Blad met gegevens, foto Vladislav Bulatov

Handling research data with care

Registration form Ethics, Data Management and GDPR

Before starting scientific research, researchers must fill in a registration form concerning ethics, data management and the General Data Protection Ordinance (GDPR).

The schools use virtually the same application form to assess these three aspects. The assessment is done by the school committees.

By filling in the form, you record, among other things, how you store or manage data during the project, what happens with the data after the project is completed, and at the same time the requirements for accountability, data protection impact assessment (DPIA) and processing register are safeguarded. Ask the data representative of your school for this form.

If no personal data is processed during the survey, filling in only the data management section is sufficient. This meets the requirements of the regulation research data management. For more information about the data management plan section go to the website or contact the Research Data Office.

Data Protection Impact Assessment (DPIA)
Data Processing Register
Privacy Statement

Step-by-step plan

Data Management Plan (DMP) - Processing Register For each academic research project, the researcher must draw up a DMP setting out which (personal) data will be processed. This DMP will be included in the university's Data Processing Register insofar as it contains personal data. For the format of the DMP we refer to the Tilburg University's Research Data Management Regulations.
Pre - DPIA For each academic study, a pre-DPIA (questionnaire) must be completed to determine whether it is necessary to perform a DPIA. This questionnaire is integrated into the DMP and if possible combined with the questionnaire for the ethics committee.
Data Protection Impact Assesment (DPIA) In some situations it is necessary to perform a DPIA. Whether this is necessary follows from the Pre-DPIA questionnaire. The researcher is responsible for carrying out the DPIA if it is necessary. A procedure is available. He/She is supported by the Data Representative of the School.

Checking the DPIA

The Data Protection Officer checks the DPIA.

Review of DMP and review by ethics committee

In each School further agreements have been made about the review  and storage of the DMP by an academic and/or ethical committee.

A researcher may not simply process all personal data. Some relevant information is listed below.

Data minimization The researcher may only collect personal data that is necessary for the purpose of academic research, but will ensure that sufficient data is collected to answer the research question.
 BSN The citizen service number (Burgerservicenummer,BSN) may never be processed for academic research.
Identity card

A copy of proof of identity may only be viewed. It may only be kept if it is necessary for academic research and the photo and BSN are blurred. On the photocopy of an identity card, it must be stated that the copy was issued for research purposes.

Tip: Preferably write down only the necessary data instead of retaining a photocopy of an ID.

Preparation assistance

The Data Representatives of the Schools support the completion of the DPIA. In addition, the Research Data Office can provide support for researchers and faculties with regard to questions concerning research data management.