D8.2. Personal data is protected and limited to research

This deliverable is part of the MOOD WP7: Project management and coordination. In this deliverable
the Consortium answers to the Ethics Review’s requirements related to the collection and processing
of personal data:

  1. We explain how all of the data that we intend to process are relevant, and how their use is limited
    to the purposes of the research project.
  2. We provide a description of the technical and organizational measures that will be implemented to
    safeguard the rights and freedoms of the data subjects/research participants.
  3. We provide a description of the security measures that will be implemented to prevent
    unauthorized access to personal data or the equipment used for processing.
  4. We provide general descriptions for the anonymization/pseudo-anonymization techniques that will
    be implemented.
  5. We describe how we plan to confirm that, in case personal data are transferred from a non-EU
    country to the EU (or another third country), such transfers comply with the laws of the country in
    which the data were collected.
  6. We provide detailed information on the informed consent procedures with regard to data
    processing.
  7. We confirm that each host institution has appointed a Data Protection Officer (DPO), and describe
    how the contact details of the DPO are made available to all data subjects involved in the research.
  8. We describe how, in case of further processing for previously collected personal data, we plan to
    explicitly confirm that the beneficiary has lawful basis for the data processing and that the appropriate
    technical and organizational measures are in place to safeguard the rights of the data subjects.