Handling personal data

If (part of) your data can be classified as personal data, the General Data Protection Regulation  (GDPR) requires you to be transparent to data subjects about how you handle their personal data and to put in place safeguards to protect data subjects’ privacy. Since the GDPR is a legal document which is not always easy to read, we've developed the online Data Privacy Handbook. This handbook consists of a knowledge base and overview of tools and techniques about privacy in research conducted at Utrecht University.

Check the Data Privacy Handbook here

Here you can find all information you need about which legal basis you should choose, how to inform data subjects, pseudonymisation and anonymisation, storing and sharing personal data, synthetic data, and much more.

Getting started: What to do when working with personal data?

The flowchart below shows which steps you need to take when you work with personal data in your research project:

Utrecht University RDM Support (2023). 10 steps towards privacy compliance in research. https://doi.org/10.5281/zenodo.10417513

Utrecht University RDM Support (2023). 10 steps towards privacy compliance in research. https://doi.org/10.5281/zenodo.10417513

For more detailed information on each step, visit the Data Privacy Handbook, or contact RDM Support or your privacy officer (Solis-ID needed). For UMC Utrecht, please visit the UMCU intranet.