Profile information Member settings
Sign up Sign in


Make it Legal™ Checklist

Here are a few important steps to take to finish your document

Read the document to make sure it meets your needs and that you’ve provided all of the necessary information about the organisation’s data retention practices. Ask a lawyer for advice if you have any questions.

Just having a Data Retention Policy in place is not enough to ensure that your organisation complies with its data protection obligations. Make sure you adhere to the data retention periods you set and other requirements of this Policy and comply with data protection law more broadly. For more information, read the FAQs for this document.

Make the Data Retention Policy available to your organisation’s relevant staff members. You could, for example, include it in induction packs, send it out by email, or put it on an intranet site.

The Data Retention Policy is not a contract and it does not need to be signed or agreed to by your staff members. You can ask them to sign an acknowledgement to show that they’ve received it, but this is not legally required.

A copy of your Data Retention Policy will be stored automatically in your Rocket Lawyer account ‘Dashboard’. You should also download and securely store a copy of your Policy for your records.

Whenever the Policy is amended, keep a copy of each version that has been in force and a record of when it was introduced and how and when each version was made available to staff members.

Relevant staff members should also keep a copy of the Policy or have easy access to it (eg via your staff intranet).

Ask a lawyer

Get quick legal advice

Rocket Lawyer On Call™ Solicitors

Characters remaining: 600

Please reduce the size of your message to 600 characters.

Get your answer