It is now known to everyone that you cannot store data and personal data indefinitely. After the data has served its legitimate purpose, it must be deleted. This can be read in article 5.1. of the GDPR. In this article we will tell you how the Spend Cloud can help you with this.
Article 6 of this regulation states that there are roughly four legal purposes for storing data.
When global or local laws and regulations give permission. For example, the retention obligation of (usually) 7 years for financial data.
If there is a contractual commitment with a company. For example, our agreement states that as long as the contract is active, we may store contact details in our CRM system.
If you have a legitimate interest. This is the processing of personal data for a specific interest. For example, preventing fraud or properly securing and protecting computer systems.
Legislation and regulations ensure that all organisations have certain obligations when processing data. It is important that the Spend Cloud always handles data with care, but that customers themselves are responsible for recording and determining the legal basis. You decide when we delete data. We cannot make any assumptions about this, only facilitate it.
The other clean-up actions can be requested via this form. As soon as you have filled out this form, a support call will be created. This support call will not be given the highest urgency, but will of course be addressed. You will receive a message when the data cleanup has been carried out. Removing this data has advantages in terms of sustainability. We will need less storage and therefore less server capacity at Google.
We recommend carrying out the above clean-up actions as soon as possible if you see that there are invoices, orders or emails in your Spend Cloud archive that are older than legally permitted.