Frequently Asked Questions and Answers from Termly’s Legal Experts

How long can you hold personal data under GDPR?

Under the GDPR, you can only hold personal data for as long as you need it. One of the 7 principles of the GDPR is the principle of storage limitation, which is the idea that personal data should only be kept long enough for it to be processed for its stated purpose. To comply with this principle, delete personal data after it’s been used to fulfill its stated purpose.

If you are collecting data for scientific or historical research, or for purposes that are in the public interest, you may be allowed to hold your data for a longer period of time under the rules established in Article 5.

Related Questions

Keep as little data possible for the least amount of time necessary.

One of the keys to GDPR compliance is to collect and store the least amount of data possible. Frequently assess your data stores and delete unnecessary information whenever possible.

Trusted by Thousands

Trusted by thousands of companies worldwide, Termly’s intuitive software generates legal policies and handles consent management for any business in minutes.

Brand Logo FIS Brand Logo Eggland Brand Logo Veeps Brand Logo Hertz Brand Logo K2 Sports Brand Logo Law Insider
Termly Bolt
Try Termly’s Compliance Solutions For Free!
Get Compliant
Jona, Senior Product Manager @ Termly

Termly allows our users to focus more on their business instead of spending countless hours figuring out data privacy compliance. - Jona, Senior Product Manager @ Termly