8. Data Type: Retention Period: Financial data: 7 Years: Marketing data: Where legitimate interests are used as a lawful basis: Retained for six months following the most recent engagement with the … Purpose, Scope, and Users This policy sets the required retention periods for specified categories of personal data and sets out the minimum standards to be applied when destroying certain information within IRIS Connect (further: the “Company”). The retention period. Where an Inquiry (including public Inquiries) is taking 7. 5. 6. GDPR-P-011/001 – 18/05/18 Page 3 of 15 Data Retention Policy disposed of (notwithstanding the retention periods otherwise set by this Data Retention Policy), the right to restrict the Company’s use of their personal data, and further rights relating to automated decision-making and profiling. Electoral register data Statistics. This need will be assessed on a regular basis, and data that is no longer needed for any purpose will be disposed of. Data Retention Policy 1. The retention periods for retaining a document depends on the category. 11. Periods can range between 3-10 years for documents relevant to HMRC and Companies House; any records required by local authority licensing should be kept in accordance with their guidelines. Storage requirements for retained data. Contact your local authority or license issuer for information on retention periods. 9. Use this document to create a data retention policy (also known as a records management policy or document retention policy) to describe how an organisation expects its employees to manage data, from creation through to disposal. The regulation requires that data subjects are informed of how their data will be used, and in particular how long their data will be kept and used for. Retention period: Identifiers: Identification data like names, addresses and dates of birth are kept while there is a continuing need to keep it. To ensure small businesses are prepared for new General Data Protection Regulation (GDPR) – due to be introduced in May 2018 – manager at document storage firm Access Records Management, Ian Henry, has identified six data retention policies owners frequently overlook. The review, retention and deletion process as described in this APP and in the MoPI Code of Practice does not apply to the deletion of information and records held on the Police National Computer (PNC). We’ve put together this quick guide to help you stay on top of the new regulations on data retention. Data retained by another communications provider. Your five-minute guide to data retention and GDPR. At the DBS, we operate a Data Retention Policy to ensure that data is not held for longer than necessary. Data protection and data security. The remit of the UK Data Protection Act 2018 (UKDPA) and EU’s General Data Protection Regulation (GDPR) includes the Liberal Democrats. 10. This Policy applies to all business units, processes, and systems in all countries in which […] New data retention rules for small firms are due in May 2018. 4. It should also be noted that the retention periods for biometric data are governed by the Protection of Freedoms Act 2012 and sit outside this APP. Retention is the period of time at which the records will be reviewed and either be destroyed or the retention period extended. An extension to the normal retention period may be required when enforcement, an Inquiry or other relevant activity is in progress. Access to retained data. These are known as data retention periods. Obligation to retain communications data. Communications data to which these Regulations apply. The EU General Data Protection Regulation (GDPR) comes into force on 25 May 2018, and it tightens up the rules on how long you can keep personal data. Data Retention Periods Financial Records Retention Schedule for Budget Holders The term financial records covers not only accounting records such as vouchers, authorities, schedules and computer records, but also financial management records and policy papers supporting and …