> ## Documentation Index
> Fetch the complete documentation index at: https://docs.antei.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Data Classification & Storage

> Understand how Antei classifies and stores data across its systems to ensure security, auditability, and compliance.

<Icon icon="database" size={26} color="#4B5563" />

# Data Classification & Storage

Antei classifies all incoming data across integrations, uploads, and APIs into structured categories. This enables consistent handling, secure storage, and proper routing across internal services.

***

## Data Classification Model

Each field in the platform is tagged with metadata to guide its treatment across ingestion, mapping, validation, and downstream usage.

| Classification      | Description                                                                  |
| :------------------ | :--------------------------------------------------------------------------- |
| **Core Identifier** | Fields required to uniquely identify entities (e.g. `contact_id`, `txn_id`)  |
| **Jurisdictional**  | Fields that impact region-specific logic (e.g. `country`, `state`, `tax_id`) |
| **Financial**       | Monetary fields like `amount`, `tax`, `currency`, `exchange_rate`            |
| **Derived**         | Computed or post-processed fields (e.g. `reverse_charge_applied`)            |
| **Sensitive**       | Personally identifiable or regulatory-sensitive (e.g. `email`, `ip_address`) |
| **Audit Metadata**  | Sync metadata such as `source`, `sync_time`, `extracted_id`, `mapping_tag`   |

Each record (invoice, transaction, product, contact) is processed using these classifications.

***

## Storage Architecture

Antei uses a layered storage model based on data sensitivity and processing stage:

| Layer                | Description                                                                |
| :------------------- | :------------------------------------------------------------------------- |
| **Ingestion Layer**  | Temporary staging of raw integration payloads (used during transformation) |
| **Validation Layer** | Intermediate storage for normalized and enriched records                   |
| **Primary Database** | System-of-record for validated data, powered by **Xano**                   |
| **Document Store**   | File storage (e.g. invoices, registrations) managed via **Cloudflare R2**  |
| **Logs & Metadata**  | Process logs and metadata maintained through **Railway** and **Render**    |

> 📌 Sensitive documents (e.g. tax notices) are never stored in plaintext. Access is scoped and logged.

***

## Regional Data Residency

PII and jurisdictional data is stored based on the customer’s region:

| Client Region       | Data Residency Location | Scope of Application                               |
| :------------------ | :---------------------- | :------------------------------------------------- |
| **EU Customers**    | EU servers              | All sensitive fields + Vault + logs                |
| **India Customers** | IND servers             | PII, transaction metadata, file uploads            |
| **Other Clients**   | US (Global server)      | Default server unless region-specific setup exists |

* **PII is regionally hosted**; generalized data (e.g. classification metadata) may reside in USA
* All traffic is encrypted and scoped with access controls
* Region assignment is configurable at org level

***

## Encryption & Access Control

| Layer              | Protection Applied                                                   |
| :----------------- | :------------------------------------------------------------------- |
| **At Rest**        | AES-256 / Cloud provider encryption (PostgreSQL, R2)                 |
| **In Transit**     | HTTPS (TLS 1.2+) with forced SSL enforcement                         |
| **Access Control** | Token-based access, scoped per user and org, with audit logs         |
| **Field-level**    | Sensitive fields excluded from logs and stored encrypted if required |

***

## Field Metadata Example

Every mapped field carries classification and sync metadata. For example:

```json theme={null}
{
  "field": "invoice_total_amount",
  "source": "stripe_invoice.total",
  "extracted_id": "abc123",
  "isSensitive": false,
  "classification": "financial",
  "mappingVersion": "v1.3"
}
```

***

## Retention Defaults

| Data Type             | Retention Period | Notes                                         |
| :-------------------- | :--------------- | :-------------------------------------------- |
| Core Transaction Data | Persistent       | Stored indefinitely for audit and compliance  |
| Validation Logs       | 90 days          | Auto-deleted unless marked as critical        |
| Uploaded Files        | 12 months        | Cleaned periodically unless retained manually |
| Audit Logs            | 180 days         | Visible under Org Settings → Audit Trail      |

> Retention can be customized for enterprise clients upon request.

***

## Next Steps

* [→ View Validation Logic](/trust-center/Data%20Flow%20and%20Processing/validation-logic)
* [→ Explore Audit Trail](/trust-center/Security/audit-logs)
* [→ Review Data Retention Policy](/trust-center/Privacy%20and%20Compliance/data-retention-deletion)

***

## Questions?

Need help with data classification and storage?\
Email [support@antei.com](mailto:support@antei.com)
