UK GDPR and Data Protection Act 2018: Core data protection legislation that governs how personal data must be processed, stored, and retained. Sets principles for data minimization and storage limitation.
Privacy and Electronic Communications Regulations (PECR): Specific rules for electronic communications, marketing, and cookies that impact data retention requirements for digital communications.
Employment Rights Act 1996: Defines requirements for keeping employment records, including contracts, pay records, and working hours documentation.
Companies Act 2006: Specifies statutory requirements for maintaining corporate records, including financial statements, board minutes, and shareholder information.
Taxes Management Act 1970: Mandates retention periods for tax-related documents and financial records required by HMRC.
Limitation Act 1980: Sets time limits for legal claims, influencing how long organizations should retain documents for potential litigation purposes.
Companies (Records) Regulations 2008: Specific requirements for company record-keeping, including format and duration of storage for corporate documents.
Financial Services and Markets Act 2000: Regulatory framework for financial services firms, including specific record-keeping requirements for regulated entities.
Health and Safety at Work Act 1974: Requirements for maintaining health and safety records, risk assessments, and incident reports.
Environmental Protection Act 1990: Mandates retention of environmental compliance records and waste management documentation.
Electronic Communications Act 2000: Legal framework for electronic communications and digital records, including requirements for electronic signature retention.
Value Added Tax Act 1994: Specifies retention periods for VAT records and related financial documentation.
