top of page

Data Retention Policy

Why this exists

Restore the Legacy collects and maintains certain types of information in order to operate responsibly, manage projects, collaborate with partners, and comply with legal and regulatory requirements.

 

At the same time, responsible data governance requires that information is not stored longer than necessary.

 

This policy establishes principles for how organisational data is retained and managed over time.

 

 

Guiding principle

Restore the Legacy seeks to retain information only for as long as it is necessary to support:

  • Organisational operations

  • Legal and regulatory obligations

  • Financial administration and reporting

  • Project management and impact monitoring

  • Responsible governance and accountability
     

Data that is no longer required should be securely deleted or archived where appropriate.
 

 

Types of data

The organisation may retain different categories of information, including:

  • Donor and supporter information

  • Partner and collaborator contact information

  • Financial and administrative records

  • Project documentation and monitoring data

  • Governance and organisational records
     

Each category of information may have different retention needs depending on operational or legal requirements.
 


Retention periods

Where possible, Restore the Legacy aims to retain information for a reasonable period consistent with operational needs and applicable legal obligations.

 

Examples may include:

  • Financial and administrative records retained in line with legal requirements

  • Project documentation retained to support long-term environmental monitoring and reporting

  • Contact information retained while relationships remain active


Retention periods may vary depending on the nature of the information.
 

 

Secure storage and deletion

Information should be stored in appropriate systems that support organisational security and responsible data management.

 

When information is no longer required, reasonable steps should be taken to ensure that it is securely deleted or archived.

 

Handling of personal data should also follow Restore the Legacy’s AI Use & Data Protection Policy and Cybersecurity Policy.
 

 

Review

Restore the Legacy may periodically review data management practices to ensure that information is retained responsibly and in accordance with evolving operational, legal, and regulatory requirements.

 

 

Commitment 

Restore the Legacy recognises that responsible data stewardship is essential to maintaining trust with donors, partners, and communities.

 

By retaining information responsibly and limiting unnecessary data storage, the organisation aims to balance operational needs with privacy and security considerations.

Rainforest from top.jpg
Restore the Legacy works to restore and protect tropical rainforest ecosystems together with local communities and partners.

Learn more about our work

bottom of page