Data Retention Policy

Owned by Jasmine
Feb 29, 2024
1 min read

Data Retention Policy

  1. Purpose: This policy ensures that the company retains essential records for operational, legal, and compliance purposes while disposing of unnecessary data.

  2. Scope: It covers all forms of data, including electronic and paper records created or received in the course of business activities.

  3. Data Classification and Retention:

    • Employee Data: Retained for 7 years post-employment.

    • Customer Information: Kept for 5 years after the last transaction.

    • Financial Records: Held for a minimum of 10 years to comply with tax laws.

  4. Data Disposal: Once the retention period expires, data is securely destroyed or deleted. Electronic data is wiped using industry-standard methods, and physical records are shredded.

  5. Review and Audit: Annually review retention schedules and disposal practices to ensure alignment with current laws and business needs.

  6. Responsibilities: The Data Protection Officer oversees the implementation of this policy, ensuring compliance and addressing any queries related to data retention.