Which principle ensures that personal data is stored only as long as necessary?

The principle that ensures personal data is stored only as long as necessary is known as storage limitation. This principle is fundamental in data protection regulations and guidelines, such as the General Data Protection Regulation (GDPR), which emphasizes that personal data should not be retained for longer than is necessary to fulfill the purposes for which the data was collected.

Under this principle, organizations must regularly review the data they hold and implement policies to delete or anonymize data that is no longer needed for its original purpose. This not only protects individuals' privacy but also mitigates the risks associated with storing excessive or outdated data, such as data breaches or misuse.

Other principles like purpose limitation refer to the requirement that data should only be collected for specified, legitimate purposes and not processed in a manner incompatible with those purposes. Data minimization focuses on ensuring that only the necessary amount of data is collected to fulfill the intended purpose. Accuracy requires that personal data must be kept up-to-date and accurate, but it does not directly address the duration of data retention. Thus, storage limitation is the specific principle that directly relates to the timeframe of data storage.