[-] Peathah@lemmy.world 2 points 2 days ago

Under the GDPR, every organisation must:

Define how long each category of personal data is stored Justify each retention period with a legal or operational basis Ensure data is deleted or anonymised once the purpose ends Document all retention rules in a clear and accessible format Apply retention rules consistently across all data systems Ensure third-party processors comply with the organisation’s retention instructions They can define their own reasonable terms. Sony chooses to delete that stuff.

Peathah

joined 1 week ago