Handling personal data
If (part of) your data can be classified as personal data, the General Data Protection Regulation (GDPR) requires you to be transparent to data subjects about how you handle their personal data and to put in place safeguards to protect data subjects’ privacy. Since the GDPR is a legal document which is not always easy to read, we've developed the online Data Privacy Handbook. This handbook consists of a knowledge base and overview of tools and techniques about privacy in research conducted at Utrecht University.
Here you can find all information you need about which legal basis you should choose, how to inform data subjects, pseudonymisation and anonymisation, storing and sharing personal data, synthetic data, and much more.
Getting started: What to do when working with personal data?
The flowchart below shows which steps you need to take when you work with personal data in your research project:
Utrecht University RDM Support (2023). 10 steps towards privacy compliance in research. https://doi.org/10.5281/zenodo.10417513
For more detailed information on each step, visit the Data Privacy Handbook, or contact RDM Support or your privacy officer (Solis-ID needed). For UMC Utrecht, please visit the UMCU intranet.