IDS Data Retention Policy

Introduction

Our organisation holds many different types of documents containing a variety of data, including customer details, employee information as well as confidential information about the organisation and how it operates. These documents are a vital part of our business and it is important that we ensure that we protect the documents and information contained in them in order to ensure the smooth running of the business and also to comply with the requirements laid down by law.

We have outlined the procedures laid down for retention, review and destruction of documents held by us.  The purpose of this policy is to ensure that the necessary we only hold documents for as long as necessary and that once they are no longer required that they are destroyed in accordance with the procedures laid down in this policy.

This policy supplements our data security and data protection policies and was last reviewed April 2019.

 

Who does this Policy apply to?

This policy applies to all employees of the organisation who are required to be familiar with and comply with its requirements.

The person within the organisation responsible for data Protection is Jan Chope and they are responsible for maintaining this policy and ensuring compliance its terms. They can advise on any related issues.

 

What is a Document?

This policy covers electronic documents and those held in a manual filing system. It includes emails, databases and documents contained in any other system operated by the organisation.  The documents can be created by the organisation or created elsewhere and sent to us.

 

Retention of Documents

The retention schedule below lists the types of documents that our organisation holds.  We are required by law not to hold documents for any longer than necessary and therefore we have set retention periods below.

The retention periods are based on time limits set by law for some documents and where there is no statutory period we have set the time based on how long we think the document will be required. Once the statutory period has been reached then the documents should be destroyed unless there is a good reason to keep them (eg ongoing legal proceedings). In such events, the Responsible Person should make the final decision on whether documents are retained beyond the minimum retention period.

 

 

 

Destruction of Documents

Once the documents have reached their minimum retention period, then they must be permanently destroyed unless there is a good reason to keep them and the Responsible Person has agreed on a further retention period.

 

Manual records

After processing manual records are shredded.

 

Electronic records

Emails are archived (deleted from our email server) once they have passed their minimum retention period date.

Databases - Once records have matured past their minimum retention date they will be deleted or anonymised.

Database backups are retained for a maximum of 2 years.

 

Schedule of Documents – Statutory or Non Personal Information

Type of Documents

Description of Document

Retention Period

Customer Accounts

Online accounts created by customer

Non buyers – 3 years
Buyers & Closed accounts – 3 years

Orders Database

Customers name and contact details

7 years after last contact from customer. Delete if unsubscribe request is received.

 

Marketing Database

Customers name and contact details

3 years after last contact from customer. Delete if unsubscribe request is received.

 

Consent Forms/Photos

 

15 Years

Teacher Dance Conference Records

 

3 Years

Online chat

Any information you give us

Live chat information is stored in line with our service provider freshchat. See  https://www.freshworks.com/privacy for more details.