Retention & Destruction Policy

Retention & Destruction Policy

Version: 2.0
Valid until: 2025-04-12
Classification: Low

Version Management


Version

Author(s)

Change(s)

Date approved

1.0

Stefan van Aalst

Edward Robinson

Initiation document

2022-06-08

1.1

Edward Robinson

Additions/changes as part of the periodic review and improvement.


Additions to reflect MDM and remote wiping.

Formatting.

2023-10-06

2.0
Edward Robinson
Additions/changes as part of the annual review.

Updated Workspace deletion flow.

Added Workspace archival retention period.

Added wiping of anDREa-managed devices.

Purpose & Background

In the interest of all the stakeholders, the top management of anDREa B.V. (hereafter called anDREa) is actively committed to demonstrably maintain and continually improve an information management system in accordance with the requirements of the ISO 27001:2017.


The purpose of this document is to describe the retention and destruction policy of anDREa and the associated controls, checks and administrations.


This document will be reviewed at least annually and when significant change happens.

Objective


The objective is:
  1. To clearly describe the retention and destruction of anDREa-related work.

Scope


The scope of this document corresponds to Clause 4 Context of the organisation.

Availability

This document is:


  • required reading for:

    • all employees and contractors of anDREa.

  • available for all interested parties as appropriate.


Retention & Destruction policy

anDREa encourages its employees, seconded personnel, and contractors to work in the anDREa Google Workspace for office tasks or myDRE Workspace/Azure Portal/Dev Ops for myDRE related work. Retention of the different data:
  1. General Corporate Records including but not limited to minutes, accounting, finance and tax records:
    1. Permanently unless obsolete and no legal retention period is applicable.
  1. myDRE interaction logs of but not limited to users, (C)ST and technical support
    1. Logging for forensic purposes (on special request available)
      1. 2 years hot, at least 7 years cool or archived
    2. Logging for workspace members (available to users)
      1. 90 days
  1. myDRE user accounts:
    1. Until requested to be deleted from the AAD.
  1. Workspace-related data, see below Microsoft Azure Related, this includes:
    1. Deleted content from OS-disks:
      1. Policies set on the VM and user.
    2. VM deletion:
      1. Data stored on the VM is instant deleted when a VM is deleted and unrecoverable.
    3. Data deletion from a storage account (the fileshare/Z-drive):
      1. By default there is a 30-day rolling 24h snapshot.
      2. Data will become unrecoverable after 30 days.
    4. Storage account deletion:
      1. The storage account is protected against "accidental" deletion (resource lock).
      2. There is a possibility of recovering the data within 14 days:
        1. However, Microsoft cannot guarantee that it will succeed.
    5. Workspace deletion (unrecoverable):
      1. Workspaces can be deleted by the local Research Support team after the proper checks.
    6. Workspace archival:
      1. Data retention is as default 15 years, can be changed upon request of Research Support.
  1. anDREa organizational accounts (Google Workspace) and devices.
    1. Until no longer part of anDREa organization according to A.7 Human Resource Security.
    2. Devices owned by anDREa will be remotely wiped clean when the device changes custodian, is decommissioned, or is lost.
  1. Upon completing a task/ticket and the data is no longer needed, all relevant data must be moved to an anDREa managed environment and deleted beyond recovery from any non-anDREa managed environments such as but not limited to laptops, non-anDREa SharePoints, Teams and Google Drive.
  1. Upon leaving anDREa B.V. all relevant data must be handed over and deleted beyond recovery from any non-anDREa managed environments such as but not limited to laptops, non-anDREa SharePoints, Teams and Google Drive.
Bear in mind:
  1. When data is deleted on a storage account it remains 30 days available in the form of a snapshot unless the storage account itself is deleted.

    • Related Articles

    • Password Policy

      Introduction anDREa is committed to protecting the security of its business information in the face of incidents and unwanted events and  has implemented an Information Security Management System (ISMS) that is compliant with ISO/IEC/27001:2013, the ...

    • Log-On Policy

      Introduction anDREa is committed to protecting the security of its business information in the face of incidents and unwanted events and  has implemented an Information Security Management System (ISMS) that is compliant with ISO/IEC/27001:2013, the ...

    • AI/LLM Use Policy

      Version: 1.0 Valid until: 2025-03-26 Classification: Low Version Management Version Author(s) Change(s) Date approved 1.0 Stefan van Aalst Edward Robinson Initiation document 2024-03-26 Purpose & Background anDREa B.V. (hereafter called anDREa) ...

    • ISO 27001 - Overview & Statement of Applicability

      Introduction This page is the stepping stone to all ISO 27001 related policies and procedures. anDREa's Access Control Policy applies. Some documents, records especially, might not be accessible. Authorized access will be issued based on invitation ...

    • anDREa B.V. obtains ISO 27001 certification

      Version: 2022-09-15 TL;DR: anDREa B.V. obtained ISO 27001 certification. Feel free to download the certificate (attached at the bottom). Introduction anDREa B.V. is committed to protecting the security of its business information in the face of ...