the Terminate action would stop a flow’s logic, but the execution logs (inputs, outputs, and variable states) would remain visible in the “Recent Runs” history until the workspace’s retention period expired.

With the new Purge Execution Data setting enabled, the action performs two steps:

  1. Stops the Flow: Immediately halts all further execution.
  2. Destroys the Evidence: Permanently erases all logs, context, and data associated with that specific run instance.

Once complete, the flow run status will officially change to Completed and you will see the text (Purged) appear next to the Flow Run Name, confirming that no data remains in the system.

Capabilities & Reasoning

Why use this?

In standard automation, keeping logs is good for debugging. However, in Data Privacy and Security contexts, keeping logs can be a liability. This feature allows you to shift from a “Retention-by-Default” model to a “Purge-by-Design” model for specific scenarios.

  • Transparency: The system provides clear confirmation by displaying the (Purged) tag, verifying that the cleanup process is complete and the data has been permanently removed.
  • Granularity: You don’t have to purge every run. You can use conditional logic to purge only specific runs (e.g., If “Sensitive Data Found” = True -> Terminate & Purge).
  • No “Ghost” Data: It ensures that once a process is finished, the sensitive payload (like a credit card number or health record) is not lingering in your run history.

⚠️ Critical Warning: No Undo, No Logs Enabling this feature means you will have zero visibility into that run after it finishes. You cannot view the logs, check for errors, or see what values were passed. Best Practice: Only enable this setting after you have fully tested and debugged your flow.

Use Cases

1. Compliance & PII Handling (GDPR / HIPAA)

Scenario: You have a flow that processes sensitive customer information (Personally Identifiable Information), such as verifying an ID document or processing a credit card token. Strategy: Once the verification is sent to the target system (e.g., Salesforce), you want to ensure Zenphi holds no record of that transaction. Result: The automation completes the task, and the data is immediately vaporized, ensuring audit-proof compliance.

2. High-Volume Resource Management

Scenario: You are running a high-frequency utility flow that runs 10,000 times a day to check for file updates. These logs are cluttering your history and consuming storage space, even though 99% of them are “Nothing found.” Strategy: Instead of waiting for the workspace retention policy (e.g., 30 days) to clear them, you purge them instantly if the check comes back empty. Result: Your “Recent Runs” list remains clean, focusing only on the runs that actually performed work.

How to Configure

Using this feature is straightforward:

  1. In your Flow Designer, drag and drop the Terminate action to the point in your flow where you want the execution to stop and be cleaned up.
  2. Open the action settings.
  3. Toggle the Purge Execution Data switch to ON.

That’s it. When the flow hits this step, it will stop and immediately wipe its own data.

Real-World Example: The “Secure Data Hand-off”

To fully understand the power of this feature, let’s look at a common scenario: Processing an Anonymous HR Complaint.

The Goal

You need to receive a sensitive PDF document from an employee and save it to a restricted Google Drive folder.

  • Privacy Requirement: Once the file is saved, Zenphi must not keep a copy of the file or the employee’s name in the logs.
  • IT Requirement: If the Google Drive connection fails, IT needs to see the error logs to fix the connection.

The Flow Design

Here is how you would build this using Dynamic Purging:

  1. Trigger: Zenphi Form (Employee submits the complaint).
  2. Action: Save File (Save the PDF to the restricted Google Drive folder).
  3. Logic Step: Add an If Condition to check the output of the Save action (e.g., Is Successful equals True).
  4. Branch A (Success):
    • The file is safe in Drive. We no longer need the data in Zenphi.
    • Action: Add a Terminate action.
    • Setting: Toggle “Purge Execution Data” to ON.
    • Outcome: The run finishes and immediately deletes itself. No trace is left.
  5. Branch B (Failure):
    • The file failed to save. We need to know why.
    • Action: Add a Terminate action (or let it end naturally).
    • Setting: Keep “Purge Execution Data” OFF.
    • Outcome: The run is saved in “Recent Runs.” The IT Admin can open the log, see the error message (e.g., “Folder not found”), and fix the issue.

This architecture gives you the best of both worlds: 100% Privacy for successes, and 100% Visibility for errors.

Conclusion

The Purge Execution Data feature transforms the Terminate action from a simple “Stop” sign into a powerful compliance tool.

By allowing you to programmatically destroy data at the end of a flow, Zenphi empowers you to meet strict regulatory standards (like GDPR and HIPAA) and maintain a cleaner, more efficient workspace. You no longer have to choose between automation utility and data privacy—with Dynamic Purging, you can ensure that your sensitive data exists only for the exact seconds it is needed, and not a moment longer.