Data records retention and management

Data Retention Policy

Under Article 5(e) of the General Data Protection Regulation (GDPR), “personal data shall be kept for no longer than is necessary for the purposes for which it is being processed”, so it is important to establish retention periods for personal data, alongside an up-to-date data inventory where the data is being stored and how it is to be retrieved when required.

HewardMills helps its clients formulate and implement an appropriate data retention policy and schedule. We encourage the use of a template that includes the following sections:

  • Scope of the policy

  • Guiding principles
  • Roles and responsibilities
  • Types of data and its classifications
  • Retention periods
  • Data storage, back-up and disposal
  • Special circumstances
  • Where to go for advice and questions
  • Other relevant policies

HewardMills helps its clients to comply with data protection regulations, including the GDPR, ePrivacy Directive, local legislation (for multijurisdictional organisations) and cybersecurity laws, as well as with legal and regulatory requirements arising from emerging technologies such as blockchain.

We are a multidisciplinary team of data protection practitioners, lawyers, corporate governance specialists and cybersecurity experts with a wealth of knowledge delivering data protection excellence to your organisation.

If you would like to learn more about how HewardMills can help your organisation handle and process data safely, securely and responsibly in line with international regulations and policies, please get in touch via telephone (+44 20 3998 1840 or +353 1669 4642), or email dpo@hewardmills.com today.

Data retention policy

Under Article 5(e) of the General Data Protection Regulation (GDPR), “personal data shall be kept for no longer than is necessary for the purposes for which it is being processed”, so it is important to establish retention periods for personal data, alongside an up-to-date data inventory where the data is being stored and how it is to be retrieved when required.

HewardMills helps its clients formulate and implement an appropriate data retention policy and schedule, encouraging the use of a template that includes the following sections:

  • Scope of the policy
  • Guiding principles
  • Roles and responsibilities
  • Types of data and its classifications
  • Retention periods
  • Data storage, back-up and disposal
  • Special circumstances
  • Where to go for advice and questions
  • Other relevant policies

HewardMills helps its clients to comply with data protection regulations, including: the GDPR, ePrivacy Directive, local legislation (for multijurisdictional organisations), cybersecurity laws, as well as legal and regulatory requirements arising from emerging technologies such as blockchain.

We are a multidisciplinary team of data protection practitioners, lawyers, corporate governance and cybersecurity experts, with a wealth of knowledge delivering data protection excellence and trust to your organisation.

If you would like to learn more about how HewardMills helps organisations handle and process data safely, securely and responsibly in line with international policies and regulations, please get in touch via telephone (+44 20 3367 1245 or +353 1669 4642) or email dpo@hewardmills.com today.

Let’s work together

Contact us

Let’s work together

Contact us