What have we learned about Data Retention 3 years on from the GDPR?

Exterro 07.07 What have we learned

The truth is many companies addressed their data retention obligations during the period of GDPR-readiness and have not circled back since.

Exterro 07.07 What have we learned

On-Demand Webinar Summary

Organisations need to continually think about how they manage their data and enforce their retention policies and schedules. Companies often keep personal data on their systems long after it’s needed, mostly because there isn’t a reliable system or processes in place to enforce those data retention initiatives.

We’ve also seen examples where a lack of a robust approach to data retention has contributed to sizeable fines:

  • Spartoo fined €250k in August 2020
  • Cathay Pacific fined £500k in March 2020
  • TIM (Italian Telecom) fined €27.8 million in January 2020
  • Doorstep Dispensaree fined £275k in December 2019
  • Deutsche Wohnen SE originally fined €14.5 million in October 2019
  • SERGIC fined €400k by CNIL in France in May 2019

Join our expert panel to consider these enforcement actions and explore how organisations can future proof their data retention obligations and ensure they continue to manage data appropriately in line with the GDPR.