- Contact The DPO Centre
- +44 (0)203 797 1289
- hello@dpocentre.com
February 16, 2026
IT equipment disposal is often treated as a straightforward operational task. However, studies consistently show that discarded hardware frequently still contains recoverable information. Research by the University of Hertfordshire’s Cyber Security Centre found that 65% of second-hand memory cards held recoverable data.
The General Data Protection Regulation (GDPR) sets clear legal requirements for how organisations handle personal data. Organisations are expected to take reasonable steps to delete data when it is no longer accurate or required, and to protect both the data and the equipment used to store it against unauthorised access throughout its lifecycle.
August 4, 2025
In this blog, we explore how organisations can manage CRM data retention responsibly and compliantly under the General Data Protection Regulation (GDPR). Customer Relationship Management data […]
November 11, 2024
Edited with updates on 23 October 2025 As people grow more aware of their privacy rights, companies are facing more DSARs than ever before. Fulfilling these […]
September 2, 2024
The GDPR has been in effect since 2018, and most organisations have implemented comprehensive data protection programmes to manage personal data processing. However, questions still arise […]
December 11, 2023
How long should we keep different types of personal data? How can we create an effective data retention policy and schedule? What role do data controllers, […]
July 26, 2021
Back in April, following the publication of the UK Data Protection Index’s fourth report, we wrote a blog about the perils of International Data Transfers and […]
December 3, 2018
The First Mate says to the pirate, “Cap’n, I’ve destroyed all our old crew lists. All records of everyone we made walk the plank have also […]