GDPR: what is the General Data Protection Regulation?
When you process personal data for your research, you must follow the rules of the General Data Protection Regulation (GDPR).
The GDPR: new European privacy legislation
The GDPR, which has been in force since 25 May 2018, modernises the existing privacy legislation. It creates a uniform European legislative framework and gives citizens/data subjects more control over how personal data is processed. The GDPR requires transparency and responsibility from organisations towards citizens/data subjects about how and why they process personal data.
- See Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC
The GDPR provides that EU Member States can draw up national legislation for certain areas and exceptions. In Belgium, the Law on the protection of natural persons with regard to the processing of personal data was published in the Belgian Official Gazette on 5 September 2018.
The possibility stipulated in the GDPR to provide exceptions at national level also means that in research projects involving organisations/institutions from different Member States, you must thoroughly examine the national laws of all Member States concerned and the processing must comply with those requirements.
UGent code of conduct
At UGent, the GDPR requirements were included in the Generic Code of Conduct for the processing of personal data and confidential information.
Last modified Oct. 1, 2020, 11:35 a.m.