diff --git a/server/lib/cleanupLogs.ts b/server/lib/cleanupLogs.ts
index 9e97525d..96a589ee 100644
--- a/server/lib/cleanupLogs.ts
+++ b/server/lib/cleanupLogs.ts
@@ -3,6 +3,7 @@ import { cleanUpOldLogs as cleanUpOldAccessLogs } from "#dynamic/lib/logAccessAu
 import { cleanUpOldLogs as cleanUpOldActionLogs } from "#dynamic/middlewares/logActionAudit";
 import { cleanUpOldLogs as cleanUpOldRequestLogs } from "@server/routers/badger/logRequestAudit";
 import { gt, or } from "drizzle-orm";
+import { cleanUpOldFingerprintSnapshots } from "@server/routers/olm/fingerprintingUtils";
 
 export function initLogCleanupInterval() {
     return setInterval(
@@ -56,6 +57,8 @@ export function initLogCleanupInterval() {
                     );
                 }
             }
+
+            await cleanUpOldFingerprintSnapshots(365);
         },
         3 * 60 * 60 * 1000
     ); // every 3 hours
diff --git a/server/routers/olm/fingerprintingUtils.ts b/server/routers/olm/fingerprintingUtils.ts
index 1462ce86..3fe445f1 100644
--- a/server/routers/olm/fingerprintingUtils.ts
+++ b/server/routers/olm/fingerprintingUtils.ts
@@ -1,7 +1,8 @@
 import { sha256 } from "@oslojs/crypto/sha2";
 import { encodeHexLowerCase } from "@oslojs/encoding";
 import { currentFingerprint, db, fingerprintSnapshots, Olm } from "@server/db";
-import { desc, eq } from "drizzle-orm";
+import { calculateCutoffTimestamp } from "@server/lib/cleanupLogs";
+import { desc, eq, lt } from "drizzle-orm";
 
 function fingerprintSnapshotHash(fingerprint: any, postures: any): string {
     const canonical = {
@@ -213,3 +214,11 @@ export async function handleFingerprintInsertion(
             .where(eq(currentFingerprint.fingerprintId, current.fingerprintId));
     }
 }
+
+export async function cleanUpOldFingerprintSnapshots(retentionDays: number) {
+    const cutoff = calculateCutoffTimestamp(retentionDays);
+
+    await db
+        .delete(fingerprintSnapshots)
+        .where(lt(fingerprintSnapshots.collectedAt, cutoff));
+}