Data Retention Issues
Overview
Section titled “Overview”For transparency, the following GDPR-related data handling issues are tracked. These represent known data retention considerations that may require attention or are being monitored.
| Issue | Description | Status |
|---|---|---|
| Birth Certificate Deletion | Birth certificates are deleted when baptism request is completed to comply with data minimisation | Implemented |
| Baptism Certificate Retention | Baptism certificates are retained in the permanent register (BaptismEntry) as required by canonical law | By design |
| Document Storage | Uploaded documents stored in S3 with lifecycle policies | In progress |
| Review History Audit | Deletion actions recorded in review history for accountability | Implemented |
Contributing to This List
Section titled “Contributing to This List”When identifying new GDPR-related data retention issues, consider:
- Data Minimisation - Is the data strictly necessary for the purpose?
- Storage Limitation - Is there a defined retention period?
- Purpose Limitation - Is the data used only for its original purpose?
- Legal Basis - Is there a valid reason to retain this data?
If you identify an issue, document it here with:
- Clear description of the data handling concern
- Current status (e.g., “Identified”, “In Progress”, “Implemented”, “By design”)
- Related documentation links