Retention and restriction of records
14. (1) Subject to subsections (2) and (3), records of personal information must not be
retained any longer than is necessary for achieving the purpose for which the
information was collected or subsequently processed, unless—
(a) retention of the record is required or authorised by law;
(b) the responsible party reasonably requires the record for lawful purposes
related to its functions or activities;
(c) retention of the record is required by a contract between the parties thereto; or
(d) the data subject or a competent person where the data subject is a child who has consented to the retention of the record.
(2) Records of personal information may be retained for periods in excess of those
contemplated in subsection (1) for historical, statistical or research purposes if the responsible party has established appropriate safeguards against the records being used for any other purposes.
(3) A responsible party that has used a record of personal information of a data subject to make a decision about the data subject, must—
(a) retain the record for such period as may be required or prescribed by law or a
code of conduct; or
(b) if there is no law or code of conduct prescribing a retention period, retain the
record for a period which will afford the data subject a reasonable opportunity,
taking all considerations relating to the use of personal information into
account, to request access to the record.
(4) A responsible party must destroy or delete a record of personal information or
de-identify it as soon as reasonably practicable after the responsible party is no longer
authorised to retain the record in terms of subsection (1) or (2).
(5) The destruction or deletion of a record of personal information in terms of
subsection (4) must be done in a manner that prevents its reconstruction in an intelligible form.
(6) The responsible party must restrict processing of personal information if—
(a) its accuracy is contested by the data subject, for a period enabling the
responsible party to verify the accuracy of the information;
(b) the responsible party no longer needs the personal information for achieving
the purpose for which the information was collected or subsequently
processed, but it has to be maintained for purposes of proof;
(c) the processing is unlawful and the data subject opposes its destruction or
deletion and requests the restriction of its use instead; or
(d) the data subject requests to transmit the personal data into another automated
(7) Personal information referred to in subsection (6) may, with the exception of
storage, only be processed for purposes of proof, or with the data subject’s consent, or
with the consent of a competent person in respect of a child, or for the protection of the rights of another natural or legal person or if such processing is in the public interest.
(8) Where the processing of personal information is restricted pursuant to subsection (6),
the responsible party must inform the data subject before lifting the restriction on