User Manual

This is an old revision of the document!

---

Data Retention Rules

Use data retention rules to comply with the Data Protection Act, etc by:

• destroying unsuccessful loan and membership applications after a set time (default 3 months)
• redacting personal data from successful applications after a set time (default 18 months)
• archiving non-personal data from successful applications to allow trend analysis, etc
• destroying data from all miscellaneous forms after a set time (default 3 months)
• destroying credit and ID search results after a set time (default 3 months)

Data retention rules are set in three ways:

1. At system level you can set the retention periods to be applied:

• Long retention period (months until successful applications are redacted and archived)
• Short retention period (months until search results, unsuccessful applications and misc forms are destroyed)

2. At form level, you select the specific retention rules to apply to completed forms:

• Credit application - redact, purge and archive
• Misc form - purge without archive - short period
• Misc form - purge without archive - long period
• Retain indefinitely (default)

note: retention period applies to the last time a form was changed or actioned in workflow, applications are treated as unsuccessful if ANY workflow field starts with Decline, Withdraw, W/D or Fail (eg Declined, Withdrawn, W/D Dup will all be included)

3. At field level, you can define which fields on application forms are treated as personal data

• standard library fields marked [PD] are always treated as personal data
• standard library fields marked [PDS] (eg search results) are treated as sensitive personal data and are always redacted after the short retention period has passed regardless of the form-level rule applied
• other fields are treated as personal data if PERSONAL_DATA is added to special treatment