Skip to main content

GDPR: Retention and Review of Data

Charities need to be aware of their obligations under GDPR. This involves reviewing what data you hold and why you hold it. You may need to review how you seek consent to collect personal data, how you store it and how you remove it.

Below is a comprehensive overview of how to retain and review data. This was developed by the Charity Data Protection Working Group, which is made up of Charities of varying sizes that, through services to people, many of them statutory duty services, have responsibility for personal and sensitive data.

Download full article

Retention and Review of Data guidance