Data Flow Description
Version: v1.0
Last updated: 13.07.2026
Next review: 01.10.2026
This document describes in detail how customer-created and imported content moves through the Lyyli platform from input through AI processing and back. It breaks down independent data flows such as workspace storage, AI processing, and integrations, and explains logging practices for IT compliance evaluation.
This description explains in detail how customer content moves through and is processed on the Lyyli platform. It helps you understand the system's technical architecture, but it does not replace the precise processing regions of individual AI routes or the service-specific retention terms that apply to them.
Six-step information flow
The lifecycle and processing of customer-produced content in Lyyli follows this model:
- Content import or creation: A user writes new content or imports existing material into the Lyyli platform.
- Storage in the customer workspace: Content is stored securely in the workspace according to retention settings defined for that organisation.
- AI request preparation: For an AI call, Lyyli builds a technical request and seeks to minimise unnecessary identifying information where applicable.
- Transfer to a documented AI route: The request is sent to an AI route selected by the customer and documented in the system.
- Processing at the partner service: The AI provider's processing region and any retention terms depend on that route and the provider's agreements.
- Response storage: The language model's response returns to Lyyli and is stored in the workspace when the workflow and selected action require it.
Logging practices
The system maintains logs of usage and actions that include the following information:
- User identifier, action performed, model or route used, precise timestamp, and success or error status.
- Metadata related to billing and resource tracking, such as token counts used.
- Whether input or response content is stored in system logs depends on workspace settings and the log type in question.
Separate data flows
Lyyli's security relies on a clear separation of independent data flows:
Workspace storage
Primary application data such as drafts, user data, and project data is stored securely in databases located in the EU region.
AI processing
Real-time data sent to language models is transferred route-by-route to the selected provider for processing. Processing region and any Zero Data Retention (ZDR) settings depend on the chosen model.
Integrations
Data transfer to external systems occurs through integrations activated by the organisation. These include Microsoft Teams, Slack, email connections, calendars, and meeting platforms.
Security and audit logs
System security logs and audit trails are retained securely under a separate retention schedule, ensuring traceability of events even after possible workspace deletion.
Backups
Automated system backups rotate securely and in a controlled manner for a limited period, after which they are overwritten automatically.