Notification form for “scientific and statistical surveys at SDU”
 
 
 
 
Information about the Notifier
 
 
 
Please fill in the email address for the researcher responsible for the project.

If RIO should have questions regarding the notification and these should be directed towards others than the project responsible please list such person’s contact details below in Other Contact Persons.


  
 
Email*
 
 
 
Name of Faculty*
 
 
 
Name of Department*
 
 
 
Name of the researcher responsible for the project*
 
 
 
Contact details for Other Contact Persons (State the name and place of employment)
 
 
 
People with current / intended access to data (State the name and place of employment)
 
 
 
 
 
 
Location of the data being processed?
 
 
 
SDU is data controller when the project is connected to or placed within a department/center at the University.

A data processor is an external party that processes data on the instructions from and on behalf of SDU. Examples of a data processor could be Statistics Denmark, SurveyXact or OPEN.


  
 
Is information stored at the data controller?*
 
 
 
Are external data processors used?*
 
 
 
List names and adresses of external data processors
 
 
 
Describe the role of the data processor
 
 
 
Has a data processing agreement been signed?
 
 
 
Please state the Acadre number for the data processor agreement
 
 
 
 
 
 
What IT-system is being used?
 
 
 
It is strongly advised to use an IT-system that has been pre-approved by RIO and IT-Service for storage of data. If you are in doubt as to what IT-system best suits your project’s needs, please contact Erik B. Madsen from IT-Service.

One should expect longer approval times, if non-approved IT-systems are used.


  
 
Select which pre-approved IT-system is being used
 
 
 
If a non-approved IT-system is being used, please list the system here
 
 
 
 
 
 
 
 
Naming and purpose
 
 
 
You can find a guide to handling special categories on the SDU home page. The link will open in a new window or tab.

  
 
Project title*
 
 
 
Describe the purpose of the project*
 
 
 
Legal basis for the processing of personal data*
 
 
 
Where does data come from? Eg. Surveys, Databases, Interviews, Observations, Audio, Video, Registers, Patient Records, Released from other research projects, etc.*
 
 
 
Is the data used exclusively for research or statistical purposes?*
 
 
 
 
 
 
Overall description
 
 
 
The following types of processing are being done:
Here one should list the IT-systems or software being used for data processing (e.g. SPSS) including the types of processing being done.

At the same time, one should also describe the process by which data is handled from collection to deletion or anonymization.


You can find a guide to handling special categories on the SDU home page. The link will open in a new window or tab.




  
 
What IT-systems or software is being used to process the data*
 
 
 
Describe the processes for handling data from collection to deletion /pseudonymization / anonymization*
 
 
 
Will the data be pseudonymized?*
 
 
 
At which point in the process is the data pseudonymized?
 
 
 
 
 
 
Other matters, necessary permits
 
 
 
Please note that an approval is an approval to process and store data when it is received. Other approvals/permits are often needed to obtain the data or carry out the survey.

  
 
Does an approval exist from the health research ethics committee?*
 
 
 
If not, have you already applied for permission and currently waiting for approval?
 
 
 
Does an approval exist from the Danish Patient Safety Authority?*
 
 
 
If not, have you already applied for permission and currently waiting for approval?
 
 
 
Permission from REC (SDU's ethical committee)
 
 
 
Has permission been applied from REC (SDU's ethical committee)
 
 
 
If other approvals exist, please note who it is from
 
 
 
 
 
 
The following data is being processed
 
 
 
Non-sensitive personal information (Article 6)*
 
 
 
Racial or ethnical origin*
 
 
 
Political opinions*
 
 
 
Religious or philosophical beliefs*
 
 
 
Trade union membership*
 
 
 
Data concerning health*
 
 
 
Genetic data*
 
 
 
Biometric data for the purpose of uniquely identifying a natural person*
 
 
 
Data concerning a natural person’s sex life or sexual orientation*
 
 
 
Criminal convictions and offences*
 
 
 
Biological material*
 
 
 
Where is the biological material stored?
 
 
 
 
 
 
Categories of data subjects and types of information
 
 
 
Please provide a specification of:
  • What type of persons/groups of persons are included in the project
  • An estimate of the number of data subjects
  • Which information is processed for each category/group of persons. Be specific to each category of persons
 
 
Category A*
 
 
 
Number of persons in person category A*
 
 
 
The following types of data are being processed for Category A*
 
 
 
 
 
Category B
 
 
 
Number of persons in person category B
 
 
 
The following types of data are being processed for Category B
 
 
 
 
 
Category C
 
 
 
Number of persons in person category C
 
 
 
The following types of data are being processed for Category C
 
 
 
 
 
Category D
 
 
 
Number of persons in person category D
 
 
 
The following types of data are being processed for Category D
 
 
 
 
 
Category E
 
 
 
Number of persons in person category E
 
 
 
The following types of data are being processed for Category E
 
 
 
 
 
Category F
 
 
 
Number of persons in person category F
 
 
 
The following types of data are being processed for Category F
 
 
 
 
 
 
Start
 
Date of initiation of the project*
 
 
 
When will the data collection commence?*
 
 
 
 
 
 
Deletion
 
 
 
Please provide the dates in the format of DD-MM-YYYY

  
 
Date of completion of the project*
 
 
 
Date of deletion of data, anonymization or transfer to the Danish National Archives*
 
 
 
Treatment of the data at the end of the project*
 
 
 
 
 
 
 
 

If data will be transfered to a new data controller outside of SDU:
 

SDU RIO approves the request of transfer if the receiving party is established in the EU.

SDU RIO will forward your request to the Danish Data Protection Agency if the receiving party is established outside the EU.

Please note the approval is not a permission to transfer data. The approval to transfer data must be applied for separately, follow this
link