The European Union’s General Data Protection Regulation (GDPR) has been in force since May 2018. It is a comprehensive data protection regulation that obliges companies to protect personal data and ensure that this data is stored and processed in an appropriate manner. This is important to ensure that personal data is handled sensitively and strangers do not gain insight into private information. The GDPR also protects against data misuse.
An important aspect of the GDPR concerns the deletion of data. Companies are obliged to delete personal data at the request of the data subject, unless there are legal or other reasons preventing deletion. It is therefore important that companies are able to delete personal data when necessary. A breach of this obligation to delete can lead to heavy fines being imposed.
Data must always be deleted if the data subject revokes consent to data processing or if the purpose for which the data was collected no longer exists. However, legal retention obligations stand in the way of this. The regulations on retention and deletion always depend very much on the respective company, so you should inform yourself comprehensively in this regard.
Without a well thought-out concept for deleting data, complying with the regulations can be very complex and cost a lot of time. In addition, it is easy to lose track of large amounts of data. A deletion concept tailored to your company saves you time and nerves.