Skip to main content

Schedule III: Classes of Data Fiduciaries, Purposes, and Time Periods

Schedule III provides a structured framework that links three key aspects of data processing:

  1. Which class of Data Fiduciaries is involved.
  2. What purpose they may process personal data for.
  3. How long the data may be retained before it must be deleted or anonymised.

This schedule is important because it prevents organizations from storing personal data indefinitely. It enforces the principle that data should only be retained as long as it serves a lawful purpose.

What the Schedule Covers

Classes of Data Fiduciaries

Data Fiduciaries are grouped by type of industry or activity (e.g., banking, insurance, e-commerce, healthcare, social media).

Specified Purposes

The purposes are clearly defined, such as processing for account opening, delivery of goods, claim settlement, payroll management, or regulatory reporting.

Time Periods

For each purpose, a maximum retention period is prescribed. Once that period ends, the personal data must either be deleted or anonymised, unless retention is legally mandated.

Critical Point

Schedule III makes it clear: no indefinite retention of personal data is allowed. Once the lawful purpose ends, the data must be deleted or irreversibly anonymised.

Example Scenarios Across Industries

Banking

A bank may collect customer identity documents (PAN, Aadhaar, passport) for account opening and KYC verification. These documents may only be retained for the time prescribed under financial regulations (e.g., 10 years after account closure). After that period, the bank must either delete or anonymise the data.

Insurance

An insurance company may process medical reports for claim settlement. Once the claim is settled and the legally required retention period is over, the reports must be erased. Keeping them forever for “future reference” is not permitted.

E-Commerce

An online retailer may store delivery addresses and order history to fulfil purchases and handle returns. After the return period expires and there is no active customer relationship, these details must be purged, unless the customer explicitly chooses to save them.

Pharmaceuticals

A drug manufacturer conducting a clinical trial may retain health data of participants for the duration of the trial and reporting obligations. After that, the data must be anonymised so that no participant can be individually identified.

Social Media

A platform may collect photos, messages, and profile information for account operation. If a user deletes the account, the platform must remove all linked data after the retention window for grievance or legal requirements ends.

Importance of Schedule III

Without strict retention limits, organizations tend to hoard personal data indefinitely. This increases the risk of massive breaches and misuse.

Schedule III enforces discipline and proportionality: data should serve a purpose, and once that purpose ends, the data should no longer exist in identifiable form.

It also gives individuals predictability — for example, if you close your bank account or insurance policy, you know how long your information will be retained before it is erased.