> ## Documentation Index
> Fetch the complete documentation index at: https://docs.browserbase.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Zero data retention (ZDR)
> Run Browserbase sessions without persisting logs, recordings, or replay data — designed for regulated workloads and sensitive enterprise environments.
Zero Data Retention (ZDR) lets your account run Browserbase sessions without persisting **session logs**, **session recordings**, or **replay artifacts** to Browserbase's managed storage. Combined with [Bring Your Own Storage (BYOS)](/account/enterprise/byos-setup-guide), ZDR gives Enterprise customers full control over where every artifact produced by a session lives — including the option for no artifact to leave your environment at all.
ZDR is available only on Enterprise plans. [Contact the Browserbase team](https://www.browserbase.com/contact) to enable account-wide ZDR for your organization.
***
## What ZDR covers
When ZDR is enabled, Browserbase **does not persist** the following artifacts:
| Artifact | Behavior under ZDR |
| ------------------- | ---------------------------------------------------------------------------------- |
| **Session logs** | CDP and console output are not written to Browserbase storage |
| **Video recording** | No `.mp4` is encoded or stored |
| **Replay (DOM)** | No RRweb replay is captured; the Replay API returns `404 Not Found` |
| **Live View** | Still available in real time — Live View streams the session, it does not store it |
The browser session itself runs normally — your automation, downloads, and uploads work the same way. ZDR only changes whether Browserbase keeps a record of what happened inside the session after it ends.
**Downloads, uploads, contexts, and extensions** are separate artifact types. If you need those stored under your control as well, pair ZDR with [BYOS](/account/enterprise/byos-setup-guide) so they're written to your own S3 buckets.
***
## How to enable ZDR
### Account-wide ZDR (recommended for Enterprise)
For organizations that need ZDR as the default for every session, Browserbase configures it at the account level so you don't have to remember to set flags on every API call.
1. [Contact the Browserbase team](https://www.browserbase.com/contact) and request **Zero Data Retention** for your account.
2. The Browserbase team confirms your Enterprise plan and provisions the ZDR configuration on your organization.
3. All new sessions created under your projects start with logging and recording disabled by default. No SDK changes required.
If you'd also like artifacts (downloads, contexts, uploads, and extensions) stored exclusively in your AWS account, request **BYOS** in the same conversation — the two features work together.
### Per-session ZDR
You can also opt individual sessions out of logging and recording by setting `logSession` and `recordSession` to `false` when you [create a session](/reference/api/create-a-session). This works on every plan and is useful for narrowly scoped sensitive workflows even if you haven't enabled account-wide ZDR.
```typescript theme={null}
import Browserbase from "@browserbasehq/sdk";
const bb = new Browserbase({ apiKey: process.env.BROWSERBASE_API_KEY });
const session = await bb.sessions.create({
projectId: process.env.BROWSERBASE_PROJECT_ID!,
browserSettings: {
logSession: false,
recordSession: false,
},
});
```
```python theme={null}
from browserbase import Browserbase
bb = Browserbase(api_key=os.environ["BROWSERBASE_API_KEY"])
session = bb.sessions.create(
project_id=os.environ["BROWSERBASE_PROJECT_ID"],
browser_settings={
"log_session": False,
"record_session": False,
},
)
```
```bash theme={null}
curl -X POST https://api.browserbase.com/v1/sessions \
-H "X-BB-API-Key: $BROWSERBASE_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"projectId": "'"$BROWSERBASE_PROJECT_ID"'",
"browserSettings": {
"logSession": false,
"recordSession": false
}
}'
```
Both flags default to `true`. Setting either to `false` is permanent for that session — you cannot re-enable logging or recording after the session has started.
***
## What changes for your team
* **Live View** continues to work for real-time debugging of in-flight sessions.
* **Session Replay** and **Recording** endpoints return `404 Not Found` for ZDR sessions — there is no recording to fetch.
* **Session Logs API** returns no entries for ZDR sessions.
* **Dashboard** still shows session metadata (status, start/end time, region, and duration), but the replay viewer will be empty.
* **Support investigations** are limited under ZDR — if you open a support ticket, Browserbase will not have logs or replay to reference. Browserbase recommends keeping logs and recording enabled for non-production projects so issues can be reproduced and triaged.
Once a ZDR session ends, the logs and replay data are gone. Browserbase does not retain them, even for support. Make sure your own observability (application logs, Stagehand `history` and `metrics`, and custom telemetry) captures everything you need before disabling these features.
***
## Pairing ZDR with BYOS
ZDR removes Browserbase-managed logs and recordings. BYOS routes the remaining session artifacts — downloads, uploads, contexts, and extensions — into S3 buckets you own.
Together they give you a configuration where:
* No session logs or recordings exist on Browserbase storage.
* Browserbase writes all other session artifacts directly to your AWS account, under your KMS keys, with your lifecycle policies.
* Browserbase retains only operational metadata (session ID, project, timing, and region) needed to run the platform and bill usage.
See the [BYOS setup guide](/account/enterprise/byos-setup-guide) for how to provision the buckets and IAM role.
***
## Compliance and contracts
ZDR is part of Browserbase's Enterprise security posture — see [Enterprise security](/account/enterprise/security) for the full picture, including SOC 2 Type II, HIPAA BAA availability, and the [Trust Center](https://trust.browserbase.com/).
If your contract or compliance program requires written confirmation that ZDR is enabled for your account, ask your Browserbase contact — Browserbase can provide attestation as part of your enterprise agreement.
***
## FAQ
No. Disabling logs and recording slightly reduces CPU and network overhead inside the session VM, but the difference is not user-visible.
Yes. Account-wide ZDR can be scoped to specific projects when Browserbase provisions it. You can also leave the account default off and set `logSession: false` / `recordSession: false` per-session for the workloads that need it.
No. Live View streams the session in real time without storing it, so it remains fully functional. ZDR only suppresses the persisted replay/recording.
Yes. Stagehand creates Browserbase sessions under the hood, so the same `logSession` and `recordSession` settings apply via `browserbaseSessionCreateParams`. Account-wide ZDR also covers Stagehand-created sessions automatically.
ZDR controls what Browserbase stores. Those providers govern any data you send to third-party LLMs (OpenAI, Anthropic, etc.). Use [BYO-LLM](/account/enterprise/security#guardrails-for-ai-web-browsing) to route AI calls through your own keys and provider agreements.
***
**Questions?** Contact the Browserbase team to scope ZDR for your account, or request full compliance documentation through the [Trust Center](https://trust.browserbase.com/).