Personal data should not be stored longer than necessary for the purposes pursued.
- Personal data shall be: (...) (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’).
- Member States (through the designated authorities) should enforce compliance with the applicable data protection principles, in particular by engaging with search engine providers to carry out the following actions: – ensure that the collection of personal data by search engine providers is minimised. No user’s IP address should be stored when it is not necessary for the pursuit of a legitimate purpose and when the same results can be achieved by sampling or surveying, or by anonymising personal data. Innovative approaches promoting anonymous searches should also be encouraged; – ensure that retention periods are not longer than strictly necessary for the legitimate and specified purposes of the processing. Search engine providers should be in a position to justify with demonstrable reasons the collection and the retention of personal data. Information in this connection should be made publicly available and easily accessible; – ensure that search engine providers apply the most appropriate security measures to protect personal data against unlawful access by third parties and that appropriate data breach notification schemes are in place. Measures should include “end-to-end” encryption of the communication between the user and the search engine provider; – ensure that individuals are informed with regard to the processing of their personal data and the exercise of their rights, in an intelligible form, using clear and plain language, adapted to the data subject. Search engines should clearly inform users up front of all intended uses of their data (emphasising that the initial purpose of such processing is to better respond to their search requests) and respect the user’s right with regar to their personal data. They should inform individuals if their personal data has been compromised.