How to manage data retention

Published by a UUÂãÁÄÖ±²¥ Risk & Compliance expert
Practice notes

How to manage data retention

Published by a UUÂãÁÄÖ±²¥ Risk & Compliance expert

Practice notes
imgtext

This Practice Note is intended for general commercial organisations based in the UK. It explains the Retention Requirements that apply to Personal data and provides practical guidance on how to comply with these obligations. This Practice Note reflects the UK General Data protection Regulation (UK GDPR), (Assimilated Regulation (EU) 2016/679). The data retention requirements arise out of the storage limitation principle in the UK GDPR.

You must not keep personal data for longer than you actually need it. You should delete or anonymise personal data once it is no longer required.

Good practice around storage limitation can also reduce the burden of dealing with questions about retention and individual requests for erasure. It will also limit the risk of individuals’ data being used in error or in ways which could adversely affect their rights and freedoms under the UK GDPR.

From a practical perspective, it is inefficient to hold more personal data than you need, and you could be incurring unnecessary costs associated with storage and security.

Data protection principles

It is important to understand

Powered by Lexis+®
Jurisdiction(s):
United Kingdom
Key definition:
Retention definition
What does Retention mean?

Retention is a percentage of the sums payable by way of interim payment deducted by the employer and held until completion. Half of the retention is released on practical completion, the other half on the expiry of the defects liability period or issuance of a certificate of making good defects.

Popular documents