Telecom shops: destroying customer contracts
A telecom shop records a lot at every sale. A subscription contract with name and address, an identity document for SIM registration, a credit check for a device on instalments, payment data and sometimes a trade-in device full of customer data. Part falls under the tax retention obligation, part should be kept as briefly as possible and part is so sensitive that a factory reset does not suffice. This guide shows, by part, what you keep, when it may go and how to destroy it confidentially.
The quick answer. The contract and the invoicing fall under the seven-year tax retention obligation. An ID copy and the data from a credit check you keep as limited as possible. A trade-in device you wipe demonstrably or have destroyed. What may go disappears confidentially and with a certificate as proof.
What a telecom shop records
With a telecom subscription two kinds of data run together. On one side is the contract, with name, address, date of birth and often a bank account for the direct debit. On the other side is the identity verification for SIM registration and sometimes a credit check when a customer pays for a device in instalments. Both are needed at the moment of the sale, but not both for equally long.
So treat the data per type. A signed contract has a different status than a single copy of an identity document or a printout of a credit check. If you make that distinction, you keep exactly what you must and clear out the rest on time. The tax retention obligation sets the floor for the administration, the GDPR sets the ceiling for what you may not keep too long.
Retention periods by part
The period differs per type of data. The overview below gives the main line. Count the tax period from the end of the financial year and the other periods from the end of the contract or the sale.
| Part | Starting point | Period |
|---|---|---|
| Contract and invoicing | Tax retention obligation | 7 years |
| ID copy for SIM registration | As limited as possible | only what is needed |
| Credit check outcome | Purpose-bound, sensitive | as briefly as possible |
| Payment and direct-debit data | Until settlement and tax | purpose-bound + 7 years |
| Trade-in device with customer data | Wipe or destroy | before resale or disposal |
| Quotes and drafts | No retention obligation | clear out at once |
Use this as a guideline, not a substitute for your own arrangements with the provider. When in doubt, consult your privacy adviser. The full periods per document type are in the GDPR retention periods cheatsheet.
ID copies for SIM registration and credit checks
For a prepaid or subscription SIM you verify the customer's identity. That does not mean you have to keep a full copy of a passport or identity card. An ID copy contains a national ID number, a photo and more than you need, and is therefore a prime target for identity fraud. Record only what is genuinely needed and do not keep single copies longer than necessary. Whatever you did have on paper or as a scan you clear out confidentially.
The same applies to the outcome of a credit check for a device on instalments. That information says something about the customer's financial situation and is sensitive. Use it only for the decision about the subscription and do not keep printouts you no longer need. How to handle an ID copy you can read further in safely destroying passport and ID copies.
Trade-in devices: wiping is not destruction
More and more customers hand in their old phone or tablet when buying a new device. Such a trade-in device is full of personal data of the previous owner, from photos and messages to logged-in accounts and payment apps. A quick factory reset does not always wipe everything and can leave residual data behind on older devices. A device that is resold therefore needs a controlled, demonstrable wiping method, with a log of which device was wiped when.
If a traded-in device no longer works or is too old for resale, physical destruction belongs with it. A broken phone in the drawer is still a data carrier. So treat trade-in devices as carefully as paper contracts and collect them separately until they are wiped or destroyed. More on the choice between wiping and destroying you can read in destroying corporate smartphones and tablets and in mobile phones at end of lease.
Payment and direct-debit data
A subscription often runs via a direct debit, so you process bank account numbers and sometimes mandates on paper. That payment data falls under the seven-year tax administration, but it should not lie around on the shop floor or in an unattended bin. Keep it locked away and limit who can reach it. Once the tax period has passed and no dispute is in play, you clear it out confidentially instead of letting it stand forever.
How to handle it in 6 steps
- Split the data into contract, identity, credit check, payment and trade-in devices.
- Limit ID copies and credit checks to what you genuinely need.
- Keep contract and invoicing for the tax seven years.
- Wipe trade-in devices demonstrably or set them aside for destruction.
- Collect what may go in sealed containers, not in the paper bin.
- Have it destroyed confidentially with a certificate and record it in your register.
Destroy confidentially with a certificate
Customer contracts, ID copies and payment data are destroyed confidentially, because they contain identity, financial and sometimes special-category data. The paper and the data carriers travel sealed and stay that way until destruction, so the chain is closed. An old till computer, a backup drive or a stack of traded-in devices with customer data belongs with it too.
Afterwards you receive a certificate of destruction with the date, quantity and level. That certificate is your proof towards the GDPR that you acted carefully. Record the destruction in your record of processing. We collect within 20 km of Amsterdam with no call-out charge, work nationwide through pooled collection rounds and charge a fixed price per box or roll container. Drop-off on site is not possible; it works by appointment through collection.
Customer contracts to be destroyed?
Tell us what you have and you get a fixed price. We collect it sealed, destroy it at the right DIN level and you receive a certificate for your GDPR file. No call-out charge within 20 km of Amsterdam.
Request a quoteCommon mistakes
- Keeping ID copies by default. Record only what SIM registration truly requires.
- Leaving credit-check printouts lying around. After the decision the purpose lapses.
- Only resetting trade-in devices. A factory reset is not a demonstrable wipe or destruction.
- Keeping payment data in the open. Bank details belong locked away, not on the shop floor.
- Throwing away unshredded. A contract with a national ID number on the street is a reportable data breach.
Frequently asked questions
How long must a telecom shop keep subscription contracts?
The contract itself and the related invoicing fall under the seven-year tax retention obligation. Customer data you needed only for the sale you keep no longer than necessary for the settlement and any dispute.
May I keep an ID copy after SIM registration or a credit check?
Be restrained here. Record only what you genuinely need and do not keep a full copy longer than necessary. An ID copy contains a national ID number and photo and is a prime target for identity fraud.
Is wiping a device enough before it leaves the shop?
A factory reset does not always wipe everything and can leave residual data behind. A trade-in device that is resold needs a controlled, demonstrable wiping method. If a device no longer works, physical destruction with a certificate belongs with it.
How do I destroy customer data in line with the GDPR?
Confidentially and with a certificate of destruction. Paper contracts and data carriers travel sealed and the destruction is recorded in the record of processing.
Conclusion
A telecom shop works with identity, financial and sometimes special-category data of every customer, between the tax retention obligation and the GDPR. Keep contract and invoicing for seven years, be restrained with ID copies and credit checks and treat trade-in devices as fully fledged data carriers. What may go you have destroyed confidentially with a certificate as proof. That way you meet both frameworks and protect your customers' data.
Read also: wholesalers: destroying customer data, electronics stores: destroying customer data, supermarkets: destroying customer data and the webshop: destroying customer data and packing slips.
Have customer contracts collected? Request a quote via desnipperaar.nl. Within a few minutes you have a fixed price, including a certificate as proof.