Skip to main content
free delivery on orders over £20 | sign up & receive 30% off

Data Retention Policy

  1. Purpose

    1.  The purpose of this policy is to detail the procedures for the retention and disposal of information (including personal data) by of that Evolving Group Limited, a company incorporated in England & Wales and having company number 14295634 and its registered office at Thames House, Roman Square, Sittingbourne, England, ME10 4BJ (referred to as “we”, “us”, “our”, “Evolving Group” throughout this document retention and disposal policy (Policy)).

    2.  Evolving Group’s aim is to ensure that data is not kept for longer than required for the purpose for which it was collected. We acknowledge that retention periods we use need to be reasonable and the purpose of this Policy is to set retention periods and/or criteria for determining how long data is held and stored. We will take all reasonable steps to securely destroy or erase all personal data from our systems that we no longer require in accordance with this Policy

    3.  There are legal and regulatory requirements for us to retain certain data, usually for a specified amount of time. We also retain data to help our business operate and to have information available when we need it. However, we do not need to retain all data indefinitely, and retaining data can expose us to risk as well as be a cost to our business. As a growing international business, this Policy will be kept under review and we envisage that it will be changed and developed from time to time as the business matures. This Policy does not form part of any employee's contract of employment or staff member’s independent contractors’ agreement. We will update you when changes are made, and a copy of the revised Policy will be made available to you on the HR system - so please check there for the latest information.

    4.  This Policy should be read in conjunction with our Data Protection Policy and definitions used in our Data Protection Policy will apply to this Policy. We appreciate that this is an area where you may have questions from time to time about whether documents or certain categories of documents need to be retained and please do not hesitate to ask for help by contacting info@vital-drinks.co.uk.

    5.  Failure to comply with this Policy can expose us to fines and penalties, adverse publicity, difficulties in providing evidence when we need it and in running our business.

  2. Guiding Principles 

    1.  Through this Policy, and our data retention practices, we aim to meet the following commitments:

      • We comply with legal and regulatory requirements to retain data.

      • We comply with our data protection obligations, in particular to keep personal data no longer than is necessary for the purposes for which it is processed (storage limitation principle).

      • We handle, store and dispose of data responsibly and securely.

      • We create and retain data where we need this to operate our business effectively, but we do not create or retain data without good business reason.

      • We allocate appropriate resources, roles and responsibilities to data retention.

      • We regularly remind employees and staff members of their data retention responsibilities.

      • We regularly monitor and audit compliance with this policy and update this policy when required.

  3. Responsibilities

    1. The Evolving Group board are responsible for overseeing the implementation of this Policy.

  4. Types of data and data classifications

    1. Formal or official records.  Certain data is more important to us and is therefore listed in the Record Retention Schedule. This may be because we have a legal requirement to retain it, or because we may need it as evidence of our transactions, or because it is important to the running of our business. Please see paragraph 5.1 below for more information on retention periods for this type of data.


    2. Disposable information.  Disposable information consists of data that may be discarded or deleted at the discretion of the user once it has served its temporary useful purpose and/or data that may be safely destroyed because it is not a formal or official record as defined by this policy and the Record Retention Schedule. Examples may include:

      • Duplicates of originals that have not been annotated.

      • Preliminary drafts of letters, memoranda, reports, worksheets, and informal notes that do not represent significant steps or decisions in the preparation of an official record.

      • Books, periodicals, manuals, training binders, and other printed materials obtained from sources outside of Evolving Group and retained primarily for reference purposes.

      • Spam and junk mail.

      Please see paragraph 5.2 below for more information on how to determine retention periods for this type of data.



    3. Personal data. Both formal or official records and disposable information may contain personal data; that is, data that identifies living individuals. GDPR require us to retain personal data for no longer than is necessary for the purposes for which it is processed (principle of storage limitation). See paragraph 5.3 below for more information on this.

    4. Confidential information belonging to others. Any confidential information that an employee or staff member may have obtained from a source outside of Evolving Group, such as a previous employer, must not, so long as such information remains confidential, be disclosed to or used by us. Unsolicited confidential information submitted to us should be refused, returned to the sender where possible, and deleted, if received via the internet.

  5. Retention Periods

    1. Formal or official records.  Any data that is part of any of the categories listed in the Record Retention Schedule contained in the Annex to this Policy, must be retained for the amount of time indicated in the Record Retention Schedule. A record must not be retained beyond the period indicated in the Record Retention Schedule, unless a valid business reason (or notice to preserve documents for contemplated litigation or other special situation) calls for its continued retention. If you are unsure whether to retain a certain record, contact info@vital-drinks.co.uk.

    2. Disposable information. The Record Retention Schedule will not set out retention periods for disposable information. This type of data should only be retained as long as it is needed for business purposes. Once it is no longer has any business purpose or value it should be securely disposed of.

    3. Personal data. As explained above, Data Protection Laws require us to retain personal data for no longer than is necessary for the purposes for which it is processed (principle of storage limitation). Where data is listed in the Record Retention Schedule, we have taken into account the principle of storage limitation and balanced this against our requirements to retain the data. Where data is disposable information, you must consider the principle of storage limitation when deciding whether to retain this data.

    4. What to do if data is not listed in the Record Retention Schedule. If data is not listed in the Record Retention Schedule, it is likely that it should be classed as disposable information. However, if you consider that there is an omission in the Record Retention Schedule, or if you are unsure, please contact info@vital-drinks.co.uk.

  6. Storage backup and disposal of data

    1. Storage: our records must be stored in a safe, secure, and accessible manner. Any documents and financial files that are essential to our business operations during an emergency should be duplicated and/or backed up in accordance with our Information Security Policy (as amended from time to time).

    2. Duplicate Records: Duplicates and local copies of HR documents containing personal data such as, (but not limited to) performance appraisals, contracts, email correspondence with you about your role, should only be kept for so long as is strictly necessary (after having ensured that HR maintains a master copy in the system) and in any event not beyond the designated retention period set out in the Record Retention Schedule. HR will be responsible for secure retention and disposal of HR Records.

    3. Destruction: confidential, financial, and HR related records should be destroyed by shredding. Non-confidential records may be destroyed by recycling. The destruction of electronic records or electronic equipment containing information must be coordinated with the IT Department.

    4. The destruction of records must stop immediately upon notification from Legal that a litigation hold is to begin because Evolving Group may be involved in a lawsuit or an official investigation. Destruction may begin again once Legal lifts the relevant litigation hold.

  7. Mandatory compliance with this policy

    1. We must all comply with this policy and the Records Retention Schedule. Failure to do so could subject us to serious civil and/or criminal liability (depending on the circumstances) so we all need to take our obligations seriously. If you fail to comply with this Policy it may result in disciplinary action or termination of employment.

    2. Reporting Policy Violations: we are committed to enforcing this Policy as it applies to all forms of records. The effectiveness of our efforts depends largely on you assisting us with implementing this policy. Please let management know about any possible violation of this Policy so that we can investigate and (where necessary) take appropriate corrective action.

    3. Responsibility for Monitoring: the Evolving Group board are responsible for identifying the documents that we must or should retain, and determining the proper period of retention.

  8. Internal Review and Policy Audits

    1. Evolving Group legal advisors will review this policy periodically.

    2. Any questions about this policy should be referred to info@vital-drinks.co.uk.

APPENDIX

Record Retention Schedule
Occasionally Evolving Group establishes retention or destruction schedules or procedures for specific categories of records. This is done to ensure legal compliance, compliance with the Data Protection Laws and accomplish other objectives - such as protecting intellectual property and controlling costs. You should give special consideration to the categories of documents listed in the record retention schedule below. Avoid retaining a record if there is no business reason for doing so and consult with Evolving Group’s legal advisors if unsure.

RECORD RETENTION PERIOD Owner/Department Comments

HR Records

Staff applications and interview records of unsuccessful candidates (electronic and paper)

2 years from notification that application unsuccessful unless agreement to hold details on file.

HR

Staff records including right to work checks; working time; holiday; performance and discipline; payroll; maternity; (electronic and paper)

 

5 years from termination of employment

 

HR

Decided to adopt a 5 year retention period for all HR records to ensure that review and deletion process is workable in practice

Email Management

 

Regular quarterly reminders will be sent by IT to encourage employees or staff members to reduce inbox size and delete disposable information not required to be kept under record retention requirements 

Email box to be reviewed according to HR/IT guidelines (issued from time to time) during notice period and prior to termination of employment.

 

 

Some periods may be extended based on Evolving Group's legitimate interest e.g. to make-/defend against claims

 

Email management and retention is under review and guidelines will be issued from time to time.

Health and Safety

 

 

 

Accident Records, Reportable accidents, death or injury in connection with work; Risk assessment reports, health and safety correspondence and training records

 

10 years from date report was made

 

 

Fire Safety Certificates

 

Permanent

 

 

Corporate Records

 

 

 

Articles of Incorporation, Bylaws, Corporate Seal

 

Permanent

 

Finance

 

Annual corporate filings and reports to government departments or regulators

 Permanent

 Finance

 

 

Core policies, resolutions, meeting minutes, and committee meeting minutes

  Permanent

 Finance

 

 

Contracts

 

10 years from date contract is terminated or expires

 

Finance

 

 

Construction documents

 

Permanent

 

Finance

 

 

Emails (business related)

 

3 years

 

Finance

 

 

Fixed Asset Records

 

Permanent

 

Finance

 

 

Accounting and Finance

 

 

 

 

 General ledger produced for preparing certified financial statements

 

10 years

 

Finance

 

 

Creditor ledger

 

10 years

 

 

 

Other ledger and reported audit trails

 10 years

 

 

 

Annual audit reports and financial statements

 10 years

 

 

 

Annual plans and budgets

 10 years

 

 

 

Bank statements and reconciliations (including electronic banking)

 10 years

 

 

 

Paid presented cheques and records of all cheques drawn for payment

 10 years

 

 

 

Cheque records/books received, butts, cancelled etc

 10 years

 

 

 

Business expense records

 10 years

 

 

 

Journal entries

 10 years

 

 

 

Debtors records and invoices

 10 years

 

 

 

Credit notes and refunds

 10 years

 

 

 

Bad debts/overpayments

 10 years

 

 

 

Petty cash vouchers

 10 years

 

 

 

Tax Records

 

 

 

 

Filings of fees paid to professionals

 

10 years

 

 

 

Employee or staff member pay histories

 

10 years

 

 

 

Tax returns

 

10 years

 

 

 

Legal and Insurance Records

 

 

 

 

Appraisals

 

Permanent

 

Legal/Finance

 

 

Copyright registrations

 Permanent

 

 

 

Environmental studies

 Permanent

 

 

 

Insurance claims/ applications

 Permanent

 

 

 

Insurance disbursements and denials

 Permanent

 

 

 

Insurance contracts and policies (Directors and Officers, General Liability, Property, Employers Liability and Workers Compensation)

 

Permanent

 

 

 

Leases

 

10 years after expiration

 

 

 

Patents, patent applications, supporting documents

 Permanent

 

 

 

Real estate documents (including loan and mortgage contracts, deeds)

 Permanent

 

 

 

Trademark registrations, evidence of use documents

 Permanent

 

 

 

Warranties

 

Duration of warranty + 10 years

 

 

 

Legal Correspondence

 

10 years

 

 

 

Customer /Prospective Customer Records

 

 

 

 

Business contact information of customer

 

Duration of Contract whilst customer plus 6 months or longer if there is an ongoing dispute with the customer

 

Business unit /sales and marketing

 

Data to be retained after termination of the customer’s contract on the basis that there may be issues that need to be resolved post-termination, such as recovering fees, dealing with complaints etc.   Data may be retained for longer if there is an ongoing dispute with the customer.

 

Contact Information of prospective customers

 

2 years

 

Business unit/sales and marketing

 

2 years is a reasonable sales cycle timeframe provided that (a) you are using company emails only e.g. sales@company.com (although name@company.com is acceptable in the UK); and (b) an opt-out is enabled and the individual has not objected.

 

Customer login data

 

Permanent whilst current customer 6 months after termination

 

 

Data to be retained after termination of the customer’s contract on the basis that there may be issues that need to be resolved post-termination.

 Customer data submitted to request materials from website

 

1 year

 

 

Data may be used for direct marketing purposes subject to customer opt-out.

 

Data submitted through “contact us” page on our websites

 

1 year

 

 

Data may be used for direct marketing purposes subject to customer opt-out.

 

Website usage/analysis data

 

2 years or the period specified by the relevant third-party cookie provider.

 

 

For third party cookies data is retained in accordance with the cookie provider’s own data retention policy.

 

Data supplied by third party merchants

 

 

 

 

Financial Data received from customers use of products/services

 

Until they cease use of products/services and for as long as relevant for product improvement purpose

 

 

 

Marketing preferences

 

Indefinitely as long as someone has not opted out of marketing communications

 

Business unit, Sales and marketing

 

Marketing preferences need to be stored indefinitely to ensure that Evolving Group does not contact individuals who have asked to unsubscribe from marketing communications

 

Marketing suppression lists

 

Indefinitely

 

Business unit, Sales and marketing

 

To ensure Legal compliance and to not break any laws with regard to contacting people who have opted out of communications.  These can be updated by individuals at any time

 

Transaction data

 

Duration of contract + 10 years

 

Business unit, Finance

 

Necessary in case there is a legal claim relating to a transaction.

 

Customer contracts

 

Duration of contract + 10 years

 

Business unit, Finance

 

Necessary in case there is a legal claim relating to a customer’s contract.

 

Financial data (bank account details, payment card details)

 

 

 

 

Third Party Supplier Records

 

 

 

 

Business contact information of suppliers

 

Duration of contract + 6 months or longer if there is an ongoing dispute with the supplier.

 

Business unit, Sales and marketing

 

Data to be retained after termination of the supplier’s contract on the basis that there may be issues that need to be resolved post-termination, such as paying fees, resolving complaints etc.  Data may be retained for longer if there is an ongoing dispute with the supplier.  

 

Transaction data (showing purchases made from supplier)

 

Duration of contract + 6 years

 

Business unit, Sales and marketing

 

Necessary in case there is a legal claim relating to a transaction.

 

Supplier contracts

 

Duration of contract + 6 years

 

Business unit, Sales and marketing

 

Necessary in case there is a legal claim relating to a supplier’s contract.