Skip to content

Settings and activity

2 results found

  1. 12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    G Jones commented  · 

    The EU's GDPR states that data must not be retained "longer than necessary". In the UK, a sensible rule of thumb for this is 6 years to be able to provide records to the tax authority as needed, but our business does not need to keep records longer than this and our data retention policy states to customers that we will not keep their data longer than 7 years.

    We have tens of thousands of "contact" records in xero but there is no way to delete the details of customers that have not interacted with us 7 years.

    Xero should allow users to set a "data retention period" in the settings and when this time passes, it should provide a tool that allows the PII of customers to be purged from the system and no longer saved.

    Xero has a responsibility as a "Data Processor" under GDPR. Data processors and sub-processors are responsible for processing personal data on behalf of the controller. They must follow the controller’s instructions, including abiding by a data retention timeframe, which should be set out in the contract or data processing agreement. Details should also include what will happen to the personal data once the contract is terminated.

    G Jones supported this idea  · 
  2. 131 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    G Jones supported this idea  ·