Skip to main content

Archiving and Compliance

If your organization has compliance, legal-hold, or audit requirements that demand a retained, retrievable record of communications, GLYPH supports it through the archiving feature. This page covers what archiving captures, how its keys work, and how it relates to the two ways you can retire a group.

What archiving does

Archiving captures an encrypted copy of every message sent in the workspace from the moment it's turned on. The capture begins at activation — earlier messages are not retroactively archived.

If your organization has compliance requirements, enable archiving before you invite a single person to the workspace. Otherwise the earliest period of activity has no archive.

Requirements:

  • Workspace Admin role. Only Admins can enable archiving.
  • Durable, access-controlled storage for the encryption key. The reasons are below.

The one-shot encryption key

Archiving is end-to-end encrypted like everything else in GLYPH. When you enable the feature, GLYPH generates an encryption key and shows it to you exactly once. That moment is the only moment.

  • SENTRIQS does not retain the key. They cannot reissue it.
  • If you lose the key, the archived material is permanently inaccessible. SENTRIQS can set you up with a new archive, but everything previously archived under the lost key is gone.

This is a direct consequence of the security model — the same encryption that protects your day-to-day communications from outside access also protects the archive, and there's no backdoor to recover from.

Handling the key safely

Treat the key like any other break-glass credential:

  • Capture it the moment it appears. Don't navigate away first.
  • Store it somewhere durable and access-controlled — a secrets manager, an encrypted file vault, a sealed envelope in a safe — whatever your org uses for similar credentials.
  • Confirm with at least one other person on your security or compliance team that the key has been recorded.
  • Don't store it in a GLYPH workspace. The whole point is independence from GLYPH.

Archive vs. Clear & Delete a group

GLYPH offers two ways to retire a group; they mean very different things and the asymmetry is intentional.

Archive (the group-level operation)

Hides the group and removes it from members' group lists. Content preserved. Reversible — you can unarchive at any time to restore the group and all prior content.

Use for:

  • Completed projects.
  • Retired teams.
  • Seasonal initiatives.
  • Anything that might come back.

Clear & Delete

Permanently deletes the group and erases content from every member's device. No undo, no recycle bin, no support recovery.

Use only when the content should genuinely cease to exist — e.g., a one-off group that served a single purpose and should leave no trace.

How they relate to workspace archiving

Both Archive and Clear & Delete are group-lifecycle operations. They are separate from the workspace-wide archiving feature:

  • Workspace archiving keeps an encrypted, externally-decryptable copy of all message activity for compliance.
  • Archiving a single group (the group-level operation) just hides it and preserves its local content on members' devices.
  • Clear & Delete burns the group's content from devices — but doesn't affect what workspace archiving has already captured.

If you need the workspace archive to capture content from a sensitive group, you must have archiving enabled at the workspace level before that group's content is sent.

Where it lives

  • Workspace archiving — click the down arrow next to your workspace name → Manage [your workspace]ArchivingEnable.
  • Group Archive / Clear & Deleteglyphapp.io/admin/groups/. Quick view shows Archive; detailed view exposes Clear & Delete.

The Clear & Delete option takes one extra click for a reason — slow yourself down before using it.