Data Retention Schedule
How long we keep different categories of personal data, and on what basis.
Version 1.0 · 5 May 2026 · Adopted 19 May 2026
1. Purpose
Under Article 5(1)(e) GDPR, personal data must be ‘kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed’. This is the principle of storage limitation. This Retention Schedule sets out, for each main category of personal data Tenpin Ireland processes, the purpose, the legal basis, and the standard retention period. It replaces the table at the end of the May 2018 Privacy Policy.
2. How to read this schedule
- ‘Retention period’ means the period during which we hold personal data in identifiable form. After the period ends, we delete the data, anonymise it, or reduce identifiers to the minimum needed for any continuing purpose.
- ‘Last active season’ means the last bowling season in which the member competed, paid a renewal, or was otherwise an active member of Tenpin Ireland.
- ‘Reviewed every X years’ means the DPO checks whether continued retention is still justified. If it is, the period restarts; if not, the data is reduced or deleted.
3. Adult members and other adult data subjects
| Category | Purpose | Legal basis | Retention |
|---|---|---|---|
| Adult member registration and contact data | Membership administration | Contract; legitimate interests | While a member; deleted 3 years after last active season |
| Adult competition entries | Event administration | Contract | 1 year after the event |
| Adult competition results, rankings | Historical record of the sport | Legitimate interests | Retained as a sport record; full identifiers reviewed every 5 years |
| Adult coaching and officiating qualifications | Sport administration; safeguarding | Legal obligation; legitimate interests | 5 years after the qualification expires |
| Vetting data (adults working with children) | Safeguarding | Legal obligation | 5 years after the vetting application or as required by legislation |
| Health and special category data voluntarily disclosed by adults | Reasonable accommodation; safety | Explicit consent (Article 9(2)(a)) | 1 year on receipt of a new annual membership form, or until no longer necessary |
| Adult marketing communications data and preferences | Newsletters | Consent | Until the individual withdraws consent |
| Adult disciplinary and complaints records | Sport administration | Legitimate interests; legal obligation | 7 years from the conclusion of the matter |
| Adult financial records (memberships, entries) | Accounting and audit | Legal obligation | 6 years (as required by Revenue and the Companies Acts) |
4. Junior members (under 18)
Children’s data is given specific protection under the GDPR and the Data Protection Act 2018. The previous Privacy Policy retained competition results indefinitely; we are not continuing that practice for juniors. The schedule below replaces it. See also the Children’s Data Policy for additional context.
| Category | Purpose | Legal basis | Retention |
|---|---|---|---|
| Junior member registration and contact data | Membership administration | Contract; legitimate interests applied conservatively | While a junior member; deleted 1 year after last active junior season unless they transition to senior membership |
| Parental contact data for junior members | Communication; consent management | Contract; legitimate interests | While the child is a junior member |
| Junior competition entries | Event administration | Contract | 1 year after the event |
| Junior competition results in identifiable form (online) | Reporting current and recent performance | Legitimate interests applied conservatively | Current and previous season; thereafter removed from public publication |
| Junior competition results retained for the historical record (internal) | Historical record of junior bowling | Legitimate interests | Personal identifiers reduced (first name and last initial) or anonymised after the public publication period; reviewed at age 18 |
| Photographs and video of identifiable juniors | Promoting the sport; event records | Specific parental consent | Removed from public channels at end of season in which the junior turns 18 unless fresh adult consent is given; otherwise on request |
| Health and special category data of juniors | Safety; reasonable accommodation | Explicit parental consent (Article 9(2)(a)) | 1 year on receipt of a new annual membership form, or until no longer necessary |
| Safeguarding and child protection records | Safeguarding obligations | Legal obligation | Retained as required by law and Sport Ireland safeguarding guidance |
| Junior disciplinary and complaints records | Sport administration | Legitimate interests; legal obligation | 7 years from the conclusion of the matter; sensitive content reviewed at age 18 |
5. Operational and governance data
| Category | Purpose | Legal basis | Retention |
|---|---|---|---|
| Officer and volunteer contact data | Governance; administration | Legitimate interests; contract | While in role; deleted 1 year after leaving role |
| Board meeting minutes and decisions | Governance | Legal obligation; legitimate interests | Retained indefinitely as a corporate record (with personal data minimised) |
| Email correspondence held by officers and volunteers | Operational | Legitimate interests | Reviewed annually; routinely deleted after 2 years unless required for a specific purpose |
| IT logs | Security; troubleshooting | Legitimate interests | 12 months unless required for breach investigation |
| CCTV (if any at owned premises) | Security | Legitimate interests | 30 days unless required for an incident |
6. Backups and archives
Personal data may persist in routine backups for a short period after deletion from the primary system. Backups are retained for no longer than is necessary for resilience purposes (typically up to 90 days), are protected by appropriate security measures, and are not used as a substitute for live records. Where a deletion request is honoured on the live system, the backup will not be restored without re-applying the deletion.
7. Anonymisation as an alternative to deletion
Where there is a legitimate ongoing purpose (for example, the historical record of the sport) but personal identification is no longer needed, we anonymise rather than retain. Anonymised data is no longer personal data, but only if individuals cannot be re-identified directly or indirectly. The DPO assesses whether reduction (e.g. to first name and last initial) is sufficient or whether full anonymisation is required.
8. Roles
- Owners: each system or category of records has a named owner (a Tenpin Ireland officer) who is accountable for applying the schedule.
- DPO: monitors compliance with the schedule and advises on edge cases.
- Board: approves the schedule and reviews it annually.
9. Review
This schedule is reviewed at least annually by the DPO and the Board, and whenever there is a material change to law, DPC guidance, or Tenpin Ireland’s processing.
10. Adoption
This Data Retention Schedule was adopted by the Executive Board of Tenpin Ireland on 19 May 2026.