When should a cloud service provider delete customer data?

Oversubscribing storage space refers to the practice of allocating more resources than are physically available, which is a business strategy rather than a legitimate reason for data deletion. This choice does not consider customer agreements or data retention policies, making it an inappropriate justification for deleting customer data.

While inactivity might suggest that data is no longer needed, it does not automatically warrant deletion. Customer retention policies may specify longer retention periods regardless of access frequency, and important data might remain valuable despite infrequent access.

A scheduled data review may help assess data relevance and compliance; however, it does not dictate an automatic deletion timeline. Decisions about data retention should be based on the specified retention period rather than just the occurrence of a review, as this could lead to premature deletion.