General

This document is only applicable to employees of Blue Ring Digital Services Ltd.

"Data Retention and Destruction Policy" refers to this Data Retention and Destruction Policy.

"You", "Your" refers to You the employee of Blue Ring Digital Services Ltd.

"We", "Us", "Our", "Blue Ring Digital Services Ltd" refers to Blue Ring Digital Services Ltd.

This Data Retention and Destruction Policy sets the required retention periods for specified categories of personal data and sets out the minimum standards to be applied when destroying certain information within Blue Ring Digital Services Ltd.

This Data Retention and Destruction Policy applies to all business units, processes, and systems in all countries in which Blue Ring Digital Services Ltd conducts business and has dealings or other business relationships with third parties.

This Data Retention and Destruction Policy applies to all Blue Ring Digital Services Ltd officers, directors, employees, agents, affiliates, contractors, consultants, advisors or service providers that may collect, process, or have access to data (including personal data and/ or sensitive personal data). It is the responsibility of all of the above to familiarise themselves with this Data Retention and Destruction Policy and ensure adequate compliance with it.

This Data Retention and Destruction Policy applies to all information used at Blue Ring Digital Services Ltd.

We will try to keep everything in this document as straightforward as possible, but if there’s anything You don’t understand, please get in touch with Us.

The headings in this Data Retention and Destruction Policy are for convenience only and shall not affect their interpretation.The masculine shall include the feminine and the neuter and the singular the plural and vice versa.

If any provision or part of any provision of this Data Retention and Destruction Policy is found by a court or other competent authority to be void or unenforceable, such provision or part of a provision shall be deleted from this Data Retention and Destruction Policy and the remaining provisions or parts of the provision shall continue to be in full force and effect.

Reference Documents

  • EU GDPR 2016/679 (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC);
  • .

Retention Rules

In the event, for any category of documents not specifically defined elsewhere in this Data Retention and Destruction Policy (and in particular within the Data Retention and Destruction Schedule) and unless otherwise mandated differently by applicable law, the required retention period for such document/ record will be deemed to be 3 years from the date of creation of the document/ record.

Retention General Schedule

The Data Protection Officer defines the time period for which the documents and electronic records should to be retained through the Data Retention and Destruction Schedule. As an exemption, retention periods within Data Retention and Destruction Schedule can be prolonged in cases such as:-

  • Ongoing investigations from member states authorities, if there is a chance records of personal data are needed by Blue Ring Digital Services Ltd to prove compliance with any legal requirements;

  • When exercising legal rights in cases of lawsuits or similar court proceeding recognised under local law.

Safeguarding of Data during Retention Period

The possibility that data media used for archiving will wear out shall be considered. If electronic storage media are chosen, any procedures and systems ensuring that the information can be accessed during the retention period (both with respect to the information carrier and the readability of formats) shall also be stored in order to safeguard the information against loss as a result of future technological changes. The responsibility for the storage falls to the Data Protection Officer.

Destruction of Data

Blue Ring Digital Services Ltd and its employees should, on a regular basis, review all data, whether held electronically on their device or on paper, to decide whether to destroy or delete any data once the purpose for which those documents were created is no longer relevant. Overall responsibility for the destruction of data falls to the Data Protection Officer.

Once the decision is made to dispose according to the Data Retention and Destruction Schedule, the data should be deleted, shredded or otherwise destroyed to a degree equivalent to their value to others and their level of confidentiality. The method of disposal varies and is dependent upon the nature of the document.

In this context, the employee shall perform the tasks and assume the responsibilities relevant for the information destruction in an appropriate way. The specific deletion or destruction process may be carried out either by an employee or by an internal or external service provider that the Data Protection Officer subcontracts for this purpose.

Appropriate controls shall be in place that prevents the permanent loss of essential information of Blue Ring Digital Services Ltd as a result of malicious or unintentional destruction of information – these controls are described in the Blue Ring Digital Services Ltd .

The Data Protection Officer shall fully document and approve the destruction process. The applicable statutory requirements for the destruction of information, particularly requirements under applicable data protection laws, shall be fully observed.

Breach, Enforcement and Compliance

The person appointed with responsibility for data protection, the Data Protection Officer, has the responsibility to ensure that each of the Blue Ring Digital Services Ltdoffices complies with this Data Retention and Destruction Policy. It is also the responsibility of the Data Protection Officer to assist any local office with enquiries from any local data protection or governmental authority.

Any suspicion of a breach of this Data Retention and Destruction Policy must be reported immediately to Data Protection Officer. All instances of suspected breaches of the Data Retention and Destruction Policy shall be investigated and action taken as appropriate.

Failure to comply with this Data Retention and Destruction Policy may result in adverse consequences, including, but not limited to, loss of customer confidence, litigation and loss of competitive advantage, financial loss and damage to the Blue Ring Digital Services Ltd reputation, personal injury, harm or loss. Non-compliance with this Data Retention and Destruction Policy by permanent, temporary or contract employees, or any third parties, who have been granted access to the Blue Ring Digital Services Ltd premises or information, may therefore result in disciplinary proceedings or termination of their employment or contract. Such non-compliance may also lead to legal action against the parties involved in such activities.

Document Disposal

Records which may be routinely destroyed unless subject to an on-going legal or regulatory inquiry are as follows:-

  • Announcements and notices of day-to-day meetings and other events including acceptances and apologies;

  • Requests for ordinary information such as travel directions;
  • Reservations for internal meetings without charges / external costs;
  • Transmission documents such as letters, fax cover sheets, e-mail messages, routing slips, compliments slips and similar items that accompany documents but do not add any value;
  • Message slips;
  • Superseded address list, distribution lists etc.;
  • Duplicate documents such as CC and FYI copies, unaltered drafts, snapshot printouts or extracts from databases and day files;
  • Stock in-house publications which are obsolete or superseded; 
  • Trade magazines, vendor catalogues, newsletters and flyers from vendors or other external organisations.

In all cases, disposal is subject to any disclosure requirements which may exist in the context of litigation.

Destruction Method

Paper based documents should be cross-cut shredded and then placed into locked rubbish bins for collection by an approved disposal firm.

Electronic data is subject to secure deletion when the device/ hardware is disposed of.

Disposal should include proof of destruction.

Data Retention and Destruction Schedule

Data category Type Location Retention period Destruction Data owner
Financial records
Payroll records

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 45 days Cross-cut shredding after electronic copy/ record created Finance Team
Supplier contracts

Electronic

Server 7 years after contract is terminated Automatically purged Finance Team

Paper

Finance Office Duration of contract Cross-cut shredding after electronic copy/ record created Finance Team
Chart of accounts

Electronic

Server Permanent Finance Team
Fiscal policies and procedures

Electronic

Server Permanent Finance Team
Permanent audits

Electronic

Server Permanent Finance Team
Financial statements

Electronic

Server Permanent Finance Team
Ledger's

Electronic

Server Permanent Finance Team
Investment records (deposits, earnings, withdrawals)

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 45 days Cross-cut shredding after electronic copy/ record created Finance Team
Invoices

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 45 days Cross-cut shredding after electronic copy/ record created Finance Team
Cancelled checks

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 45 days Cross-cut shredding after electronic copy/ record created Finance Team
Bank deposit slips

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 45 days Cross-cut shredding after electronic copy/ record created Finance Team
Business expenses documents

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 45 days Cross-cut shredding after electronic copy/ record created Finance Team
Check registers/ books

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 1 year from register/ book completion Cross-cut shredding after electronic copy/ record created Finance Team
Property/ asset inventories

Electronic

Server 7 years Automatically purged Finance Team
Credit card receipts

Electronic

Server 3 years Automatically purged Finance Team

Paper

Finance Office 45 days Cross-cut shredding after electronic copy/ record created Finance Team
Petty cash receipts/ documents

Electronic

Server 3 years Automatically purged Finance Team

Paper

Finance Office 45 days Cross-cut shredding after electronic copy/ record created Finance Team
Business records
Article of Incorporation to apply for corporate status

Electronic

Server Permanent Finance Team

Paper

Finance Office Permanent Finance Team
Board policies

Electronic

Server Permanent Finance Team
Board meeting minutes

Electronic

Server Permanent Finance Team
Tax or employee identification number designation

Electronic

Server Permanent Finance Team
Office and team meeting minutes

Electronic

Server 2 years Automatically purged Finance Team
Annual corporate filings

Electronic

Server Permanent Finance Team
Employee records
Disciplinary, grievance proceedings records, oral/ verbal, written, final warnings and appeals

Electronic

Server 7 years after seperation Automatically purged HR Team
Applications for jobs and interview notes

Electronic

Server 7 years after seperation or 6 months if not employed Automatically purged HR Team

Paper

HR Office 45 days Cross-cut shredding after electronic copy/ record created HR Team
Payroll input forms, wages/ salary records, overtime/ bonus payments Payroll sheets and copies

Electronic

Server 7 years Automatically purged HR Team
Bank details – current

Electronic

Server Duration of employment Automatically purged HR Team
Payrolls/ wages

Electronic

Server 7 years after seperation Automatically purged HR Team

Job history including staff personal records:-

  • Contract(s);
  • Terms & Conditions;
  • Previous service dates;
  • Pay and pension history,
  • Pension estimates, resignation/ termination letters

Electronic

Server 7 years after seperation Automatically purged HR Team

Paper

HR Office Duration of employment Cross-cut shredding after electronic copy/ record created HR Team
Employee address details

Electronic

Server Duration of employment Automatically purged HR Team
Expense claims

Electronic

Server 7 years Automatically purged HR Team
Annual leave records

Electronic

Server Duration of employment Automatically purged HR Team
Accident books including accident reports and correspondence

Electronic

Server 21 years Automatically purged HR Team

Paper

HR Office 1 year Cross-cut shredding after electronic copy/ record created HR Team
Certificates and self-certificates unrelated to workplace injury; statutory sick pay forms

Electronic

Server 7 years after seperation Automatically purged HR Team

Paper

HR Office 1 year Cross-cut shredding after electronic copy/ record created HR Team
Pregnancy/ childbirth certification

Electronic

Server 7 years after seperation Automatically purged HR Team

Paper

HR Office  1 year Cross-cut shredding after electronic copy/ record created HR Team
Parental leave

Electronic

Server Duration of employment Automatically purged HR Team
Maternity pay records and calculations

Electronic

Server 7 years after seperation Automatically purged HR Team
Redundancy details, payment calculations, refunds, notifications

Electronic

Server 7 years after seperation Automatically purged HR Team
Training and development records

Electronic

Server 7 years after seperation Automatically purged HR Team
All other contracts
Signed

Electronic

Server 7 years after contract is terminated Automatically purged Finance Team

Paper

Finance Office Duration of contract Cross-cut shredding after electronic copy/ record created Finance Team
Contract amendments

Electronic

Server 7 years after contract is terminated Automatically purged Finance Team

Paper

Finance Office Duration of contract Cross-cut shredding after electronic copy/ record created Finance Team
Successful tender documents

Electronic

Server 7 years after contract is terminated Automatically purged Finance Team

Paper

Finance Office Duration of contract Cross-cut shredding after electronic copy/ record created Finance Team
Unsuccessful tenders’ documents

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 1 year Cross-cut shredding after electronic copy/ record created Finance Team
Tender – user requirements, specification, evaluation criteria, invitation

Electronic

Server 7 years after contract is terminated Automatically purged Finance Team

Paper

Finance Office Duration of contract Cross-cut shredding after electronic copy/ record created Finance Team
Contractors’ reports

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 1 year Cross-cut shredding after electronic copy/ record created Finance Team
Operation and monitoring, eg complaints

Electronic

Server 7 years Automatically purged Finance Team

Paper

Finance Office 1 year Cross-cut shredding after electronic copy/ record created Finance Team
Customer data

CRM data:-

  • Name;
  • Address;
  • Telephone number;
  • E-mail address;
  • Date of birth;
  • Communications.

Electronic

Server

Untill delete request made by customer

-or-

7 years from customer last log on, providing their are no active orders or contracts

Automatically purged Customer Service Team
Reviews, Feedback and comments

Electronic

Server

Untill delete request made by customer

-or-

7 years from customer last log on, providing their are no active orders or contracts
Automatically de-identified Customer Service Team
Live chat history

Electronic

Server

Untill delete request made by customer

-or-

7 years from customer last log on, providing their are no active orders or contracts
Automatically purged Customer Service Team
Platform data – information entered by the customer during the use of the platform (excluding information aleady detailed above)

Electronic

Server

Untill delete request made by customer

-or-

61 days from last contract expiry, providing their are no other active orders or contracts
Automatically purged Customer
Metrics data

Electronic

Server

Untill delete request made by customer

-or-

3 years

Automatically de-identified Development Team
Flyers & Newsletters
Name and email address

Electronic

Server Until unsubscribe request made Automatically purged Marketing & Sales Team
Other data
Call recordings

Electronic

Server 6 months Automatically purged Marketing & Sales Team
Proof of destruction/ destruction certificate

Electronic

Server Permanent Data Protection Officer
Paper Finance Office 45 days Cross-cut shredding after electronic copy/ record created Data Protection Officer
Information Technology
Files on local storage drives

Electronic

Device 45 days

Manually deleted after file has been moved to personal/ group network drive or attahced to a new or existing electronic record where required

Individual employee
Local storage recycle bins

Electronic

Device Manually purged monthly Individual employee
Group/ personal network drive

Electronic

Device  3 years Manually deleted quaterly Individual employee
E-mail (inbox, sent items and sub folders)

Electronic

Device and Server 30 days after actioned Manually deleted after relivant information and attachments are attached or stored (if required) inline with this policy Individual employee
E-mail (deleted items)

Electronic

Device and Server Manually purged monthly Individual employee
Webserver backups

Electronic

Server 7 days Automatically purged Development Team
 

Changes to Our Data Retention and Distruction policy

This Data Retention and Destruction Policy replace all previous versions. We reserve the right to change this Data Retention and Destruction Policy at any time.