# Sheet n°14: Define a data retention period

#### Personal data cannot be kept for an indefinite period of time: this must be defined according to the purposes of the processing. Once this purpose has been achieved, the data should be archived, deleted or made anonymous (e.g. in order to produce statistics).

## Data retention cycles

* The personal data retention cycle can be divided into **three distinct successive phases**:
    * The active database;
    * Intermediate archiving;
    * Final archiving or deletion.


* The mechanisms for deleting personal data from the active bases ensure that the data are kept and accessible by the operational services only **for the time necessary to achieve the purpose of the processing operation**.

* Ensure that **data is not kept in active databases** by simply noting them **as being archived**. The archived data (intermediate archive) must be accessible only to a specific service responsible for accessing and removing them from the archive if necessary.

* Please also ensure that you have **specified access modes** for the archived data, as the use of an archive must be on an ad hoc and exceptional basis.

* If possible, use the same implementation when implementing the **data purging or anonymisation** as the one managing the **right to erasure** (see [sheet on the exercise of rights](Sheet_n°13:_Prepare_for_the_exercise_of_people's_rights)), in order to guarantee a homogeneous operation of your system.

## Some examples of shelf life

* The **data relating to payroll management or employee time control** can be kept for 5 years.

* The **data in a medical file** must be kept for 20 years.

* The **data of a prospect not responding to any solicitation** can be kept for 3 years.

* The **log data** can be kept for 6 months.