How do I disable the call analytics from storing data about the caller?

Cloud Dashboard
1

I am trying to build a gdpr compliant ai receptionis using livekit cloud for the webrtc layer and self-hosting the agent part.

The Calls section, under Telephony in the livekit cloud dashboard, stores the records of the every call made. The phone number of the caller and a pcap file for the call with network packet data in it (does the pcap file contain encrypted audio data from the call itself?). This data is kept over 30 days as I can see the details of sip connections that were made over a month ago.

The agent observability was always disabled in my project settings and I have tested setting record: false in node.js too according the documentation. My agent.ts now contains:

await session.start({
agent,
room: ctx.room,
inputOptions: {
…(bvcEnabled && {
noiseCancellation: TelephonyBackgroundVoiceCancellation(),
}),
closeOnDisconnect: false,
},
record: false,
});

Also the project is using one static dispatch rule with hidePhoneNumber set to true:

{
“sipDispatchRuleId”: “id_was_here”,
“rule”: {
“dispatchRuleIndividual”: {
“roomPrefix”: “session-”
}
},
“hidePhoneNumber”: true,
“name”: “receptionist-static”,
“roomConfig”: {
“emptyTimeout”: 300,
“agents”: [
{
“agentName”: “receptionist”
}
]
}
}

Is there a way I can prevent livekit from storing these analytics or programmatically delete them? I am on build plan right now as I am testing things, but I was not able to find any details about ship or scale plan containing any features that affect what data livekit cloud retains about the sip call.

I am wondering if there is anything I am missing because I cannot deploy this on any scale here in Sweden if every phone number and potentially every conversation is logged and there just seems be no way to delete these logs. Livekit cloud has Krisp bvc which we very much want to use, but its very unclear how to manage session analytics and prevent them from being retained (or stored in the first place).

2

@Denys_Klym, your settings are at the wrong layer. hide_phone_number (in livekit/protocol) hides the caller number from your agent’s participant attributes; your agent code won’t see it, but it doesn’t affect Cloud’s telephony Calls dashboard, which is a separate observability layer. Same with record: false; that’s agent-side recording, not Cloud-side call telemetry. Nothing in your SDK or dispatch-rule config turns off the Cloud Calls log.

The pcap typically contains SIP signaling + RTP. If your trunk uses TLS+SRTP (typical for Twilio), the audio payload bytes would be encrypted; whether Cloud retains SRTP keys alongside the pcap isn’t publicly documented.

For GDPR + Sweden, this isn’t an SDK question, it’s contractual. Request LiveKit’s DPA (sales/legal) covering retention defaults, right-to-erasure flow, and EU data residency. The Build tier likely doesn’t include enterprise data controls; Scale or Enterprise may. Worth pinging @CWilson here and opening a direct DPA inquiry alongside.

3

Thank you for clearing things up, Muhammad! We went with the fully self-hosted option though. Currently trying to use Gladia and DTLN to replace Krisp bvc. Personally, I dont think there are any fantastic solutions out there for swedish vad/stt currently on the market so a heads-up to anyone building for this market.

4

@Denys_Klym Glad you got there; note that on self-host you control SIP-side retention directly via livekit/sip deployment config, so the Cloud Calls dashboard concern doesn’t apply.

5

Yes, a DPA is the way to go through this page