---
title: "Call Recording Retention Policies: CallSphere vs Vapi Defaults"
description: "How long should you keep call recordings? CallSphere ships per-vertical retention defaults; Vapi customers DIY. Compare lifecycle and erasure flows."
canonical: https://callsphere.ai/blog/call-recording-retention-policies-callsphere-vs-vapi
category: "Technical Guides"
tags: ["Call Recording Retention", "Data Lifecycle", "Vapi vs CallSphere", "Right to Erasure", "Voice AI Storage", "Retention Policy"]
author: "CallSphere Team"
published: 2026-04-20T00:00:00.000Z
updated: 2026-05-07T23:09:31.104Z
---

# Call Recording Retention Policies: CallSphere vs Vapi Defaults

> How long should you keep call recordings? CallSphere ships per-vertical retention defaults; Vapi customers DIY. Compare lifecycle and erasure flows.

## TL;DR

Retention is a deceptively complex compliance problem. Keep recordings too long and you create unnecessary risk; too short and you fail audit / legal hold requirements. **CallSphere ships per-vertical retention defaults** (healthcare, sales, salon, IT helpdesk, after-hours) with documented archive and erasure flows. **Vapi.ai** is voice infrastructure — retention is whatever the customer's storage vendor and DIY scripts produce, with no built-in lifecycle management. This post walks through retention windows by vertical, the lifecycle pipeline (active → warm → cold → erase), and gives you a procurement checklist.

## Why Retention Is a CISO Question

Three forces pull retention in opposite directions:

- **Pull longer**: legal hold, audit requirements, dispute resolution, training data quality
- **Pull shorter**: GDPR storage limitation (Art. 5(1)(e)), CCPA / CPRA right to erasure, breach blast radius minimization, storage cost
- **Pull configurable**: state-specific retention (e.g., medical records retention varies state by state — 5 to 30 years)

A platform with **per-vertical defaults** gives the customer a defensible starting point that maps to common regulatory regimes. A platform that requires the customer to design retention from scratch typically results in either "keep everything forever" (high risk, high cost) or accidental data loss.

## Retention Defaults — Sample by Vertical

| Vertical | Active | Warm | Cold / Archive | Total | Notes |
| --- | --- | --- | --- | --- | --- |
| Healthcare | 30 days | 1 year | 6 years | ~7 years | Aligns to HIPAA documentation retention |
| Sales | 14 days | 90 days | 1 year | ~1 year | Coaching + dispute window |
| Salon | 7 days | 30 days | 90 days | ~90 days | Operational only |
| IT Helpdesk | 14 days | 60 days | 1 year | ~1 year | Incident review |
| After-Hours | 30 days | 90 days | 1 year | ~1 year | Escalation review |

These defaults are starting points — every customer can adjust per their legal and operational needs. The **lifecycle pipeline** is the same: a recording moves from hot storage (fast access) to warm (cheaper) to cold (archive) and finally to erasure.

## Vapi's DIY Retention Burden

Because Vapi is voice infrastructure with no built-in storage layer, the customer:

1. Picks a storage vendor (S3, Azure Blob, GCS)
2. Designs lifecycle rules manually
3. Writes erasure scripts (often using S3 Object Lifecycle and bucket policies)
4. Wires GDPR / CCPA right-to-erasure requests into the deletion pipeline
5. Maintains audit logs of every retention transition
6. Tests the pipeline (often skipped — and only discovered during incident response)

A typical maturity curve: customer defaults to "keep forever in S3 standard" for the first 18 months, until storage costs or a breach exposes the gap, then panics and rebuilds.

## CallSphere's Lifecycle Architecture

CallSphere's retention pipeline is built into the platform:

- **Active (hot)**: Postgres + S3 standard — fast access for ops, dashboards, analytics
- **Warm**: S3 Standard-IA — read-occasionally, cheaper
- **Cold / archive**: S3 Glacier or equivalent — audit-only access
- **Erasure**: Cryptographic shredding (KMS key destruction) plus storage delete, with audit log entry

Per-tenant policy controls dictate the days at each stage. The right-to-erasure workflow is exposed via the dashboard and a documented API.

## Mermaid: Retention Lifecycle

```mermaid
stateDiagram-v2
  [*] --> Active : Recording created
  Active --> Warm : day N (per vertical)
  Warm --> Cold : day M (per vertical)
  Cold --> Erased : day P (per vertical)
  Active --> Erased : right-to-erasure request
  Warm --> Erased : right-to-erasure request
  Cold --> Erased : right-to-erasure request
  Erased --> [*]
  Active --> Hold : legal hold
  Warm --> Hold : legal hold
  Cold --> Hold : legal hold
  Hold --> Active : hold released
```

The state machine is explicit. Every transition is logged in the audit_logs table with the policy that triggered it.

## Comparison Table

| Retention Capability | Vapi DIY | CallSphere |
| --- | --- | --- |
| Per-vertical defaults | Build yourself | Built-in |
| Hot/warm/cold tiers | Build yourself | Default |
| Cryptographic erasure | Build yourself | Default |
| Right-to-erasure API | Build yourself | Built-in |
| Legal hold workflow | Build yourself | Built-in |
| Audit log of transitions | Build yourself | Default |
| Per-tenant policy override | Build yourself | Config |
| State / regional retention rules | Build yourself | Config |
| Time-to-compliance retention | Months | Day 1 |

## Right to Erasure — A Practical Walkthrough

A patient submits a deletion request. The flow:

1. Request received via support / dashboard / API
2. Identity verification step (per HIPAA / GDPR best practices)
3. CallSphere logs the request in audit_logs
4. Recordings, transcripts, and analytics rows for the patient are erased across hot/warm/cold tiers
5. Tokenized references in analytics are scrubbed
6. Confirmation logged + sent to requester
7. Backups are flagged for the next backup-rotation purge (per documented policy)

In a Vapi-based stack, step 4 alone often spans 5 vendors and the customer's own glue code. Each handoff is a chance for partial deletion, which is itself a compliance issue.

## Procurement-Friendly Retention Checklist

1. Are per-vertical retention defaults documented?
2. Are hot/warm/cold tiers configurable per tenant?
3. Is cryptographic erasure (KMS key destruction) supported?
4. Is right-to-erasure exposed via API or dashboard?
5. How are backups handled in erasure flows?
6. Is legal hold a first-class feature?
7. Are retention transitions audit-logged?
8. Can per-customer state-specific rules be applied?
9. What is the SLA for completing an erasure request?
10. Are retention controls in scope for SOC 2 / HIPAA?

## Real-World Cost & Risk Numbers

A typical mid-sized contact center generates ~50,000 minutes of recordings per month. At 24 kbps stereo, that's ~10 GB / month, ~120 GB / year. Over 5 years of "keep forever" with no lifecycle:

- ~600 GB in S3 Standard ≈ $13.80/month, but blast radius is the full 5-year corpus
- Same data with hot-warm-cold lifecycle ≈ $4-5/month and limited blast radius if breached

Cost is small but the blast radius difference is enormous: a breach of an unmaintained "keep forever" bucket exposes 5 years of PII. Lifecycle limits exposure to the active window.

## CTA

Lifecycle is what separates "we have recordings" from "we have a defensible retention posture." [Book a CallSphere demo](/demo), or check our [pricing](/pricing) for retention tiers.

## FAQ

### Can I keep recordings longer than the default?

Yes — per-tenant policy can extend retention to meet legal hold, audit, or training data requirements. Each extension is documented.

### What about transcripts vs audio?

Both follow the same lifecycle by default. Customers can choose to retain transcripts longer than audio (cheaper, lower-risk) under documented policy.

### Is the right-to-erasure SLA documented?

CallSphere's standard SLA is 30 days from verified request to confirmed erasure across all tiers, well within GDPR / CCPA windows.

### Does CallSphere handle legal hold?

Yes. Legal hold halts lifecycle transitions and erasure requests for affected records, with audit trail.

### What happens to analytics on erased calls?

Aggregate metrics persist (counts, sentiment averages) but per-call rows are scrubbed. The result is statistically equivalent without retaining individual PII.

## Deep Dive: Per-Vertical Retention Rationale

### Healthcare Retention

The HIPAA Privacy Rule does not specify a retention period for PHI itself, but the Security Rule (45 CFR § 164.530(j)) requires retention of compliance documentation for **6 years** from creation or last effective date. Many states impose longer medical record retention (commonly 7-10 years for adults, longer for minors). CallSphere's healthcare default of ~7 years balances HIPAA documentation retention with state-specific minimums.

Specific retention extensions:

- Pediatric records often retained until age of majority + state retention period
- Mental health records have additional retention rules in some states
- Substance use disorder records are subject to 42 CFR Part 2 — separate retention rules apply

### Sales Retention

Sales call retention is driven by:

- Coaching window (90 days typical)
- Dispute / complaint window (1 year typical for B2B; longer for B2C)
- Training data needs (often 6-12 months of representative samples)

The default 1-year retention covers typical sales cycle and dispute resolution windows.

### Salon / Personal Services

Lower-stakes operational data — 90 days covers typical operational review and dispute windows.

### IT Helpdesk

Typically retained for incident review, root cause analysis, and post-incident learning. 1 year covers typical incident escalation and trend analysis.

### After-Hours / Emergency Lines

Retained for escalation review and pattern analysis. After-hours calls may have legal hold requirements (e.g., if escalated to emergency services).

## Lifecycle Cost Modeling

A typical 50,000-minute-per-month customer:

| Storage Tier | Monthly Volume | Storage Class | Cost |
| --- | --- | --- | --- |
| Active (30 days) | ~10 GB | S3 Standard | ~$0.23 |
| Warm (60 days) | ~20 GB | S3 Standard-IA | ~$0.25 |
| Cold (5+ years) | ~600 GB | S3 Glacier | ~$2.40 |
| Total monthly | ~$2.88 |  |  |

Compared to "keep all in S3 Standard forever":

| Tier | Volume after 7 years | Storage | Cost |
| --- | --- | --- | --- |
| All Standard | ~840 GB | S3 Standard | ~$19.32/month |

The lifecycle approach is ~85% cheaper at steady state, plus dramatically smaller blast radius.

## Backup Erasure Considerations

Backups are the trickiest part of right-to-erasure. Industry best practice:

- Backups are subject to a documented retention period (e.g., 35 days)
- Erasure requests are honored on the next backup rotation cycle
- The DPA discloses that backups are temporarily retained post-erasure
- Customers receive a confirmation when backups are fully purged

CallSphere documents this clearly. A Vapi-based stack inherits whatever backup behavior each upstream vendor exposes — often opaque.

## Legal Hold Workflow

When litigation or regulatory hold is anticipated, the typical workflow:

1. Legal team identifies scope (specific patient, date range, agent)
2. Hold flag set in dashboard with hold ID and reason
3. Lifecycle transitions paused for affected records
4. Hold review periodically (quarterly recommended)
5. Hold released when no longer needed
6. Affected records resume normal lifecycle

Hold events are audit-logged and exportable. Legal teams can produce a "litigation hold report" showing which records are on hold and when each hold was applied / released.

## Erasure Verification

After erasure, customers can request verification:

- Cryptographic shredding event log entry (KMS key destruction timestamp)
- Storage delete confirmation (S3 delete event log)
- Database row delete confirmation
- Backup purge confirmation (after backup window expires)

This verification package is the kind of evidence a regulator would demand if a deletion request was contested.

## Lifecycle Policy Examples

A real CallSphere customer's policy (anonymized):

```
Healthcare practice with multi-state operations:
  Active: 30 days hot storage
  Warm: 1 year warm storage
  Cold: 6 years cold archive
  Erasure: cryptographic shred + storage delete
  Backups: 35 days, then purged
  Legal hold: per-record flag with audit log
  Right-to-erasure SLA: 30 days end-to-end
```

Each parameter is configurable in the dashboard, with audit log on every change.

---

Source: https://callsphere.ai/blog/call-recording-retention-policies-callsphere-vs-vapi