The maintenance of documents in a production or live environment that can be accessed by an authorised user in the ordinary course of business.
Retention is an essential part of being compliant with the storage limitation principle in Art. 5(1)(e) GDPR. All controllers should have a retention policy where they can set up standard retention periods for the different personal data that are being processed.
The retention policies should list the different types of data or information the controller hold, what the data is used for, and how long you intend to keep it. This will help the controller set and record standard retention periods for different categories of personal data.
Schrems II – Expert Legal Advise
Act with confidence today. Our experts are here to help you manage the Schrems II requirements. Measured and practical solutions. Support through the entire process. Transfer impact assessment. Dealing with supervisory authority. Enforcement action. Defending legal claims. Track record with leading European startup, mid-size companies and listed global enterprises.
Get a quote today from the business law firm Sharp Cookie Advisors