Deletion and Retention

Personal data may only be stored for as long as is necessary for the purpose or as required by statutory retention periods. A structured deletion concept is therefore essential for your data protection compliance.
You are here:

Legal background

The principle of storage limitation (Art. 5(1)(e) GDPR) states that personal data may only be stored for as long as is necessary for the purposes of the processing. After the purpose has been fulfilled or statutory retention periods have expired (e.g., from the German Commercial Code, Fiscal Code), the data must be deleted.

Our support for you

Compliance with the principle of storage limitation is a key requirement of the GDPR to minimise risks from excessive data storage.

As your external DPO, we advise you on developing company-specific deletion concepts that take into account both the purposes of processing and mandatory statutory retention obligations.

We support you in implementing processes that enable regular and verifiable data deletion.
Dr. Marc Störing
Managing Director
Certified Information Privacy Professional, CIPP/E
+49 175 930 555 1
marc.stoering@osborneclarke-services.com
Dr. Marc Störing
Geschäftsführer
+49 175 930 555 1
marc.stoering@osborneclarke-services.com
Need help implementing retention rules?
Contact us →
Your external data protection officer
Empowered by the experience of a
leading law firm in data protection.
Frequently asked questions

Common Data Protection Topics

Product Compliance Group Data Protection Employee Data Protection Marketing Measures Training Tools and Services Health Data Website Compliance Data Analysis Data Processing Agreements Training and Use of AI Data Sharing Data Act CCTV Data Deletion Data Protection Impact Assessment Policies and Guidelines Privacy Policies Whistleblowing Supervisory Authorities Complaints

Compliance Requirements

Data Protection Management Documentation Obligations Accountability Legal Bases Data Transfers Third-Country Transfers Information Obligations Transparency Obligations Data Subject Rights Data Security Risk Management Data Breaches Deletion and Retention

Legal and Contact

Contact Privacy Notice Imprint
OC Services GmbH, Innere Kanalstraße 15, 50823 Cologne, Germany
Registration Court: Local Court of Cologne, HRB 92393
Managing Director: Gereon Abendroth, Nicolas Gabrysch-Wolff, Dr Marc Störing
Language: