# Data Classification and Sensitive Data Lifecycle > **Intro:** Classification only matters if it changes engineering behavior. This page treats data classification as a design input for storage, logging, export, retention, and deletion. > > **What this page includes** > > * a practical classification model for product teams > * where sensitive data spreads beyond the primary datastore > * retention and deletion questions to force early > * how classification affects architecture reviews ## Practical classes A useful minimal model is: * **public or low sensitivity**; * **internal operational data**; * **customer confidential data**; * **regulated or highly sensitive data**. ## Propagation map Sensitive data rarely stays where the feature owner thinks it stays. Review all of these: * primary datastore; * caches and search indexes; * logs and traces; * analytics pipelines; * backups and snapshots; * support exports and ad hoc reports; * message queues and dead-letter stores. ## Design questions * Does the product truly need to store this field, or only verify it briefly? * Which derived datasets must also be deleted later? * Can support personnel see raw values, or only masked forms? * What happens to the data in exports and incident evidence bundles? ## Retention rules that help * tie retention to a business purpose, not convenience; * define deletion owners for primary and derived systems; * document exceptions such as legal hold or fraud review; * prefer irreversible transformations for fields that do not need raw retrieval. ## Common anti-patterns * logs retaining more than the product database; * backups with no practical restore-scope controls; * analytics copies surviving long after user deletion; * “temporary” CSV exports that become shadow systems. ## Related pages * [Log Redaction, Backups, and Privacy by Design](/architecture-api-crypto-and-identity/index-3/log-redaction-backups-and-privacy-by-design.md) * [Multi-Tenant SaaS and Admin-Plane Patterns](/architecture-api-crypto-and-identity/index-1/multi-tenant-saas-and-admin-plane-patterns.md) *** *Author attribution: Ivan Piskunov, 2026 - Educational and defensive-engineering use.* --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.product-security.expert/architecture-api-crypto-and-identity/index-3/data-classification-and-sensitive-data-lifecycle.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.