The storage limitation principle specifies that personal data shall be kept in a form which permits identification of the data subject for no longer than is necessary.

This means that we should consider how long data must be retained in its current state, which would in turn translate into our data retention schedule.  It is a common misconception that personal data should be kept for six years, however this principle recognises that measure should be ‘as long as is necessary’.

This principle also requires that we consider how to restrict identification of the data subject whilst the data is still deemed necessary.  Techniques such as anonymisation or encryption can be considered as these would have the effect of stopping an unauthorised party from identifying the data subject.