Data retention policy
Retention policy legislation
To summarise the legal requirements, Article 5 (e) of the GDPR states that personal data shall be kept for no longer than is necessary for the purposes for which it is being processed. There are some circumstances where personal data may be stored for longer periods (e.g., archiving purposes in the public interest, scientific or historical research purposes).
Recital 39 of the GDPR states that the period for which the personal data is stored should be limited to a strict minimum and that time limits should be established by the data controller for deletion of the records (referred to as erasure in the GDPR) or for a periodic review.
Organisations must therefore ensure that personal data is securely disposed of when no longer needed. This will reduce the risk that it will become inaccurate, out of date, or irrelevant.
NAGRAVISION data retention policy
Policy statement
1.1 NAGRAVISION is responsible for implementing retention criteria for its own information records and those of its customers and ensuring compliance with the General Data Protection Regulation (GDPR) as a data processor.
1.2 NAGRAVISION assumes the responsibilities of a Data Processor. Operators of the system are data controllers and as such assume the data controller responsibilities.
1.3 This document sets out the NAGRAVISION policy for the disposal and retention of records. It applies to all records, both in paper and electronic form.
Scope
2.1 This policy is intended for both NAGRAVISION customers and staff and aims to provide an overview of the NAGRAVISION data retention policy.
2.2 Relevant provisions in the GDPR – see Articles 5(1)(e), 17(1)(a), 30(1)(f) and 89, and Recital 39: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN
Principles
3.1 One of the main aims of successful record management is to be able to find, quickly and readily, any information requested. The FOI Act in January 2005 reinforced the need to know what information we hold and to be able to locate it promptly and in compliance with GDPR.
3.2 NAGRAVISION will review information regularly to ensure that it is:
Necessary – the information must hold some value for NAGRAVISION to carry out its functions.
Proportionate – in order to justify the retention of the information, it must be proportionate to retain the information against the impact on an individual’s rights.
Adequate – in order to justify the retention of information, it must be as complete as possible.
Relevant – information must be fit for the purpose for which it is held.
Accurate and up-to-date – all record details must be accurate and records must be updated with any new information.
Of historical value – it may also be necessary to retain information of particular legal or historical significance. This relates to past-periods data used usually as a basis for supporting financial transactions or contractual terms and conditions.
3.3 Factors that may impact on the retention of information are:
The age of the information – as time progresses, information can become increasingly inaccurate.
The reliability of the information – may be questioned/unreliable where the information is unproven,
The reliability of the source of the information – sources of information may prove to be unreliable or false,
Legal requirement – there may be a legal requirement to retain information for a specified period of time,
What it means in practice
4.1 The relevant data owners are responsible for its review, in line with this policy and further detailed schedules. This applies to both electronic and paper records.
4.2 When the retention target is reached, the information will be reviewed to confirm that the information is to be further retained or destroyed. It will be destroyed if there is no further business, statutory, or historical reason to keep it or to select it for rereview at a later date; either because the business need is ongoing or because of potential historical value.
Data
N.B. Definition of activity
An activity is any change to the account resulting from a end user action, i.e., a log on to the system, a purchase, processing a payment, or an active subscription.
Consumer data
Data category | Retention period | Retention basis | Data |
|---|---|---|---|
Consumer data | Date of last activity on system + 6 months
| Legitimate interest | Name Authentication credentials Parental control preferences Contact details (email, address, social media) IP address Location Devices Purchase history Recording requests and recordings DRM licenses Marketing consent Customer support notes |
Consumer analytics | Detailed data for 13 months or 30 days from receipt of right to be forgotten request Aggregate data for 37 months. Anonymised in event of right to be forgotten request. | Legitimate interest | Active data collectors by proxy, e.g., when you watch something Bookmarks Favourites Events Access Viewing history Demographic data App navigation flow Recommendation preferences and profile |
Consumer payment and transaction data | Date of last activity on system + 6 months | Legitimate interest | Payment transaction details as held by third party |
Operator admins data
Data category | Retention period | Retention basis | Data |
|---|---|---|---|
Operator staff data | Date of last activity on system + 12 months Deletion on request. | Contract between operator and their staff, legitimate interest | Staff details provided by the operator Name Usage of platform Viewing history Demographic data App navigation flow Customer support notes Recommendation preferences and profile Marketing consent |
Changing retention periods
If you require a change to any of these retention periods, you can do so by submitting a support ticket in the usual way.