Loading
Feature Disruption - Service Cloud VoiceRead More
Feature degradation | Gmail Email delivery failureRead More
Set Up and Maintain Your Salesforce Organization
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Daily Retention Store Cleanup Control

            You are here:

            1. Salesforce Help
            2. Docs
            3. Set Up and Maintain Your Salesforce Organization

            Daily Retention Store Cleanup Control

            Automatically purges expired records from the Retention Store daily, enforcing data minimization by removing data past its defined retention period from Privacy Center policies.

            Control Name

            Daily Retention Store Cleanup (Select 'Enable retention store daily cleanup')

            Control Overview

            Automatically purges expired records from the Retention Store daily, enforcing data minimization by removing data past its defined retention period from Privacy Center policies.

            Description

            When enabled in Privacy Center settings, Salesforce scans Big Object-based retention stores nightly and permanently deletes records exceeding policy timelines (for example, 30 days post-consent withdrawal), freeing storage and reducing compliance scope.

            Recommended Configuration

            Select 'Enable retention store daily cleanup' in Setup>Privacy Center>Retention Settings to automate expired data removal across all active retention policies.

            Security Impact

            Reduces long-term storage of unnecessary PII or PHI, shrinks breach surface from aged data, and provides automated proof of retention policy enforcement for audits.

            Business Impact

            Optimizes Big Object storage costs (critical for high-volume consent tracking), simplifies compliance reporting, and prevents storage bloat from inactive policies.

            Security Risk If Not Configured

            Disabled daily cleanup for retention data stores allows indefinite accumulation of expired PII beyond policy limits, violating minimization principles.

            Threat Scenarios

            Accumulated expired data in retention stores becomes a breach target; manual cleanup failures or forgotten policies expose historical consent/PHI data to unauthorized access or regulatory scrutiny.

            Estimated CVSS Score Range

            Medium (4.0–6.9).

            Risk Impact Considerations

            Storage impact grows with consent volume; legal holds may require policy exceptions before enabling auto-cleanup.

            Higher Risk When

            High-frequency consent changes (for example, marketing opt-outs), unmonitored policy expiration dates, or shared orgs with delegated Privacy Center access.

            Low Risk When

            Short retention policies (≤90 days), low data volumes, combined with Event Monitoring for cleanup audit trails.

            Business and Integration Considerations

            Good to have. Test with sample policies first, monitor storage via Big Object reports post-enable. Integrates with Data Management Policies for comprehensive lifecycle control.

            Security Health Review Guidance

            Specific Security Health Review guidance is not provided, though the control is mapped to the NIST-CF Domain: "Protect".

            Who Is Impacted

            Privacy Center admins, data protection officers managing retention policies, storage capacity planners, and compliance teams verifying minimization controls.

            See Also

             
            Loading
            Salesforce Help | Article