Study Network

Data sharing & privacy

VAC4EU processes (based on sharing of aggregated anonymised data) are compliant with the EU General Data Protection Regulation (GDPR) and are also following key new principles.

Key Principles

  • The requirement to conduct data protection and/or privacy impact assessment

  • Identification and communication with the Data Privacy Officer in each organization

  • Retaining an audit trail of all processing activities

  • Data to be protected by design and by default: data protection is included in the business processes for data processing and management (including physical and technical safeguards, privacy enhancing technologies, minimisation of processing principles)