Article 5 Retention period of personal data by issuers

The issuers shall not retain any personal data on holders submitted by the crypto-asset service providers in accordance with Articles 1(2) and 3(2) of this Regulation for longer than necessary to comply with the reporting obligations laid down in Article 22(1) of Regulation (EU) 2023/1114. Such retention period shall not exceed 5 years from the date of obtaining the personal data by the issuers.