Skip to main content

Records Management Process

1. Purpose & Commitment

At Digital Media Partner, we recognise the importance of effective records management in ensuring operational efficiency, legal compliance, and data security. Our records management process ensures that all business information—digital and physical—is accurately captured, stored, managed, and disposed of in a structured and compliant manner.

2. Scope

This process applies to all records, including:

  • Client & Project Records – Contracts, briefs, communications, and deliverables.
  • Marketing & Performance Data – SEO, PPC, social media, and analytics reports.
  • Internal Operational Documents – HR files, finance records, policies, and SOPs.
  • Creative & Content Assets – Campaign materials, design files, and media assets.

3. Records Lifecycle Management

A. Creation & Capture
  • All business-critical records must be accurately created and stored in designated systems. These include Microsoft Cloud storage for all records with Multi-Factor Authentication (MFA) measures company-wide. Project management data is secured on Monday.com CRM also with MFA and limited to approved users.
  • Client agreements, project scopes, and marketing reports must be documented and saved securely. We are fully digital in this respect with all files on the Microsoft cloud and Docusign dashboards with a full historic log of actions.
  • Naming conventions and metadata tagging should be applied for easy retrieval across our secure Microsoft Cloud.
B. Storage & Organisation
  • Records are stored in a centralised, structured manner in cloud-based systems (Microsoft Cloud with MFA) with version control and access restrictions.
  • Marketing and campaign data is logged in Google Digital services such as Search Console or Analytics, WhatConverts, or internal dashboards for easy analysis.
  • Sensitive information, such as client contracts and financial data, must be encrypted and access-controlled (As is the case in Docusign and Microsoft Cloud).
C. Access & Security
  • Records should be easily accessible to authorised personnel but protected against unauthorised access.
  • Role-based permissions in Microsoft Cloud, CRM, and project management platforms ensure confidentiality.
  • Regular security audits and GDPR compliance checks are conducted to prevent data breaches.
D. Retention & Disposal
  • A retention policy is established to define how long records are kept before archival or deletion.
  • Client contracts and financial records are retained for six years, in line with UK regulations.
  • Campaign performance data is archived for future reference.
  • Unnecessary or redundant records must be securely deleted or anonymised to maintain compliance and system efficiency.

4. Compliance & Governance

  • The records management process aligns with GDPR, UK data protection laws, and industry best practices.
  • Regular audits and reviews are conducted to ensure compliance with evolving regulations.
  • Staff receive training on data handling, security, and retention policies.

5. Continuous Improvement

  • The process is reviewed annually to adapt to new business needs, technologies, and legal requirements.
  • Feedback from employees is encouraged to optimise workflows and improve efficiency.