Schedule XXXI - Data Retention Policy

Dunn & Baker LLP is committed to complying with the law and regulations in all our business
activities, including applicable Data Protection Laws.

We are committed to using all appropriate technical and organisational measures to ensure the protection of both customer and employee personal data. 

This policy, and the associated policies, set out the expected behaviours of our employees, contractors and third parties in relation to the retention, storage and destruction of all data held within the business (including personal data). This policy should be read in conjunction with our Data Protection policy. 

Maintaining business data in a systematic and reliable manner is essential to comply with our legal and regulatory requirements. It also reduces the costs and risks associated with retaining unnecessary information.

A vital part of our Data Protection Policy and practice is that personal data is retained for the appropriate period of time, neither too long nor too short. It is paramount that the retention period allows us to meet our legal and regulatory requirements but that the rights of data subjects are also protected.

This policy has been developed to help employees properly manage personal data in a consistent manner. It sets out: 

  • How long personal data should be retained
  • How records should be disposed of

Unless otherwise stipulated, the policy refers to both hard copy and electronic documents. This document should be read in conjunction with our Data Protection Policy.

It is the responsibility of all employees to ensure that they have read the most up to date version of this policy. 

Our Approach

Information/records (hard copy and electronic) will be retained for at least the period specified in our Data Retention Guidelines (see Appendix 1).

Hard copy and electronically held records, documents and information must be deleted at the end of the retention period.

Each department should periodically review and determine whether they have records in their control which should be destroyed pursuant to this policy.

Suspending the destruction date

If a claim, audit, investigation, subpoena, or litigation has been asserted or filed by or against Dunn & Baker, or is reasonably foreseeable, we have an obligation to retain all relevant records, including those that otherwise would be scheduled for destruction under the records retention schedule.

How long should we keep our data?

Data should be kept for as long as it is needed to meet the terms of our agreement with our customers and any applicable legal requirements. Our Data Retention Guidelines have been agreed following an assessment of our data and the requirements of all our Regulators, together with our obligations under Data Protection Laws. 

Methods of Destruction

All data, whether hard copy or electronic should be destroyed in a secure manner, preserving the confidentiality of all personal data.

All hard copy data must be disposed of in the confidential waste bins which are located in every area of the business. Under no circumstances should confidential or personal data be put into normal waste bins. We will maintain records of the secure destruction of all waste which is put into the confidential waste.

Our IT department will ensure that all electronic data is securely destroyed in a way which cannot be restored. They will also be responsible for ensuring that any electronic equipment is securely wiped, and where appropriate securely disposed of, when it is no longer required by the business. 

Sharing of Information

Duplicate information should be destroyed. Where information has been regularly shared between business areas care should be taken to ensure that all copies of the data are destroyed in line with the Data Retention Guidelines. 


All employees will have their responsibilities under this policy outlined to them as part of their induction training. All employees will complete an annual refresher of this training. Dunn & Baker LLP will provide further training and guidance if there are any updates made to this policy and/or the associated policies and procedures.

Monitoring Compliance

This Policy may be amended from time to time to reflect any changes in legislation. Any queries should be directed to the Managing Partner, Simon Cutting.

This policy will be reviewed annually. 

Appendix 1: Data Retention Guidelines


Category Minimum retention period
Conveyancing (acting for Purchaser) 7 years
Conveyancing (acting for Vendor on sale of the whole of title) 7 years
Conveyancing (acting for Vendor who retains part of the title) 7 years
General Law / Civil Litigation / Personal Injury 7 years
Probate and Administration (where whole estate is wound up and distributed) 21 years
Matrimonial matters where no continuing obligation exists from determination of such obligations 6 years
Company formation or similar matters 6 years
Financial Services Act records 6 years, subject to the provisions of the Financial Services Act 1986
Wills (files) Indefinite
Court of Protection applications 6 years
Court of Protection - Deputy Management files 12 years
Other matters (at discretion) 6 years
Family 6 years unless identified as a do not destroy for x amount of years
Staff files 6 years after employment end
Applicants 3 years

Original documents that should be retained indefinitely or as indicated:

  • Unregistered property deeds
  • Mortgage deeds (including assignment of mortgage) / legal charge, where unregistered title
  • Abstract of title
  • Lease documents – store for at least its term
  • Power of attorney / Court of Protection Orders – store until 6 years after death
  • Tenancy agreement – retain for at least its term
  • Grave deeds
  • Share certificates / bonds
  • Will / codicil
  • Deed of gift/trust
  • Statutory declaration
  • Life assurance / mortgage of life / endowment polices
  • Mortgage of life policy
  • Guarantee certificate
  • Personal effects/valuables

To view the full Terms & Conditions in .pdf format Click here to download.

Expert legal advice you can rely on,
get in touch today:

Please let us know you are not a robot