[Metus]

No. On the contrary, GDPR explicitly allows data to be stored if retention is required for law, such as all financial data for 10+ years. However, there is absolutely no need to hold all this data "hot" in the production system and not in a "cold" archive without automated connection.

[cccbbbaaa]

And GDPR forbids holding the data for longer than necessary, except in some very restricted cases (cf. art. 5(1)e.)

[moooo99]

Thats the whole point of the initial comment. It is necessary to store some potential PII for long periods of time due to regulations from the same people that want you to get rid of all PII.