Free tools and resources for Data Protection Officers!

How to draft a GDPR-compliant retention policy

You need to be able to clearly define the period for which personal data will be stored or, if not possible, criteria to determine that period. Most organizations implementing the GDPR consider retention policies or retention rules necessary to achieve this. At first it seems a daunting task, but by considering the goals and GDPR requirements you can reach some reasonable level of granularity that is still operational and possible to implement.

Full article: How to draft a GDPR-compliant retention policy

>