Data Classification & Storage
Understand how Antei classifies and stores data across its systems to ensure security, auditability, and compliance.
Data Classification & Storage
Antei classifies all incoming data across integrations, uploads, and APIs into structured categories. This enables consistent handling, secure storage, and proper routing across internal services.
Data Classification Model
Each field in the platform is tagged with metadata to guide its treatment across ingestion, mapping, validation, and downstream usage.
| Classification | Description |
|---|---|
| Core Identifier | Fields required to uniquely identify entities (e.g. contact_id, txn_id) |
| Jurisdictional | Fields that impact region-specific logic (e.g. country, state, tax_id) |
| Financial | Monetary fields like amount, tax, currency, exchange_rate |
| Derived | Computed or post-processed fields (e.g. reverse_charge_applied) |
| Sensitive | Personally identifiable or regulatory-sensitive (e.g. email, ip_address) |
| Audit Metadata | Sync metadata such as source, sync_time, extracted_id, mapping_tag |
Each record (invoice, transaction, product, contact) is processed using these classifications.
Storage Architecture
Antei uses a layered storage model based on data sensitivity and processing stage:
| Layer | Description |
|---|---|
| Ingestion Layer | Temporary staging of raw integration payloads (used during transformation) |
| Validation Layer | Intermediate storage for normalized and enriched records |
| Primary Database | System-of-record for validated data, powered by Xano |
| Document Store | File storage (e.g. invoices, registrations) managed via Cloudflare R2 |
| Logs & Metadata | Process logs and metadata maintained through Railway and Render |
📌 Sensitive documents (e.g. tax notices) are never stored in plaintext. Access is scoped and logged.
Encryption & Access Control
- At Rest: Data is encrypted using native encryption mechanisms (Xano, R2)
- In Transit: All communication uses HTTPS (TLS 1.2+)
- Scoped Access: Token-based access to file URLs with expiration
- Field-Level Protection: Sensitive fields like emails and tax IDs are excluded from logs by default
Field Metadata Example
Every mapped field carries classification and sync metadata. For example:
Retention Defaults
| Data Type | Retention Period | Notes |
|---|---|---|
| Core Transaction Data | Persistent | Stored indefinitely for audit and compliance |
| Validation Logs | 90 days | Auto-deleted unless marked as critical |
| Uploaded Files | 12 months | Cleaned periodically unless retained manually |
| Audit Logs | 180 days | Visible under Org Settings → Audit Trail |
Retention can be customized for enterprise clients upon request.
Next Steps
Questions?
Need help with data classification and storage?
Email support@antei.com