Ethics for data protection

If your work involves human participants, it’s essential to design your study in line with your discipline’s ethical standards and to comply with the GDPR.

Research ethics is about more than meeting formal requirements; it’s about ensuring integrity, respect, and care throughout every stage of the research process, from study design to data collection, analysis, and reporting. While these core values remain at the heart of ethical research, the rapid growth in the use and sharing of personal data has made privacy and data protection increasingly important.

Privacy as a fundamental right

Privacy is a fundamental human right (Universal Declaration of Human Rights, Article 12). In research, this right must be balanced with other ethical values and the objective to acquire knowledge that benefits society. While the GDPR protects individuals’ privacy, it also recognizes that strict compliance may sometimes obstruct research.

To address this, Article 89(1) allows limited exemptions for research purposes, as long as strong safeguards are in place. An ethics review is one of the key safeguards required before researchers can process personal data.

Learn more on rights of data subjects in research

Ethics review as a safeguard for data protection

An ethics review helps ensure that personal data is collected and used responsibly, protecting the rights, dignity, and well-being of all participants. For most research projects involving personal data, an ethics review and thoughtful self-reflection are mandatory steps.

How to apply for an ethics review

The DCC does not play a direct role in the ethics review of your research. For more information on how to apply for the ethics review of your research, please consult the ethics committee pages of your faculty. Be aware that faculty requirements might differ.

More information on your Faculty Ethics Review Committe

Codes and guidance documents

In preparation for your ethics assessment, you can look into codes and guidance documents - both domain-specific and general - drafted by Dutch and European bodies to guide researchers in conducting their research responsibly.

Rules & codes of conduct

Nuremberg code (1947)Declaration of Helsinki (1964)EU charter of fundamental rights (2010)

Ethical guidelines for research

Ethics Guidance for ERC Funded Projects (ERC)Code of Ethics for Research in Social and Behavioral Sciences Involving Human Participants (Nethics, 2025)Ethics and Data Protection (European Commission, 2021)Functional Magnetic Resonance Imaging (European Commission, 2013)Research Ethics in Ethnography/Anthropology (European Commission, 2021)Internet Research: Ethical Guidelines (AoIR, 2019)Ethical Guidance for Research with a Potential for Human Enhancement (SIENNA project, 2021)Ethics By Design and Ethics of Use Approaches for Artificial Intelligence (European Commission, 2021)

Where to find ethics support

The main responsibility for reflecting on ethical conduct during a research project lies with the Principal Investigator (PI) in collaboration with junior researchers, such as PhD candidates or students. They can find support in this ethical reflection with different roles in the organization:

A data steward can review a data management plan, and ask questions to help researchers reflect on how they are going to manage their data responsibly throughout the whole data life cycle.
A privacy and security (P&S) coordinator can provide advice on how to best implement the principles of the GDPR, such as which legal ground to choose. They are also the contact point for setting up agreements with third parties.
An ethics review committee evaluates the full project proposal based on relevant ethics codes, such as the Nethics Code, and their expertise in the research field, including its methodologies and common ethical issues.

Contact the DCC for support

Last modified:28 November 2025 3.27 p.m.