Stow.Zero-Retention Privacy: Why Stow Never Stores Your Email Content
SecurityApril 19, 20264 min read

Zero-Retention Privacy: Why Stow Never Stores Your Email Content

Most AI proxies log your request payloads "for debugging purposes." Stow strips the content before it ever reaches the database. Here's exactly what that means — and what it doesn't.

Stow Logo

When Claude reads your email through Stow, the email content never reaches the Stow database. The same is true for Slack messages, Google Docs, Notion pages, and every other service Stow connects to. Payload content is stripped from every request and response before it's logged. Only metadata persists.

This is a deliberate architectural decision, not a UI setting. Here's exactly what it means — and what happens to the data that does get stored.

The Standard Approach (And Why We Rejected It)

Most API proxy and middleware services log request and response bodies. The justification is usually debugging — if something goes wrong, you want a record of what was sent and received. The cost is that every email subject, every Slack message, every document draft that passes through the system ends up stored in a third-party database somewhere.

For personal productivity tools, that's acceptable. For AI agents that touch your email, your company's Slack, your legal documents, or your financial spreadsheets, it's a significant liability. A breach of the middleware layer exposes everything the AI ever touched.

Stow takes the opposite approach: log the action, not the content.

What Gets Stripped

Request Payloads

The actual data Claude sends to a service — email body text, Slack message content, document queries, search terms. Stripped before the DB write.

Response Content

The data the service returns — email subjects and bodies, message threads, document text, spreadsheet values. Sanitized to metadata only.

API Credentials

OAuth tokens, API keys, and personal access tokens are truncated to a short prefix in any logs. Never stored in full.

Personal Identifiers

Invitee names, email addresses, attendee lists, and other personally identifiable data passed in API responses are dropped.

What Does Get Stored

The Activity Log records everything needed to answer "what did my AI agent do?" — without recording what it actually saw or said:

Agent IDWhich agent made the request (Claude, Cursor, ChatGPT)
Tool NameThe specific operation executed (e.g., gmail-list-messages, slack-post-message)
StatusWhether the request was executed, denied, blocked, or pending approval
Risk ScoreThe numerical risk assessment generated by the Risk Engine
TimestampWhen the request occurred, in UTC
Network SignalsIP, ASN, and region used for baseline comparison — not linked to content

How This Compares to Alternatives

Direct API Keys

No logging at all — you have no visibility into what your AI agent actually did.

Standard Middleware

Full request/response logging. Complete visibility, but your content is stored on a third-party server.

Stow

Metadata-only logging. Full action visibility with no content stored. Audit trail without exposure.

What This Means for Regulated Industries

If you're in a regulated industry — healthcare, finance, legal, HR — the question of where your data goes when AI processes it is not theoretical. Zero-retention means Stow is not a data processor for your email content, document text, or personal data. It processes the request metadata and discards the payload.

This doesn't eliminate your compliance obligations, but it meaningfully reduces the surface area. The AI (Claude, ChatGPT, Cursor) receives and processes the content. Stow enforces the policy and logs the action. Neither the AI provider nor Stow retains the content after the request completes.

An Architectural Guarantee, Not a Setting

Zero-retention isn't a toggle. There's no "enable zero-retention mode" because retention isn't the default that gets opted out of — stripping is baked into the logging pipeline. Payload content never reaches the database write layer.

The only way to change this would be to change the architecture. That's intentional. We think your email content is yours, and a tool that helps AI act on it shouldn't be keeping copies of it.

Your Content Stays Yours

Full audit trails. Zero content retention. AI that acts on your data without storing it.

S

Stow Security Team

April 19, 2026