The processing of personal data in the GDPR broadly includes any operation or set of operations which are performed on personal data or sets of personal data, whether or not by automated means.
That includes collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The image below shows some examples of data processing in the data life-cycle.
Why is it useful to think about data processing in an early stage?
1. Design the data processing is the first step to identify the potential protection risks and the appropriate protection measures (Privacy by Design), and
2. It will help you to be transparent with the participants about the purpose of your research.
Example: Anna is busy preparing her new research project. During the collection of the data, she starts to think of re-use of data for another research project. At the end of the project, she wants to archive the data making re-usable by other researchers.
Was Anna transparent with the participants? Will the data used to answer to Anna's research question be re-usable for another purpose?
The Legal Department (ABJZ) developed a Checklist for researchers in collaboration agreements. You find the Checklist and other relevant documents on the UG page on Academic Integrity
|Last modified:||16 September 2021 3.21 p.m.|