Need-to-know retrieval for agent memory
A memory collected for support shouldn't quietly become the basis for a sales or marketing decision. Governed Memory enforces purpose limits at query time — and records exactly what it withheld, and why.
The risk
GDPR- and CCPA-style purpose limitation says data collected for one reason shouldn't silently be repurposed for another. Applied to agent memory: a note captured to resolve a support case shouldn't quietly become the basis for a sales pitch, a pricing decision, or a marketing segment.
When every agent shares one undifferentiated memory pool, that line is impossible to hold — and impossible to prove you held, which is what a compliance reviewer actually asks for.
How Governed Memory handles it
- 01Purpose declared at query time
Every retrieval states what it's for. The engine returns only memory whose source and policy allow that purpose.
- 02Bindings you define
You set which source types can justify which purposes. A support-sourced memory can be barred from marketing retrievals by policy — not by hoping the caller filters correctly.
- 03Exclusions are explained
When a memory is withheld, the response records that it was excluded and why — so a reviewer can see the limit was enforced, not just claimed.
- 04Enforced in the engine
The limit holds even if the calling code forgets to filter, because it's applied where the data is read — not in every caller that might touch it.