Use this template to set the foundational requirements of data retention within the organization. Outline the following requirements:

  • The organization will employ the principle of data minimization.
  • Data will be stored for the shortest possible time, accounting for legal obligations for extended retention.
  • At the end of retention, data may be deleted or sufficiently anonymized.
  • Data must be kept accurate and up-to-date.
  • A data retention schedule will document what data is stored and the duration of retention.

This policy contains GDPR-specific language, making it easy to use if it is applicable to your organization.

Also In

Develop Necessary Documentation for GDPR Compliance

A quick reference guide for retention, privacy, cookies, and the data protection officer role.

Also In

Ensure Your Pandemic Response Plan Is Privacy-Proof

Don’t panic – prepare today’s pandemic response plan to accommodate tomorrow’s privacy implications.

Also In

Build a Data Privacy Program

Take out data privacy’s grey areas with a quantitative approach to your program.

Also In

Mature Your Privacy Operations

You’ve mastered the basics, but there are additional risk, data, and measurement tasks to complete.

Related Content

Hide Details

Search Code: 87722
Last Revised: February 21, 2019

Social

Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019