"The General Data Protection Regulation (GDPR) came into force on the 25th of May 2018. Designed to augment existing Data Protection rules, the principles as set out in Article 5 show clear requirements that all personal data held by anyone must be stringently and transparently collected, stored, processed and preserved or removed, and will result in heavy fines for breaches and failure to comply."
"It is a real concern that the fear of incurring large fines may drive organisations to destroy business records that could be a rich source of genealogical information. It is easy to see how managers and Data Protection Officers may believe that destroying documents holding personal data removes any risk of mishandling. We have seen such a case on social media involving a local funeral director with 45 years worth of records. Worried that their small business doesn’t have the time, money or expertise for further processing, they arranged for the historic records to be shredded."
https://www.freeukgenealogy.org.uk/news/2018/05/22/gdpr