DPDP enforcement deadline: May 2027Rules notified Nov 2025Penalty exposure up to ₹250 Cr

Free Tools Templates Services Workshops Book Consultation

Quick Answer

How long can organisations retain personal data under the DPDP Act? The DPDP Act 2023 requires Data Fiduciaries to retain personal data only for as long as necessary to fulfil the purpose for which it was collected. Once the purpose is served — or the data principal withdraws consent and there is no other legal basis for retention — the data must be erased. Organisations should maintain a formal Data Retention Schedule that specifies retention periods for each data category, the legal or business justification for that period, and the deletion mechanism.

DPDP Data Retention Schedule — Define How Long You Keep Personal Data

DPDP Section 8(7) requires you to delete personal data when it's no longer needed. Generate a complete retention schedule for your organisation in 3 minutes.

Free Tool Covers 40+ data categories Sector-specific rules DPDP + Indian regulatory requirements Free download

Organisation

Data Categories

Your Schedule

⚖ Key Statutory Retention Requirements for Your Sector

Data Retention Schedule

Click any cell to edit. All changes are saved in your browser session.

Data Category	Retention Period	Legal Basis	Deletion Method	Review Frequency

Retention Timeline — Visual Overview

Relative retention periods across your selected data categories (scale: 10 years max).

1yr 3yr 5yr 8yr 10yr

1 year or less

2–3 years

5 years

7 years

8 years

10 years

📧 Email Your Retention Schedule + Free Policy Template

Get this schedule sent to your inbox along with a free Data Retention Policy template you can customise for your organisation.

This retention schedule is a starting point.

Need a legally reviewed Data Retention Policy signed off by a qualified DPDP consultant? Our team can produce a board-ready retention policy document with evidence of review.

Book a Consultation with Niti Bharat →

`; const blob = new Blob([html], {type:'text/html'}); const url = URL.createObjectURL(blob); const a = document.createElement('a'); a.href = url; a.download = state.orgName.replace(/[^a-zA-Z0-9]/g,'_') + '_Data_Retention_Schedule.html'; document.body.appendChild(a); a.click(); document.body.removeChild(a); URL.revokeObjectURL(url); } // ─── LEAD FORM ──────────────────────────────────────────────────────────────── function handleLeadSubmit(e) { e.preventDefault(); const form = document.getElementById('lead-form'); const data = new FormData(form); fetch('https://script.google.com/macros/s/AKfycbz-i5iO8kvrhkzuF0POthUqamN0R01pio0A8NvFpic7fNIqYVE18Yy2W5L_UOTFtNt3DQ/exec', { method: 'POST', body: data }).then(() => { document.getElementById('lead-form-wrap').classList.add('hidden'); document.getElementById('lead-success').classList.remove('hidden'); }).catch(() => { // Fallback: just show success document.getElementById('lead-form-wrap').classList.add('hidden'); document.getElementById('lead-success').classList.remove('hidden'); }); } // ─── UTILS ─────────────────────────────────────────────────────────────────── function escHtml(s) { return String(s).replace(/&/g,'&').replace(//g,'>').replace(/"/g,'"'); }