API data access and retention.
Simulacra's Generative Causal AI is fit zero-shot on your data. We do not pool, aggregate, anonymize, or join datasets across customers for model training, improvement, or inference. Your data is never shared with third parties. The Headless API keeps cleaned datasets, trained models, and generated datasets for short, explicit windows so integrations can retry jobs, inspect schemas, generate scenarios, and download outputs. Access is approved by company tenant and authenticated with Auth0 machine-to-machine tokens.
Managed keys by default. Self-managed keys for sensitive data.
Standard managed mode
Simulacra operates the API, encrypted storage for retained datasets, retention jobs, and the managed download path. Download URLs are short-lived and require the customer's bearer token for access. Every data access is recorded for audit. This is the default path for most API tenants.
Enterprise storage mode
For customers that need stronger separation, generated datasets can route through customer-controlled key paths backed by the customer's AWS KMS keys. Enterprise retrieval returns object-storage URLs with customer-decrypt metadata. Setup is coordinated with the customer's security or cloud team.
Your data's lifecycle within the Headless API.
Simulacra uses the uploaded seed dataset to fit a zero-shot model for that tenant only: no pooling, no third-party sharing, no cross-customer training. Every retained dataset, model, generated output, and download URL follows the explicit retention window shown below.
Legend Arrows show in-flight steps and the three boundaries customer data crosses: into Simulacra at upload, from processing into the timed dataset store, and back out at download. Select any step to see what it does and what's logged.
Legend Cards show the API custody map. Select any step to see what it does and what's logged.
Logs capture lifecycle metadata, never uploaded or generated rows.
API activity logs capture request, tenant, job, dataset, generation, access, delete, operator, support, and security lifecycle events for monitoring, audit, and investigation. They do not capture uploaded data, generated data, client secrets, bearer tokens, claim tokens, plaintext data, or encryption keys.
Data retention and access rights.
| Step | Customer action | What Simulacra retains |
|---|---|---|
| 1.Request access | A company requests API access. If approved, the status response includes a client_id and a one-time credential claim token. | Signup and approval metadata. The client_secret is returned once through the credential-claim flow; Simulacra team members do not handle customer client_secret values. |
| 2.Mint token | The client exchanges Auth0 machine-to-machine credentials for a bearer token. | Authentication and request metadata. Access is tenant-scoped; protected routes reject missing, expired, or wrong-audience tokens. |
| 3.Upload and training | The customer uploads a seed dataset. The API cleans the dataset and trains a reusable model for generation. | Cleaned dataset and trained model for the dataset lifecycle window: 24 hours by default, extendable up to 7 days. The uploaded file is used briefly during processing. |
| 4.Generate | The customer builds conditions from the cleaned schema and starts an async generation job. | Generation metadata, support IDs, and the generated dataset. Idempotency keys keep retries from creating duplicate work; generated data is not copied into activity logs. |
| 5.Download | Completed jobs return a download URL for Parquet or CSV outputs. | Generated outputs default to 24-hour retention. In managed mode, download URLs are short-lived (15 minutes) and downloads authenticate with the customer's Auth0 token. Enterprise storage mode may return object-storage URLs with customer-decrypt metadata. |
| 6.Delete or expire | Datasets expire at the end of their retention windows or can be deleted early through DELETE /v1/datasets/{id}. | Deletion removes active dataset access and the associated retained datasets from the API. Generated datasets expire on their own retention windows. Audit and support metadata may remain under the audit retention policy. |
API contract for implementation. Trust package for procurement.
The live API docs define routes, fields, retries, errors, and dataset download behavior. For vendor review, request the restricted package: SOC 2 Type II, ISO/IEC 27001, DPA, subprocessors, questionnaire support, and API control mappings.