What personal data does OpenAI store after account deletion and for how long?

1. What kinds of personal data are referenced and thus potentially retained

OpenAI’s retention guidance treats chats, uploaded files, canvas documents, screenshots and API inputs/outputs as the primary objects that may persist after a user deletes them or deletes an account, and it explicitly calls out conversations, files and “associated screenshots” in product help pages and Operator guidance ^{[3] [1] [9]}. Platform documentation also distinguishes model‑related objects such as Assistants API objects and generated images, noting different deletion rules for files, images and assistant artifacts ^[4].

2. The baseline rule: “about 30 days” for consumer chats, files and API logs

OpenAI’s public materials repeatedly state deleted ChatGPT conversations and Temporary Chats are scheduled for permanent deletion within about 30 days, and API inputs/outputs are generally removed from logs after 30 days unless law requires longer retention ^{[1] [6] [2] [4]}. Help pages for account deletion likewise say user data will be deleted within 30 days except for a “limited set” retained where required or permitted by law ^[5]. Platform docs note internal backups may retain content for a short additional window (e.g., up to 30 additional days in some cases) even after removal from the Compliance API ^[1].

3. Concrete, documented exceptions that extend retention

Several explicit exceptions extend retention: workspace admin policies can set indefinite or time‑bound retention windows (e.g., 90 or 180 days) for members removed from a workspace, restoring content if the member is re‑added ^[3]; OpenAI says legal or security obligations can require longer preservation of deleted items ^{[1] [5]}; some products keep deleted material longer—Operator data is disclosed as kept “up to 90 days” after deletion per product help text and reporting ^[9]; and third‑party reporting and commentary have alleged court orders mandating preservation of chats beyond the 30‑day norm, claims that OpenAI’s own public legal posts address as part of litigation timelines ^{[6] [7] [8]}.

4. Enterprise and developer exceptions: Zero Data Retention and API nuance

Enterprise and API customers have different options: OpenAI’s ZDR (Zero Data Retention) endpoints are advertised as never logging inputs/outputs for eligible customers, and enterprise documentation says admins can control workspace retention and that API inputs/outputs are “removed after 30 days” unless legal obligations apply ^{[6] [2] [4]}. Platform guides also warn that certain features (extended prompt caching, some image generation endpoints) are not ZDR‑eligible and therefore inherit standard retention behavior ^[4].

5. What “deleted” really means and unresolved transparency points

OpenAI’s docs assert that once deletion completes, chats are removed from visible history and scheduled for system deletion within the retention window, and that deleted items “cannot be recovered” by users, yet they also acknowledge de‑identification, legal holds, internal backups and product‑specific exceptions that can keep content accessible internally or to compliance tools for longer ^{[1] [6] [4]}. Independent claims about court‑ordered indefinite preservation and vendor critiques complicate the picture; these are reported by third parties but are not a straightforward contradiction of OpenAI’s baseline 30‑day policy because litigation can create legally compelled exceptions—OpenAI’s own legal response materials and third‑party summaries document that complexity ^{[6] [7] [8]}.

6. Bottom line and limits of available reporting

The clearest, documented baseline is that deleted consumer chats, temporary chats and most API logs are removed from OpenAI systems within about 30 days, with explicit exceptions where workspace policies, product rules (Operator), legal obligations, backups or non‑ZDR features require longer retention—periods cited in product materials range from 30 to 90 days or longer under legal hold ^{[1] [6] [3] [9] [4]}. Reporting and vendor commentary point to court orders and promotional claims that can alter retention in practice, but those are situational and should be cross‑checked against OpenAI’s legal disclosures and the specific product or workspace settings at issue ^{[6] [7] [8]}. Public documentation does not enumerate every forensic or backup retention window in full detail, so definitive statements about every internal copy or log beyond the cited materials cannot be made from the provided sources ^{[1] [4] [5]}.