Business smartphone destruction: cost, process and certificate
Business phones pile up the moment a device fleet is replaced or employees leave. Every handset holds email, contacts, photos, passwords and access to company systems. A factory reset feels final, but it is no guarantee that the data is really gone. This article is about the cost of having smartphones destroyed: what drives the price, how the collection service works, which level you need and what certificate by IMEI you end up holding.
Almost every organisation has a drawer or a box of retired phones. Sometimes a few, sometimes hundreds after a fleet refresh. They often sit there because nobody is quite sure how to dispose of them safely. That is a real risk, because a business phone is in effect a small hard drive with a SIM card attached. As long as the device exists, the data exists. This piece looks mainly at the commercial side: what it costs to destroy phones, how to request a sharp quote and what to watch so you have a fixed price in advance. We describe the general approach to smartphones separately in destroying corporate smartphones and tablets. Here it is all about cost and proof.
What does business smartphone destruction mean?
Having smartphones destroyed means the devices physically go through an industrial shredder, so the memory chip breaks into particles. What remains is a mix of glass, metal and plastic in which no chip is intact any more. This is physical data destruction, as opposed to logical destruction such as wiping or a reset. With phones the crucial part is the flash chip, because that is where all the data sits. A device that has been shredded is simply no longer a device. Nobody can read the data any more, not even with forensic equipment. The umbrella term for this is data destruction, of which physical shredding is the most definitive form. For business phones this is the only method that works regardless of the state of the device, so also for a phone with a cracked screen or one that no longer boots.
Why a factory reset or remote wipe is no guarantee
The most common question is why you cannot simply reset a phone. The short answer: a reset is a logical instruction to software that has to execute everything correctly, and with flash memory that often fails. Three technical reasons play a part here.
- Wear levelling. Flash memory spreads writes across all cells to even out wear. As a result data sits in places the wipe command does not always reach. Remnants stay behind in cells outside the operating system's view.
- Overprovisioning. Part of the memory is reserved and not visible to the user. A reset often does not touch that reserve area, while fragments can sit there.
- Encryption keys. Modern phones encrypt their storage. A reset usually wipes only the key, not the encrypted data itself. That is neat in theory, but it depends on a correct implementation. A flaw, an interrupted reset or an older device can still leave the data recoverable.
On top of that comes practice. A device that is lost, stolen or broken cannot be reset at all. With a lost phone, wiping business data remotely only helps if the device comes online and receives the command. If it does not, the data is still there. For business phones with access to email and systems a reset is therefore at most a first step, never the conclusion. The same principle applies to SSDs, and why wiping falls short there is explained in destroying SSDs, why wiping does not work.
The difference between phones and hard drives
A classic hard drive stores data on spinning magnetic platters. A smartphone uses flash memory, like an SSD, but in an even more compact format and firmly integrated into the device. That difference matters for destruction. A hard drive can be degaussed or coarsely shredded. A phone cannot, because degaussing has no effect on flash memory and the chip is so small that coarse grinding may be insufficient. The chip has to break apart finely enough, otherwise a fragment could in theory remain readable. On top of that the chip is soldered onto a circuit board together with other components, so individual dismantling is not an option for large numbers. That is why the whole device goes through the shredder. If you want to compare the cost side of drives, read having a hard drive shredded, where the same logic applies but with different levels.
Which level do you need for phones?
Data destruction has standardised levels under DIN 66399. For electronic media with memory chips, which smartphones fall under, the so-called E-classes apply. The higher the number, the smaller the particles and the higher the certainty. In practice people also speak of an H-5 fine shred for phones, because the same fine grinding reliably destroys the chip.
| Level | What it involves | Suitable for |
|---|---|---|
| E-3 | Chip in coarser particles | Low risk, ordinary business data |
| E-4 | Chip in small particles | Personal data, workable business minimum |
| E-5 | Chip in very small particles | Social security numbers, financial, medical and special data |
| H-5 (fine shred) | Device ground finely into small particles | Phones and SSDs, broad business choice |
For most business phones E-4 or an H-5 fine shred is the right level. If you work with special personal data, such as in healthcare or with financial records, choose E-5 so the chip breaks into the finest possible fraction. The memory chip of a phone is small, so it has to be ground more finely than a large hard drive to make every fragment unreadable. More on the levels and what they mean is in DIN 66399 explained. State with your request what data you work with, and we will advise the right level.
What determines the cost of destroying smartphones?
The question asked most is what it costs to destroy phones. The honest answer is that the price depends on a few factors. Once you know them, you can compare quotes properly and know in advance exactly where you stand. A reliable provider charges per item by serial number or IMEI, with a fixed price in advance.
- The number of devices. You pay per item, and the price per device falls at larger numbers, because collection and admin spread across more items.
- The level. A finer E-5 requires more than E-4, which can be slightly more expensive.
- Registration by IMEI. If you want every device listed individually by IMEI on the certificate, the admin is a little more involved than a count per batch.
- Combination with other data carriers. Phones together with laptops, SSDs or paper in one collection saves the call-out.
- The distance. Within 20 km of Amsterdam we charge no call-out fees.
What matters is that you fix the price in advance. That way you know exactly what you pay before anything happens, with no surprises afterwards. The make-up of data destruction costs resembles that of other carriers, which we explain in our piece on data destruction. The difference with phones lies mainly in the registration by IMEI, which takes a little extra work but makes your burden of proof much stronger.
A price indication with three scenarios
To give a sense of it, here are three typical situations. The exact price depends on your number and level, so always request a quote for a fixed price per item.
| Situation | Number of devices | What plays a part |
|---|---|---|
| A few devices | 1 to 10 phones | Small order, economical collected with paper or laptops |
| Fleet refresh | 25 to 100 phones | Lower price per item, one collection moment, registration by IMEI |
| MDM bulk return | 100 devices or more | Sharpest price per item, planning on site, conclusive IMEI list |
If you have only a few devices, it is often economical to have them taken along during a paper collection or together with other data carriers. That way you pay for the call-out only once. With a fleet refresh or a large return from a mobile device management system the price per device falls. The biggest saving lies in bundling: have all phones collected in one go rather than in separate rounds. Provide a device count and the level you want with the request, and a fixed price follows quickly.
How the collection service works
Having business smartphones destroyed need not be a hassle. The collection service works in a few clear steps, without you having to drop anything off yourself.
- You request a quote with the number of devices and the level you want.
- We schedule the collection at your location, at a time that suits you.
- The devices go in a sealed bin, under a registered handover.
- The phones are destroyed to the agreed level, with the memory chip breaking apart.
- You receive a certificate with the serial number or IMEI of every destroyed device.
The whole chain is closed, from your door to the shredder. No device leaves your sight without registration. That is exactly what an audit or a regulator will want to see later. You do not have to put the phones in the post or hand them to a random collector, because then you lose control over sensitive data.
The chain of handover: chain of custody
The key word with destroying phones is traceability. From the moment the devices leave your door to the moment of destruction, every device stays trackable. That is called the chain of custody. The devices go in a sealed bin, the handover is recorded and at destruction the serial numbers or IMEIs are ticked off against your own list. That way nothing can disappear or resurface along the way. For business phones that closed chain matters more than with paper, because a single device can give access to your entire email and systems. A closed chain plus a certificate by IMEI is the proof that exactly your devices were destroyed. More on how this chain works in practice is in our piece on data destruction.
The certificate with serial number and IMEI
The proof that everything went well is the data destruction certificate. It states the date, the level applied and the serial number or IMEI of every destroyed device. That IMEI number is the difference with an ordinary paper certificate, because it ties the proof to your specific phones. In an audit or an inspection you can then show precisely that this device was destroyed. The IMEI is to a phone what the serial number is to a hard drive: a unique fingerprint that identifies the device unmistakably. Keep the certificate with your GDPR records, so you can show it when needed. What belongs on such a certificate is in data destruction certificate explained.
Demonstrable destruction for the GDPR
The GDPR asks not only that you destroy business data and personal data, but also that you can demonstrate it. A phone lying in a drawer is not destruction, even if nobody uses it any more. Only once the device is irreversibly destroyed and you have a certificate for it do you meet the requirement of demonstrability. For organisations that handle customer or patient data this is no formality but a legal duty. If anything involving business data on a lost phone ever comes to light, the certificate shows that particular device had long since ceased to exist. So the burden of proof shifts in your favour. The difference between a feeling of safety and demonstrable safety is precisely the document with the IMEI numbers on it.
Having phones destroyed in Amsterdam and surroundings
We collect data carriers within a 20 km radius of Amsterdam, with no call-out fees. Whether you are in Amsterdam-Noord, Amstelveen, Zaandam, Diemen or Haarlem, we come to you. Short lines mean fast planning, which is handy with a fleet refresh on a tight deadline. You do not have to drop off the devices yourself or put them in the post, which is unwise with sensitive data anyway. The device stays under sealed handover until it is destroyed. For anyone outside the immediate region, collection is possible nationwide via pooled routes. Give your postcode with the request, and you will know straight away whether you fall within the service area with no call-out fees.
Common situations
Destroying business phones comes up at various moments. The most common situations are these.
- Device fleet replacement. In a refresh to new models, dozens or hundreds of old devices are left over.
- Departing employees. A handed-in phone from a former employee often still holds accounts and company email.
- Lost and recovered devices. A phone that went missing and resurfaces is better not trusted, so have it destroyed.
- End of a lease. Before lease devices go back, the business data must be demonstrably gone.
- Faulty devices. A phone with a broken screen or dead battery cannot be reset, but it can be destroyed.
In all these cases the same principle applies. As long as the device exists, the data is a risk. So have the phones gathered and collected and destroyed safely in one go, with a certificate as the conclusion.
What do you do before handover?
Before the devices are collected it is wise to detach them administratively. That avoids trouble with activation locks and subscriptions, and it keeps your own records correct.
- Remove the device from your MDM. Take the phone out of the mobile device management system, so it is no longer registered as an active company asset.
- Deregister accounts and activation locks. Sign the device out of the account tied to it, so no blocks remain after destruction.
- Remove the SIM card. Keep or destroy the SIM separately, because it also holds contacts and access details.
- Note the IMEI. Record the IMEI per device, so you can tick off at collection and the certificate matches your list.
These steps are no substitute for destruction, but a tidy preparation. The data only truly disappears at physical destruction, so never skip that step because you have already removed the device from the MDM.
Tablets and wearables belong here too
A smartphone is not the only portable data carrier in an organisation. Tablets hold the same flash storage with email and documents, and smartwatches and other wearables often link to accounts and contain health data or access details. All these devices belong in the same collection and on the same certificate. It would be odd to destroy the phones but forget the tablets with identical data. Wearables are small and easily end up at the back of a drawer, while they are still linked to company accounts. Make a short inventory of everything with a chip in it before the collection. That way you avoid leaving a tablet or watch somewhere with access to your systems.
Combining with other data carriers
Phones often go along with other retired hardware. In the same collection you can include laptops, SSDs and NVMe modules, USB sticks, memory cards, old backup tapes through to whole servers. All these carriers are registered per item and destroyed to the right level. The advantage of combining is twofold: you pay for the call-out only once and you get a single certificate listing all the volumes. That stops a forgotten USB stick or phone with business data on it from being left somewhere. If you have loose drives alongside phones, read how the cost side works there in having a hard drive shredded. Data destruction is only complete when every carrier has been taken, not just the obvious ones.
Environment and recycling after destruction
A common concern is whether destroying phones is responsible for the environment. It certainly is. After grinding, the material streams are separated and recovered. The metal, the glass and the precious metals from the circuit boards get a second life as raw material. Smartphones contain relatively many valuable materials, such as copper, cobalt and small amounts of gold, which go back into the chain this way. So secure data destruction goes hand in hand with circular processing. You do not have to choose between security and sustainability, because physical destruction delivers both. The data is unreadable and at the same time the material is not wasted. That is a more pleasant end picture than a cupboard full of old devices slowly ageing while nobody does anything with them.
On-site destruction or after collection?
Many organisations ask whether the phones are destroyed at their own location or only later at a secure processing site. Both models exist. With destruction on site a shredding truck comes to you and you watch it happen, which is a requirement for some sectors. With the usual collection service the devices go along under sealed and registered handover and are destroyed at a secure location, after which you receive the certificate with IMEI numbers. For most businesses that second model is sufficient, because the chain is closed and every device stays traceable until destruction. If you definitely want to be present, say so with the request, and we tailor the approach to that. The certainty lies not in where the shredder stands, but in the closed chain and the proof afterwards.
Common mistakes
- Relying on a factory reset. Wear levelling and encryption can leave data behind, so physical destruction is needed.
- Writing off lost devices without proof. Without destruction and a certificate the risk stays in your name.
- Keeping no IMEI list. Without a list you cannot check afterwards which device was destroyed.
- Forgetting tablets and wearables. They hold the same data as the phones and simply belong here.
- Not keeping the certificate. Without proof you can demonstrate nothing in an inspection or audit.
Step by step to safe destruction
- Gather the devices in a locked place and note the IMEI numbers.
- Detach from MDM and deregister accounts and activation locks.
- Decide the level, E-4 or H-5 for ordinary devices, E-5 for special data.
- Request a quote with the number of devices and the level you want.
- Schedule the collection at your location within the service area.
- Keep the certificate with your GDPR records.
An example from practice
Suppose an IT manager at a growing company replaces the entire device fleet and has eighty old phones left over, plus a box of tablets and a handful of smartwatches. A number of devices have screen damage and no longer boot, so a reset is not an option. The manager gathers everything in a locked cupboard, removes the devices from the MDM and notes the IMEI per item. He requests a quote for destruction at level E-4, with registration by IMEI. Within a working day there is a fixed price per item, with no call-out fees because the office is in Amsterdam. On the agreed day all the devices go along in a sealed bin. A few days later the certificate is in the inbox, with each IMEI number neatly listed and ticked off against his own list. The manager files it with the GDPR records. The cupboard is empty, the risk is gone and everything is demonstrably in order.
Have business smartphones destroyed?
Give the number of devices and the level you want. You get a fixed price per item in advance. We collect the phones, destroy them and you receive a data destruction certificate with all the serial numbers and IMEIs. No call-out fees within 20 km of Amsterdam.
Request a quoteFrequently asked questions
What does it cost to have business smartphones destroyed?
The price depends on the number of phones, the level you want and whether other data carriers or paper come along. You pay per item by serial number or IMEI, with a fixed price in advance and no call-out fees within 20 km of Amsterdam.
Is a factory reset or remote wipe enough to erase business data?
No, not with certainty. Wear levelling and the way flash memory works can leave data behind after a reset. A lost or faulty phone cannot be wiped at all. Physical destruction is the only guarantee.
Which level do I need for phones?
For smartphones the memory chip is what counts. Choose an E-class that destroys the chip finely enough, in practice E-4 or E-5, or an H-5 fine shred. That way every fragment of the flash memory breaks apart.
Do I get a certificate with the IMEI numbers?
Yes. You receive a data destruction certificate with the date, the level applied and the serial number or IMEI of every destroyed phone.
Is it better to destroy a lost and recovered device?
Yes. A device that has been missing is better not trusted, because you do not know what happened to it. Have it destroyed and keep the certificate as proof.
Can phones be collected together with laptops and paper?
Yes. Phones, laptops, data carriers and paper can be collected together, so you pay for the call-out only once and get a single certificate for all the volumes.
Conclusion
Having business smartphones destroyed is the only way to be sure your business data is really gone. A factory reset or remote wipe is no guarantee, because flash memory can leave remnants through wear levelling and encryption, and a lost or faulty device cannot be wiped at all. With physical destruction at the right E-level or an H-5 fine shred the memory chip breaks apart and recovery is impossible. You pay per item by serial number or IMEI, with a fixed price in advance and no call-out fees within the service area. The certificate with IMEI numbers makes it demonstrable afterwards that exactly your devices were destroyed. So you combine maximum security with conclusive proof and responsible recycling.
A price straight away? Request a quote via desnipperaar.nl or first read the general approach in destroying corporate smartphones and tablets. You get a fixed price per item in advance, with no obligation.