Data sharing & privacy
VAC4EU processes (based on sharing of aggregated anonymised data) are compliant with the EU General Data Protection Regulation (GDPR) and are also following key new principles.
The requirement to conduct data protection and/or privacy impact assessment
Identification and communication with the Data Privacy Officer in each organization
Retaining an audit trail of all processing activities
Data to be protected by design and by default: data protection is included in the business processes for data processing and management (including physical and technical safeguards, privacy enhancing technologies, minimisation of processing principles)