Know About Retention Policies in Office 365

Aftab Alam
Aftab Alam linkedin | Updated On - November 03, 2022 |

Read time 5 minutes

The Microsoft 365 business and enterprise plans give the business organizations great storage and security facility to save large-sized email mailboxes. Further, you can also export Office 365 mailboxes to PST or other formats to securely backup all essential information. When the data grows, then the organizations cannot delete the emails abruptly, but they require to backup Office 365 emails to follow some industry compliances. Here are some reasons that enforce the businesses to retain their emails for longer periods-

  • To follow compliances, regulations, and business policies.
  • To minimize the risk related to the old data and its maintenance. Also, for deleting the older and unrequired data.
  • To assist the organization’s employees in allowing them to work on the latest content which is entirely relevant to their job.

If you go by the name ‘retention,’ then you may think that it is about saving the data. An organization has such data which is quite old, and that is not needed. That’s why the Office 365 retention policies have to deal with two aspects –

1. Retention

It maintains the data securely so that it is not deleted before the retention period. You cannot delete it permanently. When a file or folder has a retention policy applied to it, it does not change the structure. The user can find its copy at the respective place.

  • The SharePoint and OneDrive data are saved at the Preservation Hold library.
  • The Exchange mailbox data is present in the Recoverable Items folder.
  • The Teams and Yammer data are saved in the subfolder of Exchange’s Recoverable Items folder with the name of SubstrateHolds.

2. Deletion

This refers to the deletion of the data after the retention period. Retention policy helps you in the following ways –

  • You can easily decide which data can be saved or deleted.
  • You can apply a single policy on a single type of data or the whole organization
  • You can apply policy on some selective data based on certain keywords or type.

How to apply a retention policy?

Here is the brief procedure of creating a retention policy using Office 365 Administrator credentials –

  1. Click Admin button in the menu.
    Admin button in the menu
  2. Under Reports category, click Security & Compliance option.
    click on Security & Compliance
  3. Click Exchange admin center option.
    Click on Exchange admin center
  4. Go to compliance management, then select retention policies and click () option.
    Go to compliance management
  5. Provide a name to the policy and click () option to add desired tags.
    Provide a name to the policy
  6. Here you can select more than one retention tags using the Add button, and then click OK.
    you can select
  7. Click Save button.
    Click Save button
  8. A new retention policy is created.
    new retention policy

How does retention policy affect the data?

The retention policy does not affect the data at all. Actually, when you put a data’s location in the retention policy, the data remains at its location. The user will be able to work on the data easily, and there will be no visible changes in either data or its attributes. But when the user deletes the data either knowingly or unknowingly, a copy of the data will be saved immediately.

For sites, the copy of the deleted data is kept in Preservation hold library, and for messages and public folder, the copy of the deleted data is saved in Recoverable items folder. Both the locations are completely secure, and most of the users are unaware of these locations.

NOTE: If you have applied retention policy for Office 365 Groups, then it will include both mailboxes and sites.


Till now, you have read about what is retention policy, how does it work, and how it is created. You also got to know that retention policy works for a specific time period and after that it does not save the copy of the data. If you are using Office 365 services and your retention policy is expired, then the deleted data will not come back. There is a manual procedure to migrate the emails from Office 365 to Outlook, but to increase the security of data and make it ever lasting, you can use a professional Office 365 backup too which can save the data at a secure location. Kernel Export Office 365 to PST is an easy-to-use software which accesses the complete office 365 mailbox and saves the entire data to a safe PST file. You can even select only the important data and leave the rest. For each mailbox, the software creates a separate PST file.