All posts
June 22, 20264 min read

LGPD for Long-Term Memory

An offboarded contractor still has a service account that talks to the company’s vector database used for long-term memory. Weeks later a data-subject request arrives, and the team discovers that personal records have been read by that stale credential. The breach triggers a costly investigation and a notice to the regulator. What lgpd expects from long-term memory stores LGPD (Lei Geral de Proteção de Dados) requires organizations to keep a complete trail that cannot be altered without detec

Free White Paper

LGPD (Brazil) + Long-Polling Security: The Complete Guide

Architecture patterns, implementation strategies, and security best practices. Delivered to your inbox.

Free. No spam. Unsubscribe anytime.
Coleman Nye

An offboarded contractor still has a service account that talks to the company’s vector database used for long-term memory. Weeks later a data-subject request arrives, and the team discovers that personal records have been read by that stale credential. The breach triggers a costly investigation and a notice to the regulator.

What lgpd expects from long-term memory stores

LGPD (Lei Geral de Proteção de Dados) requires organizations to keep a complete trail that cannot be altered without detection for every access to personal data. The law also mandates purpose limitation, data minimisation, the right to access, the right to erasure, and the ability to mask or redact personal information when it is not needed for a given operation. In practice, a system that stores embeddings, cached chat histories, or any persistent LLM-derived artefacts must be able to answer three questions for every request:

  • Who accessed which record and when?
  • Was the access aligned with a legitimate purpose?
  • Did the response expose personal data that should have been hidden?

Meeting those expectations is easy to overlook because the underlying storage engine (a PostgreSQL instance, a Redis cache, a cloud-hosted vector DB, etc.) typically offers only basic authentication and logging. The default logs do not capture query-level details, they do not support inline redaction, and they cannot enforce approval workflows for high-risk queries. As a result, organizations often rely on ad-hoc processes that do not produce the audit evidence LGPD demands.

Why a single control surface is required

The first step toward compliance is to establish a trustworthy identity layer. Using OIDC or SAML, the organisation can issue short-lived tokens that represent a specific engineer, a CI job, or an AI-driven agent. That setup decides *who* can start a session, but it does not enforce *what* the session may do. Without a gate that sits on the data path, a token can still be presented directly to the database, allowing the bearer to run any command, read any row, and bypass any masking policy.

Therefore, compliance requires a second, distinct component: an identity-aware proxy that intercepts every protocol exchange, applies policy, and records the outcome. Only when the proxy sits between the user and the long-term memory service can the organisation guarantee that every read, write, or delete operation is subject to LGPD-aligned controls.

hoop.dev as the data-path enforcement layer

hoop.dev provides exactly that enforcement layer. It is a layer-7 gateway that proxies connections to databases, Redis, or any supported long-term memory backend. The gateway verifies the caller’s OIDC token, extracts group membership, and then inspects each request at the protocol level. Because the gateway is the only point where traffic flows, it can:

  • Record every session, including the identity, the exact query, and the response payload.
  • Apply inline masking to hide personal fields before they leave the backend.
  • Require just-in-time approval for queries that match a high-risk pattern (for example, bulk export of user identifiers).
  • Enforce time-boxed, least-privilege access so that a token can only read the data needed for a specific task.

All of these enforcement outcomes exist only because hoop.dev sits in the data path. The identity system alone cannot provide them, and the backend storage cannot enforce them without an external gate.

Continue reading? Get the full guide.

LGPD (Brazil) + Long-Polling Security: Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

How hoop.dev generates LGPD-ready evidence

When a request passes through hoop.dev, the gateway writes a structured audit entry that includes:

  • The caller’s subject identifier.
  • The timestamp of the operation.
  • The exact command issued (for SQL, the query text; for Redis, the command name).
  • The masked response that was returned to the caller.

This log can be exported to a SIEM or stored in a secure log, giving auditors a clear chain of custody. Because masking happens before the response is recorded, the audit trail never contains raw personal data that should remain hidden, satisfying LGPD’s data-minimisation requirement.

In addition, hoop.dev’s approval workflow creates a separate evidence record whenever a privileged operation is allowed. The approval record shows who granted the exception, the justification, and the duration of the elevated access. This satisfies the law’s demand for purpose limitation and documented consent.

Deploying hoop.dev for long-term memory

Deploy the gateway using the provided Docker Compose quick-start or a Kubernetes manifest. The deployment includes a network-resident agent that holds the backend credentials, so users never see the secret. After deployment, register the vector database as a connection, define masking rules for fields that contain personal identifiers, and configure approval policies for bulk reads.

For a step-by-step walkthrough, see the Getting started with hoop.dev guide. The Learn page contains deeper explanations of masking, just-in-time access, and session replay.

FAQ

How does hoop.dev help with the LGPD right-to-access requirement?

Because every query is logged with the caller’s identity, the organisation can produce a complete list of records accessed by a specific data subject. The logs are stored outside the backend, so they can be presented to regulators without exposing additional personal data.

Can hoop.dev enforce the right-to-erasure?

hoop.dev can route delete commands through an approval workflow. The approved deletion is recorded, and the masking rules ensure that any subsequent read of the same key does not return stale personal data.

Does hoop.dev replace my existing identity provider?

No. hoop.dev consumes OIDC or SAML tokens from your IdP. It adds a layer of policy enforcement and audit on top of the identity decisions already made by the provider.

By placing a transparent, policy-driven gateway in front of long-term memory services, organisations can generate the concrete evidence LGPD requires while keeping the underlying storage simple and performant.

Explore the source code, contribute, or start a self-hosted deployment at https://github.com/hoophq/hoop.

Open source

Save the open-source gateway for agent data access

Hoop is MIT-licensed infrastructure for controlling how AI agents reach production data. Star hoophq/hoop so you can inspect it, deploy it, or share it when your team starts governing agent access.

Star and save the repo →More posts
Ask AI about this topic
ClaudeChatGPTGrokGeminiPerplexityCopilot