UT Data Processing Registertool
The UT is responsible for keeping a register of all processing of personal data. Every researcher/student is responsible for administrating his/her own research at this register.
A data processing register is a record of which personal data you process and who you share this data with. If you collect personal data for your research, you must record this in the data processing register.
The responsible owner of the registration must report the processing via the GDPR registration tool (notice that there is a manual to).
If you are starting a new research project that uses personal data, you must record in the data processing register tool how you will process the data. You can use your data management plan as a source to describe how you expect to process the data and (if applicable) which agreements you have reached.
In any graduation study involving personal data, the supervisor must inform the student of internal appointments and safe practices and indicate the GDPR (General Data Protection Regulation). The supervisor points out to the student what is expected of him / her when working with personal data. More information about this, such as the guidelines privacy rules and the poster Personal data research protocol’ is available at the UT Privacy website.
If the student process personal data in their bachelor/master-thesis:
- and the student participates in an existing project: the student does not need to take any further action, assuming that the responsible employee has already registered the research project in the GDPR registration tool.
- If the research leads to a new processing, the student must register the processing, where the supervisor is recorded as the contact person.
The Privacy Contact Person (PCP) of your faculty is able to support you.