Stats

Actions

Tags

Help us improve

Share bugs, ideas, or general feedback.

design-data-retention | grimoire

Skill

design-data-retention

Guides creation of data retention schedules compliant with GDPR, ISO 27001, and legal hold requirements.

$

npx claudepluginhub jeffreytse/grimoire --plugin grimoire

Popularity

Stars

12

Forks

1

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/grimoire:design-data-retention

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Establish a legally defensible data retention schedule that balances regulatory minimization obligations with legal hold and business requirements.

SKILL.md

60 lines · ~1.6k tokens

Similar Skills

design-data-retention-policy

12

Creates or audits a data retention policy balancing legal obligations, business needs, and privacy requirements. Includes inventory, legal mapping, retention schedule, and deletion methods.

retention-schedule

86

Designs GDPR-compliant data retention schedules mapping data categories to retention periods with legal basis justifications, regulatory minimums, and automated review triggers. For retention policy, storage limitation, data lifecycle queries.

4 files

privacy-skills-complete

lgpd-retention-erasure

23

Defines retention rules and erasure mechanisms for LGPD compliance, reconciling right to erasure with legal retention obligations. Includes Prisma schema, strategies, and automated cleanup jobs.

Stats

LanguageShell

Stars12

Forks1

MaintenanceExcellent

Last CommitJun 11, 2026

Actions

View Source View Plugin View on GitHub View README

Tags

Help us improve

Share bugs, ideas, or general feedback.

Design Data Retention

Establish a legally defensible data retention schedule that balances regulatory minimization obligations with legal hold and business requirements.

Why This Is Best Practice

Adopted by: ISO/IEC 27001, GDPR supervisory authorities, ARMA International (information governance), legal departments globally Impact: GDPR storage limitation violations carry significant fines; conversely, deletion of data subject to legal hold constitutes spoliation (destruction of evidence) with severe litigation consequences including adverse inference jury instructions; a documented retention schedule is the only way to satisfy both obligations simultaneously.

Data retention sits at the intersection of privacy law (minimize), records law (retain certain records), and litigation law (legal hold). Without a formal retention schedule, organizations either retain everything forever (GDPR violation) or delete too aggressively (spoliation risk). A properly designed schedule navigates both hazards.

Steps

Inventory all data categories — Map every type of data held: customer personal data, employee records, financial records, contracts, communications, audit logs, marketing data, product usage data; document format, location, and volume.
Identify applicable retention obligations — For each data category, identify the legal minimum retention period imposed by regulation: financial records (IRS/HMRC: 7 years), employee records (FLSA: 3 years payroll, OSHA: 30 years exposure records), contracts (statute of limitations + 2 years), tax records (7 years), healthcare records (HIPAA: 6 years), corporate records (state law, often perpetual for board minutes).
Apply the GDPR storage limitation principle — Personal data must not be kept longer than necessary for its specified purpose; where no legal minimum applies, define a business purpose period and a maximum retention period; document the rationale.
Create the retention schedule — Build a schedule mapping each data category to: retention trigger (date created, date of last transaction, date of contract expiry), retention period, deletion method, and responsible system/team; publish the schedule as a formal policy document.
Design the legal hold process — Define a legal hold procedure triggered by: litigation threatened or commenced, regulatory investigation, preservation letter received; legal hold suspends scheduled deletion for specific data categories relevant to the matter; require legal counsel sign-off on all holds; document hold issuance, custodians notified, and data preserved.
Implement technical deletion controls — Configure automated deletion or archival in each system at the end of the retention period; deletion must be: complete (all copies, backups, and DR environments), verifiable (deletion logs), and irreversible (secure erasure per NIST SP 800-88 or equivalent, not just logical deletion).
Address backup and archive media — Retention schedules must account for backup media; deleted data may survive in backups past the retention period; implement a backup retention period aligned to the shortest retention period in the schedule, or document backup tape recycling timelines.
Document and train — Publish the retention schedule to all data owners; train staff on legal hold obligations; conduct annual retention reviews to add new data categories and update periods for regulatory changes.

Rules

Never delete data subject to a legal hold regardless of scheduled retention period; document all active holds in a hold register.
Do not equate deletion from primary systems with data erasure; confirm deletion from all backups, DR sites, and third-party processors within the retention period.
Retain deletion logs (date, data category, volume, method, and authorizing individual) as evidence of compliance; these logs themselves have a retention period (minimum 3–5 years).
Align the retention schedule with Article 30 ROPA (GDPR); the retention period column in the ROPA must reflect actual scheduled deletion.
Review the retention schedule annually; regulatory changes, new data categories, and new systems require schedule updates.

Rules

Never delete data subject to a legal hold regardless of the scheduled retention period.
Do not treat deletion from production systems as complete; also purge from backups, DR sites, and all sub-processors.
Maintain deletion logs as compliance evidence; target retention for deletion logs is 5 years minimum.
Annual review of the retention schedule is mandatory; add new data categories as they emerge.
Escalate retention conflicts (legal hold vs. GDPR erasure request) to legal counsel; the two obligations require case-by-case resolution.

Examples

Retention schedule entry: Data category: Customer purchase history. System: Shopify + data warehouse. Trigger: date of last transaction. Retention period: 7 years (tax/financial records obligation under IRS Rev. Proc. 98-25). Deletion method: automated purge job in data warehouse + Shopify data export + deletion via API. Exception: legal hold overrides. Responsible: Data Engineering team. Last reviewed: 2026-01-01.

Common Mistakes

Setting "retain indefinitely" as the default — Indefinite retention violates GDPR storage limitation for personal data; every category needs a defined period and deletion trigger.
Not accounting for backups — Data deleted from production databases often persists in daily/weekly backups for months; retention periods must account for backup cycles.
Conflating archival with deletion — Moving data to cold storage (AWS Glacier, offline tape) is not deletion; archived data remains subject to GDPR obligations and legal hold requirements.

Law disclaimer: This skill encodes professional best practices for educational purposes. It is not legal advice. Consult a licensed attorney before making legal decisions.