GDPR · Art. 17

Deletion Concept & Retention Periods

Personal data must not be stored longer than the purpose requires. A deletion concept defines which data is deleted when – and documents the deletion provably. SimpleAct keeps retention periods and the deletion log in one place.

Start for free View GDPR compliance

What is a deletion concept?

A deletion concept is the systematic definition of which personal data is deleted after which periods. It puts the right to erasure (Art. 17) and the principle of storage limitation (Art. 5) into practice: once the purpose of a processing activity no longer applies and no statutory retention obligation stands in the way, the data must be deleted. The deletion log proves that this has actually happened.

Building blocks of a deletion concept

Retention periods per data type

A period is defined for each data category – based on purpose and statutory retention obligations.

Retention obligations

Commercial and tax law periods (e.g. 6 or 10 years) take precedence over deletion and are taken into account.

Deletion triggers & routines

Clear events (end of contract, withdrawal) trigger deletion – ideally semi-automated.

Deletion log

Every deletion is documented – as accountability evidence towards supervisory authorities.

Implement a deletion concept

Take data categories from the records of processing
Define purpose and retention period per category
Account for statutory retention obligations
Define deletion triggers (e.g. end of contract, withdrawal)
Assign responsibilities and routines
Document completed deletions in the deletion log
Review and update the concept regularly

Frequently asked questions about deletion concepts

Is a deletion concept mandatory?

A documented deletion concept is the practical prerequisite for provably meeting storage limitation (Art. 5) and erasure obligations (Art. 17) – and is therefore part of accountability.

What takes precedence: erasure or retention?

Where statutory retention obligations exist, the data may not be deleted until the period expires, but its processing can be restricted.

Is anonymising data enough instead of deleting it?

Yes – if data is genuinely anonymised (no personal reference can be re-established), it is no longer personal data and not subject to the erasure obligation.

How do I prove a deletion?

Via a deletion log recording which data was deleted when and on what basis – without itself creating new, unnecessary data.

Deletion concept with SimpleAct

Define retention periods per data type, document deletions and provide the deletion log as evidence at any time.

Start for free