Imagine a customer requests a copy of their personal data or asks for it to be deleted. Without clear rules, finding that data or knowing if it should still exist can take days or even weeks. Moreover, outdated or unnecessary information may remain in shared drives, backups, or archived systems. This leads to compliance risks... The post Data Retention Policy for ISO 27001: A Simple Guide (+ Template) appeared first on Sprinto.
