Staff service at AU  »  Support for your research practice

Dansk

 AU  Staff  Staff Service Support for your Research Practice Research Support Office News from AU Forskning Show

New website makes it easier to comply with GDPR

On a new website, the Research Data Office will publish information about projects that are exempt from the information obligation, making it easier to comply with the GDPR requirements.

What does it mean?
If a research project processes personal data without having direct contact with the participants, the project may in some cases be exempt from the obligation to provide information to the data subjects. Instead, the project must make certain information public.

This option is now supported by AU’s new website (for now - only in Danish), which will include information about projects exempt from the information obligation.

Information obligation – what is it?
When processing personal data as part of a research project, you must, as a general rule, inform the individuals whose data you are processing. This is to ensure that they know who is processing their personal data and for what purpose. Read more about the information obligation here.

Research projects where informing each individual participant would involve a disproportionate amount of effort may instead publish certain information about the project. With the new website, AU is now facilitating this process.

Which projects may be covered by the exemption?
Projects that may be covered by the exemption are projects that are collecting personal data indirectly – i.e. from registers, databases or other data sources – and where contacting all the data subjects would require a disproportionate effort.

However, this does not mean that all projects without direct contact are automatically covered by the exemption. A concrete assessment must be made, weighing up the research participants’ interest in being informed against the difficulties of fulfilling the information obligation.

Examples of projects that may be exempt from the information obligation include:

  • Projects using data from national health registers.
  • Studies based on data from social media.
  • Projects that receive large data sets from partners.

However, projects using consent as the basis for processing will not be covered as they are already in contact with the participants in connection with the consent.

It is up to you to assess whether your research project is covered by the exemption. You can read more about how to make this assessment here. 

What to do if you are covered by the exemption

  1. Register your project in the AU record of research projects
    All projects that process personal data must be registered in the AU record. You can read more about the record and how to register your project here.
  2. Fill in the fields clearly
    A number of your answers will be made public in the overview. You should therefore write concisely, accurately and in language that can be understood by the general public.
  3. AU publishes information automatically
    The Research Data Office makes sure that the information is included in the overview. You do not need to take any further action via this scheme.

Where is the information displayed?
AU publishes the information on a subpage of au.dk. The overview is updated by the Research Data Office once a month.

You can see the overview here (for now- only in Danish).

Do you have questions or need help?
You can contact the Research Data Office at fortegnelse@au.dk.

Revised 27.10.2025