How long can you keep data for under GDPR?
There are numerous legislative Acts and Regulations that mandate statutory retention periods for documents such as financial records or HR or Health and Safety records. In addition to these, business should be stipulating their own retention periods for the data and records they keep (to include those that contain personal data).
There is no single answer to this question, but it is an area that needs to be addressed by businesses as part of adhering to the principle “Stored in a form that permits identification no longer than necessary”
Once defined, the retention policies need to be adhered to!