Summary
The institutions must confirm that they have appointed Data Protection Officers (DPOs) and the contact details of the DPOs are made available to all data subjects involved in the research. For those institutions not required to appoint a DPO under the GDPR, a detailed data protection policy for the project must be submitted as a deliverable.The beneficiaries must explain how all of the data they intend to process is relevant and limited to the purposes of the research project (in accordance with the ‘data minimisation ‘principle). This must be submitted as a deliverable.If applicable, a description of the anonymysation/pseudonymisation techniques that will be implemented must be submitted as a deliverable.A description of the technical and organisational measures that will be implemented to safeguard the rights and freedoms of the data subjects/research participants must be submitted as a deliverable.
More information & hyperlinks