Search

How can we help?

Icon

Frequently asked questions on data retention

  • 10 February 2025
  • Privacy and Data Protection

Data retention is the storage of data for a specific period, guided by legal, operational, and regulatory considerations. While data minimisation principles advocate for limiting the collection and storage of personal data, retaining certain information is often necessary for various purposes.

In this podcast, Jesse Akiwumi and Harry Berryman, members of the Data Protection team at Clarkslegal, address the top frequently asked questions we receive about data retention. These questions include:

  • How long can an organisation lawfully keep data?
  • What happens to data that is shared with others?
  • Why is it important to limit the storage of data?
  • Do organisations need policies to govern what data is retained and what is destroyed?
  • What are the consequences of wrongfully deleting information? Can an organisation face criminal charges for deleting or altering information that an individual has requested?
  • Can an organisation destroy or amend information after responding to a request?

If your organisation needs help drafting a data retention policy or employee training on data protection requirements, please contact our Data Protection Lawyers.

Subscribe Now

Meet the speakers
Harry Berryman

Solicitor

View profile

+44 118 960 4636

Jesse Akiwumi

Solicitor

View profile

+44 118 960 4662

About this podcast

  • Subject
    Frequently asked questions on data retention
  • Author’s
    Harry BerrymanJesse Akiwumi
  • Expertise
    Privacy and Data Protection
  • Published
    10 February 2025

Read, listen and watch our latest insights

art
  • 13 October 2025
  • Privacy and Data Protection

AI and Data Protection: key legal developments in 2025 – 2026

The rapid integration of artificial intelligence into the workplace continues to reshape how organisations manage data, recruitment, and decision-making. Alongside this technological shift, UK and international regulators are introducing new legal frameworks designed to balance innovation with accountability.
art
  • 26 September 2025
  • Privacy and Data Protection

PECR – fines, direct marketing and cookies

The Data (Use and Access) Act 2025 received Royal Assent on 19 June 2025 which makes changes to the UK’s data regime, amending the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003.
art
  • 05 September 2025
  • Privacy and Data Protection

When Ignoring a DSAR Becomes a Criminal Offence

On 3 September 2025, Mr Jason Blake appeared at Beverley Magistrates Court and was fined for failing to respond to a data subject access request (DSAR).
art
  • 02 September 2025
  • Employment

Social Media – how private is your personal data

Nowadays most people have at least one social media account. Whether it’s Facebook or TikTok, X, or LinkedIn, most adults have an online presence.
art
  • 18 August 2025
  • Privacy and Data Protection

Top 10 DUAA Compliance Tips for Employers

To support your preparation, we have outlined 10 practical tips to help employers navigate the new requirements and take full advantage of the DUAA’s reforms.
art
  • 12 August 2025
  • Privacy and Data Protection

From WeTransfer to WhatsApp: How Unapproved Tools and “Shadow IT” Could Threaten UK GDPR Compliance

Businesses and self-employed professionals are in a constant pursuit of efficiency and productivity.  There are, as a result, no end of tools and products available to smooth digital workflows. 
See More

Get in touch

+44 118 958 5321