# Rocket Relay Deletion Request Process

Last reviewed: April 27, 2026

## Scope

Deletion requests may apply to organization accounts, users, API keys, BYOK credentials, webhook targets, request logs, usage exports, and billing metadata. Platform-level model-quality probe records do not contain customer prompts or customer responses and may be retained as operational evidence.

## Standard handling

1. Verify requester authority for the organization.
2. Identify affected records by organization ID and user ID.
3. Revoke active API keys and BYOK credentials before deletion.
4. Remove webhook configurations and signing secrets.
5. Delete or anonymize request metadata according to the customer contract and retention policy.
6. Preserve legally required billing records where applicable.
7. Record completion in the audit trail.

## Immediate revocation paths

- API keys can be revoked.
- BYOK credentials can be disabled or deleted.
- Webhook destinations can be deleted.
- Organization member access can be disabled.

## Retention notes

Usage and request log records are monthly partitioned, enabling operational retention windows. Some payment and ledger records may be retained when required for tax, accounting, chargeback, fraud prevention, or legal reasons.