Register processing of personal data in which AU is data processor

Here, you can register your processing of personal data to Aarhus University's record, where AU is data processor.

Register research in which AU is data controller (PID: 1443392)

1. Introduction
In order to have the processing of personal data registered in the AU record, you must provide us with information about you, the processing and the data controller.

Please note that:

• It is your responsibility to ensure that the information is correct and in accordance with the actual circumstances.

• In some cases, you will have to elaborate on the information you give us. This will be stated on the form.

• Your registration is only submitted once you have completed all parts of the registration form and clicked 'submit'. You will then receive a copy of the registration at the email address you provided on the form.

• The data processing will not be registered until you have been assigned a serial number and received a confirmation letter.

• The confirmation letter is only documentation that your processing has been included in the AU record. It is not an authorisation.
2. Contact Person
3. Data controller
Here, provide information about the data controller on whose behalf Aarhus University is conducting the processing.
4. Processing
Provide information about how and for what purpose AU will process personal data for the data controller.
5. Personal data
State the types of personal data you will be processing.
6. Data processing agreement and sub-data processors

Data processing agreement

Provide information about the data processor agreement and whether you are using a sub-data processor.


Please state whether you will use a sub-data processor in connection with the delivery of the data processing service. For example, you may have to collect data on behalf of the data controller and, to do so, you may need to use a survey provider. The survey provider is your data processor and therefore a sub-data processor to the data controller.
7. Transfer
State whether the data processing involves a transfer to a third country or an international organisation, i.e. a transfer of information to someone outside the EU/EEA or an international organisation. For example, if your sub-data processor is based in a third country.
8. Security of processing
The measures you should take to protect personal data depend on the type of data in question, the numbers involved, and who you process data about. Example:
• Technical measures, such as storing data on a secure server, encryption and pseudonymisation.
• Organisational measures, such as rights management and training.