diff --git a/manifests/profile/base/logging/logrotate.pp b/manifests/profile/base/logging/logrotate.pp
index 45f2a77df..3da97117d 100644
--- a/manifests/profile/base/logging/logrotate.pp
+++ b/manifests/profile/base/logging/logrotate.pp
@@ -50,6 +50,29 @@
 #  [*user*]
 #    (optional) Defaults to 'root'. Configures cron job for logrotate.
 #
+#  [*maxsize*]
+#    (optional) Defaults to '10M'.
+#    Configures the logrotate maxsize parameter.
+#
+#  [*rotation*]
+#    (optional) Defaults to 'daily'.
+#    Configures the logrotate rotation interval.
+#
+#  [*rotate*]
+#    (optional) Defaults to 14.
+#    Configures the logrotate rotate parameter.
+#
+#  [*purge_after_days*]
+#    (optional) Defaults to 14.
+#    Configures forced purge period for rotated logs.
+#    Overrides the rotation and rotate settings.
+#
+# DEPRECATED PARAMETERS
+#
+#  [*size*]
+#    DEPRECATED: (optional) Defaults to '10M'.
+#    Configures the logrotate size parameter.
+#
 #  [*delaycompress*]
 #    (optional) Defaults to True.
 #    Configures the logrotate delaycompress parameter.
@@ -58,14 +81,6 @@
 #    (optional) Defaults to True.
 #    Configures the logrotate compress parameter.
 #
-#  [*size*]
-#    (optional) Defaults to '10M'.
-#    Configures the logrotate size parameter.
-#
-#  [*rotate*]
-#    (optional) Defaults to 14.
-#    Configures the logrotate rotate parameter.
-#
 class tripleo::profile::base::logging::logrotate (
   $step             = Integer(hiera('step')),
   $ensure           = present,
@@ -76,13 +91,25 @@ class tripleo::profile::base::logging::logrotate (
   $weekday          = '*',
   Integer $maxdelay = 90,
   $user             = 'root',
-  $delaycompress    = true,
-  $compress         = true,
-  $size             = '10M',
+  $rotation         = 'daily',
+  $maxsize          = '10M',
   $rotate           = 14,
+  $purge_after_days = 14,
+  # DEPRECATED PARAMETERS
+  $size             = undef,
+  $delaycompress    = false,
+  $compress         = true,
 ) {
 
   if $step >= 4 {
+    if (! $compress or $delaycompress or $size != undef) {
+      warning('Size and delaycompress are DISABLED to enforce GDPR.')
+      warning('Size configures maxsize instead of size.')
+      warning('Compress cannot be delayed or turned off.')
+      $maxsize = pick($size, $maxsize)
+      $compress = true
+      $delaycompress = false
+    }
     if $maxdelay == 0 {
       $sleep = ''
     } else {
diff --git a/releasenotes/notes/logrotate-containers-purge-56143a979ba80b51.yaml b/releasenotes/notes/logrotate-containers-purge-56143a979ba80b51.yaml
new file mode 100644
index 000000000..4639c6f96
--- /dev/null
+++ b/releasenotes/notes/logrotate-containers-purge-56143a979ba80b51.yaml
@@ -0,0 +1,26 @@
+---
+upgrade:
+  - |
+    Rotated logs of containerized services in /var/log/containers
+    will be purged with the next containerized logrotate run
+    triggered via cron, if the rotated logs have been kept longer
+    than `purge_after_days` (defaults to a 14 days).
+
+    Containerized logrotate now always compresses the rotated
+    /var/log/containers logs and this can no longer be delayed
+    with delaycompress. Size parameter does not honor time-based
+    constraints and is disabled as not GDPR compliant. From now on,
+    it configures maxsize instead. Minsize is set to a 1 byte to
+    put all /var/log/containers logs under the containerized
+    logrotate control.
+security:
+  - |
+    Forcibly purge rotated /var/log/containers logs after
+    `purge_after_days` (defaults to a 14 days). New param `rotation`
+    additionally allows to alter logrotate rotation interval.
+    Defaults to a 'daily'. Make sure to adjust `purge_after_days` as
+    needed.
+
+    Any files in /var/log/containers, if not managed by
+    the containerized logrotate, will be purged forcibly with each
+    containerized logrotate run triggered via cron.
diff --git a/templates/logrotate/containers_logrotate.conf.erb b/templates/logrotate/containers_logrotate.conf.erb
index a666b0e35..18a8e0b20 100644
--- a/templates/logrotate/containers_logrotate.conf.erb
+++ b/templates/logrotate/containers_logrotate.conf.erb
@@ -1,17 +1,25 @@
 /var/log/containers/*/*log /var/log/containers/*/*/*log {
+  <%= @rotation %>
   rotate <%= @rotate %>
-  size <%= @size %>
+  # minsize 1 is required for GDPR compliance, all files in
+  # /var/log/containers not managed with logrotate will be purged!
+  minsize 1
+  # Do not use size as it's not compatible with time-based rotation rules
+  # required for GDPR compliance.
+  maxsize <%= @maxsize %>
   missingok
   notifempty
-<%- if @delaycompress %>
-  delaycompress
-<%- end %>
-<%- if @compress %>
+  # Do not use delaycompress as it's not compatible with the postrotate script.
+  # Compress always is required for the postrotate script compatibility.
   compress
-<%- end %>
+  sharedscripts
   postrotate
     /sbin/lsof -nPs +L1 +D /var/log 2>&1|\
     awk '/\S+\s+[0-9]+\s.*\/var\/log\/.*\(deleted\)/ {print $2}' |\
-    /bin/xargs -n1 -r -t kill -HUP
+    /bin/xargs -n1 -r -t kill -HUP;
+    /usr/bin/find /var/log/containers -type f \
+    \( -not -name "*.gz"  -and  -not -name "*.[0-9]*" \) -exec rm -f {} \;;
+    /usr/bin/find /var/log/containers -type f \
+    -mtime +<%= @purge_after_days %> -exec rm -f {} \;
   endscript
 }