Data Management plan and ORDP I

This deliverable will provide a general outline of the project policy for data management and describe the data management life cycle for all data sets that will be collected processed or generated by the LETHE project A first version of a data management plan DMP will furthermore provide the data protection policy for the project as well as justification for the collection and processing of sensitive personal data The DMP will as well describe technical and organizational measures that will be implemented to safeguard the rights and freedoms of the data subjectsresearch participants and in detail information on the informed consent procedures with regards to data processing as well as description of the anonymysation pseudonymisation techniques that will be implementedIn the case of research involves observation of the participants the respective beneficiaries will provide explanation how the data subjects will be informed of the existence of the monitoring its possible consequences and how their fundamental rights will be safeguardedIn case of further processing of previously collected personal data an explicit confirmation that the involved beneficiaries have lawful basis for the data processing and that the appropriate technical and organisational measures are in place to safeguard the rights of the data subjectsThe results of the performed comprehensive Data Protection Impact Assessments DPIAs in order to assess any potential risks arising from the processing activities planned and to assess the effectiveness of the technical and organisational measures taken for the protection of the rights and freedoms of the data subjects will be provided in this deliverable and updated in D62Concluding this deliverable will sum up and present in a concise manner the compliance datasheet and measures taken for all data collected processed stored and shared in accordance to GDPR and will adhere to the privacy principles regarding data collection and processing With the first version of the deliverable the Data Protection Officer DPO for all host institutions institutions where data are generated will be appointed and contact details given In this deliverable all beneficiaries involved in processing data will check if special derogations pertaining to the rights of data subjects or the processing of genetic biometric andor health data have been established under the national legislation of the country where the research takes place and submit a declaration of compliance with respective national legal frameworks Furthermore the respective beneficiaries will explain how all of the data they intend to process are relevant and limited to the purposes of the research project in accordance with the data minimisation principleThe Deliverable includes also the selection of research data to be provided with open access according OpenAire and EOSC prescriptions