The need to retain data varies widely with the type of data. Some data can be immediately deleted, and some must be retained until reasonable potential for future need no longer exists.
We will only keep your personal data for as long as reasonably necessary to fulfil the relevant purposes set out in our Privacy Notice and in order to comply with our legal and regulatory obligations. Some data must however be retained in order to protect our legitimate business interests, preserve evidence or generally conform to good business practices. Some reasons for data retention include:
The time period under which we retain your personal data will differ depending on the nature of the personal information and what we do with it. How long we keep personal data is primarily determined by our regulatory and legal obligations. We typically retain different categories of personal data, as follows:
In the absence of any legal requirement, personal data may only be retained for as long as necessary for the purpose of processing. This means data is to be deleted for example, when:
Data destruction is a critical component of our data retention policy. When the retention period expires, we will actively destroy the data covered by the policy, including any duplicated data or data which has been encrypted.
We will not anonymise any retained data.