diff --git a/langfuse/README.md b/langfuse/README.md
index 94bae82..95454be 100644
--- a/langfuse/README.md
+++ b/langfuse/README.md
@@ -71,12 +71,12 @@ secrets:
 
 ## Notes on Uninstalling
 
-The usual `helm uninstall RELEASE_NAME` should work, but note that the following objects are not deleted automatically:
+The usual `helm uninstall RELEASE_NAME` should work,
+but note that the following objects are not deleted automatically with the default values:
 
-- the `-internal-secret` secret
-- the `-postgres-secret` secret (unless `postgresql.secret.alwaysKeepWhenUninstalled` is unset)
 - the data PVC of the `postgres` subchart (if the subchart was enabled)
-- the TLS secret of the ingress (if the ingress was enabled)
+- the `-postgres-secret` secret (if the subchart was enabled, controlled by `secrets.postgresql.keepWhenUninstalled`)
+- the `-internal-secret` secret (controlled by `secrets.internal.keepWhenUninstalled`)
 
 This means that you can reinstall the chart and continue accessing the same data.
 
diff --git a/langfuse/templates/_helpers.tpl b/langfuse/templates/_helpers.tpl
index 5bf7f74..1dfaa2a 100644
--- a/langfuse/templates/_helpers.tpl
+++ b/langfuse/templates/_helpers.tpl
@@ -34,6 +34,7 @@ If release name contains chart name it will be used as a full name.
 {{- define "langfuse.internalSecret.annotations" -}}
 {{- if .Values.secrets.internal.keepWhenUninstalled -}}
     "helm.sh/resource-policy": "keep"
+    "argocd.argoproj.io/sync-options": "Prune=false"
 {{- end }}
 {{- end }}
 
@@ -42,7 +43,7 @@ If release name contains chart name it will be used as a full name.
 {{- end }}
 
 {{- define "langfuse.postgresqlSecret.annotations" -}}
-{{- if .Values.secrets.postgres.keepWhenUninstalled -}}
+{{- if .Values.secrets.postgresql.keepWhenUninstalled -}}
     "helm.sh/resource-policy": "keep"
     "argocd.argoproj.io/sync-options": "Prune=false"
 {{- end }}
diff --git a/langfuse/templates/internal-secret.yaml b/langfuse/templates/internal-secret.yaml
index ba07612..a93a5e5 100644
--- a/langfuse/templates/internal-secret.yaml
+++ b/langfuse/templates/internal-secret.yaml
@@ -1,8 +1,10 @@
-{{- $secretName := (include "langfuse.internalSecret" .) -}}
+{{- if .Values.secrets.internal.automaticallyManage -}}
 
 {{- include "langfuse.mergeSecretWithRandomForKeys" (dict 
-   "name" $secretName 
+   "name" (include "langfuse.internalSecret" .)
    "annotations" (include "langfuse.internalSecret.annotations" .)
    "keys" (list "salt" "auth-secret") 
    "context" .
- ) -}} 
+ ) -}}
+
+{{- end }}
diff --git a/langfuse/templates/postgres-secret.yaml b/langfuse/templates/postgres-secret.yaml
index 1821358..aa6dbfd 100644
--- a/langfuse/templates/postgres-secret.yaml
+++ b/langfuse/templates/postgres-secret.yaml
@@ -1,4 +1,4 @@
-{{- if (and .Values.postgresql.enabled .Values.secrets.postgres.createIfMissing) -}}
+{{- if (and .Values.postgresql.enabled .Values.secrets.postgresql.automaticallyManage) -}}
 
 {{- include "langfuse.mergeSecretWithRandomForKeys" (dict 
    "name" (include "langfuse.postgresqlSecret" .)
diff --git a/langfuse/values.yaml b/langfuse/values.yaml
index 1d33901..b437069 100644
--- a/langfuse/values.yaml
+++ b/langfuse/values.yaml
@@ -3,7 +3,7 @@
 # This URL must agree with the app's URL for OAuth to work
 nextauthURL: http://localhost:3000
 
-# By default, the postgres subchart will be installed and the connection value overridden.
+# By default, the postgresql subchart will be installed and the connection value overridden.
 # Disable the bundled subchart using postgresql.enabled if you want to use this setting.
 databaseURL: "postgresql://postgres:postgres@localhost:5432/postgres"
 
@@ -18,20 +18,25 @@ toggles:
 
 # Where the non-public Langfuse configuration is stored
 secrets:
-  postgres:
+  # This group of settings is only relevant if postgresql.enabled is set.
+  postgresql:
     # If set (default), random values are saved in the postgresql.auth.existingSecret secret
     # for all the missing keys (existing values for these keys are preserved).
     # If unset, you are expected to create the secret yourself before installing the chart.
-    createIfMissing: true
+    automaticallyManage: true
     # If set, the secret will be annotated so that it is kept with `helm uninstall`
     # If unset, the secret will be deleted with `helm uninstall`
-    # This has no effect unless createIfMissing is also true.
+    # This has no effect unless automaticallyManage is also true.
     # Warning: reinstalling the chart with this value unset will generate a new password,
     # but Postgres will continue to use an old password since it's stored on the PVC.
     keepWhenUninstalled: true
   internal:
     # You can change the name to make several installations share the API keys.
     name: "{{ .Release.Name }}-internal-secret"
+    # If set (default), random values are saved in the secrets.internal.name secret
+    # for all the missing keys (existing values for these keys are preserved).
+    # If unset, you are expected to create the secret yourself before installing the chart.
+    automaticallyManage: true
     # If set, the secret will be annotated so that it is kept with `helm uninstall`
     # If unset, the secret will be deleted with `helm uninstall`
     # Warning: reinstalling the chart with this value unset will generate a new salt thus