ipfour
ServicesCybersecurityCloud Infrastructure and DevOpsMicrosoft 365 and ProductivityManaged IT SupportBackup and DRIT ConsultancyCommunications and VoIPNetwork InfrastructureEmail SecurityRemote and Hybrid WorkingCompliance and CertificationAI Services
CompanyWhy IP FourAbout UsCase StudiesSectorsContact
020 4525 3748Free Security Review
Compliance professional reviewing email retention policy documentation on a laptop in a UK office
Retention Policy Management

Keep email exactly as long as the law requires.

Keeping email too long creates GDPR risk. Deleting it too early creates regulatory risk. IP Four configures retention policies that keep every email for exactly the right period, automatically, with full audit trail.

Get a Policy Review020 4525 3748
Regulatory Mapping Included
Automated Deletion
Full Audit Trail
7 yrs
minimum retention required by many UK financial and legal regulators
6 yrs
HMRC minimum for business email records
100%
of retention policy changes logged with full audit trail
Capabilities

Retention policies that match your regulatory obligations.

From granular per-user policies to automated deletion with audit trail, every capability is designed to keep you compliant without manual intervention.

Granular Retention Period Configuration

Retention periods configured per user, department, mailbox, or organisation-wide. Different retention rules applied to different email categories. Regulatory minimums enforced automatically.

Per-User PoliciesDepartment RulesRegulatory Minimums

Regulatory Retention Mapping

Retention periods mapped to your specific regulatory obligations. FCA, SRA, NHS, GDPR, and sector-specific requirements translated into archive configuration. No guesswork on minimum periods.

FCA ComplianceSRA ComplianceGDPR Alignment

Automated End-of-Life Deletion

Emails automatically deleted at the end of their retention period with full audit trail. Deletion certificates generated for compliance documentation. Legal holds override automatic deletion.

Auto-DeletionDeletion CertificatesLegal Hold Override

Policy Audit and Reporting

Monthly reports showing retention policy compliance across all mailboxes. Exceptions and overrides documented. Policy change history maintained for regulatory inspection.

Monthly ReportsException TrackingChange History

Policy Review and Update Workflow

Annual retention policy reviews built into the service. Regulatory changes monitored and policies updated automatically. Change management process ensures no gaps during transitions.

Annual ReviewsRegulatory MonitoringChange Management

Legal Hold and Policy Interaction

Legal holds automatically suspend retention policies for affected mailboxes. Hold management interface shows which emails are protected and why. Holds released only by authorised personnel.

Hold ManagementPolicy SuspensionAuthorised Release
How It Works

From regulatory mapping to automated compliance.

01

Regulatory Obligation Mapping

We identify every regulatory body your organisation is subject to and map their specific email retention requirements. Conflicts between different regulatory minimums are resolved in favour of the longer period.

02

Policy Design

Retention policies designed for each user group, department, and email category. Policies documented in plain English alongside the regulatory basis for each retention period.

03

Archive Configuration

Policies configured in the archive platform. Automatic deletion schedules set. Legal hold procedures integrated. Policy documentation approved by your compliance team before activation.

04

Testing and Validation

Retention policies tested against sample mailboxes. Deletion schedules verified. Legal hold override confirmed. Audit trail completeness validated before full deployment.

05

Staff Communication

Retention policy summary communicated to relevant staff. IT and compliance teams briefed on legal hold procedures. Policy documentation added to your information governance framework.

06

Annual Review and Maintenance

Annual retention policy reviews included in the service. Regulatory changes monitored throughout the year. Policy updates deployed within agreed timescales when regulations change.

Real Results

How we have helped UK businesses stay compliant.

Law Firm SRA Compliance

A Preston solicitors practice needed to demonstrate to their professional indemnity insurer and the SRA that client email was retained for the required minimum periods and deleted appropriately thereafter.

Retention policies configured to SRA requirements. Monthly compliance reports generated automatically. Insurer and SRA requirements met. Renewal premium reduced following compliance demonstration.

Financial Services FCA Alignment

A Manchester IFA needed to align their email retention with FCA requirements following a regulatory review that identified gaps in their current retention approach.

FCA retention requirements mapped to archive configuration. Gaps in historical retention documented. Going-forward compliance achieved within 30 days. FCA review closed with no further action.

Multi-Sector Organisation Policy Rationalisation

A Leeds healthcare and social care provider operated across NHS and local authority contracts, each with different email retention requirements. Their single retention policy was not meeting either.

Separate retention policies configured per service line. NHS and local authority requirements both met. Unified compliance reporting produced monthly. No further regulatory concerns raised.

Ready to Start?

Get your retention policies right first time.

Our free retention policy review maps your regulatory obligations and identifies any gaps in your current approach. No cost, no obligation.

Book Your Free ReviewAll Email Archiving Services