The processing of personal data in the GDPR broadly includes any operation or set of operations which are performed on personal data or sets of personal data, whether or not by automated means.
That includes collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The image below shows some examples of data processing in the data life-cycle.
Why is it useful to think about data processing in an early stage?
1. Design the data processing is the first step to identify the potential protection risks and the appropriate protection measures (Privacy by Design), and
2. It will help you to be transparent with the participants about the purpose of your research.
Example: Anna is busy preparing her new research project. During the collection of the data, she starts to think of re-use of data for another research project. At the end of the project, she wants to archive the data making re-usable by other researchers.
Was Anna transparent with the participants? Will the data used to answer to Anna's research question be re-usable for another purpose?
|Last modified:||25 April 2019 09.48 a.m.|