Most e-mails are business letters and are therefore subject to retention periods under commercial law (6 years) which compete with the deletion periods (e.g. if the purpose no longer applies) of data protection.
E-mails contain many different types of data in the form of e-mail texts and attachments.
Here are a few examples:
- Application documents = 6 months after the position has been awarded, they must be removed from the business letter without deleting the business letter as a whole
- Invoices = must be kept for 10 years in the original form of receipt.
- and many more such as contracts, order confirmations, etc., we have a list of over 400 retention periods for this purpose
- E-mails with personal data should be sent encrypted, this does not only mean the encrypted transport of the e-mail from the client to the server via TLS, but especially targets the content with personal data, for this it is advisable to use encrypted archives or to rely on PGP or similar.
- Article 9 Data, i.e. data of a special category, should not be sent via e-mail if possible. There are a number of other data transmission paths that are much more secure
- E-mails from foreign sources and with attachments should be distrusted
- there should be a spam and virus scan over all e-mails permanently automated
Integrity and backups:
- Emails should be signed within the company, especially important emails with payment instructions or far-reaching instructions should only be processed signed. E-mail senders can be faked, the so-called spoofing, so an e-mail may look legitimate, e.g. from the boss, but it is not.
- Backups of the email inventory should exist at the server level as a daily backup and the effectiveness of the backup should be checked regularly.
- E-mail clients should never be set so that they delete the retrieved e-mail on the server after retrieval and only store it locally, which would have the disadvantage that the e-mails would have to be backed up locally on a daily basis. Such a setting would be unexpected and regularly leads to dangers for the e-mail inventory, since no data is expected locally and thus the IT department or the service provider unintentionally overlooks it.