The EU General Data Protection Regulation (GDPR) comes into effect on 25 May, 2018.

To take your privacy seriously and to protect your personal information, many organisations have updated their privacy policies and procedures (see, e.g., CIFOR/CGIAR Research Center Privacy Policy and Terms of Use) bringing them in line with the GDPR by providing specific details on certain data processing activities (e.g., 'Terms of Use', 'Privacy Policies', 'Cookies Policy', 'Right to Control Your Data', 'Right to Access Your Data', 'Opt-in Consent'). 

GDPR has raised also the standard required of researchers handling personal data. For researchers, it is not only essential to be aware of and to follow the best practices in their field or discipline, but also to identify the appropriate legal basis for data processing.

Researchers will need GDPR compliant data management plans and/or arrangements in order to meet the other data processing and security principles. 

Researchers will also need to ensure that they supply all information required by Article 13 and Article 14 to research participants, explaining how participants personal data will be used in the project.

Related:

• The General Data Protection Regulation (GDPR) : what is it all about? 
• General Data Protection Regulation: Guidance to Dgroups Foundation from WA-Research
• GDPR Data Portability and Core Vocabularies published: read new ISA2 study
• EDM Council Report Finds Data Management Key to GDPR Compliance, by A.R. Guess, Dataversity, May 22, 2018
• LIBER Webinar: Turning FAIR Data Into Reality (recorded LIBER webinar) 
• GDPR, ORCID, and You, by Joe Schwarze, ORCID blog, 2018-05-21
• The Data Protection Act and the General Data Protection Regulation (UK Data Service)
• GDPR Day Is Here – What Happens Next?, by SCHOLARLY KITCHEN, May 25, 2018
• GDPR : Reality Check: Who controls your data?, by Lora Jones, BBC News, 25 April 2018
• This checklist from the U.K. Information Commissioner’s Office highlights 12 steps you can take to begin preparing now for the GDPR, which will come into effect in 2018
• GDPR Guidebook for PKP Users, by James MacGregor, Public Knowledge Project, April 30th, 2018 
• The InfoQ eMag: Perspectives on GDPR, by InfoQ, April 16, 2018
• So, What is Data Mapping and Why is it the Key to GDPR Compliance?, by Richard Macaskill, April 25, 2018, Dataversity
• GDPR: What does it mean for research and repository managers? (Recorded webinar, JISC, 2018)
• Data Governance 2.0 at the Hub of Data Curation, by Michelle Knight , April 26, 2018, Dataversity
• Most data is about multiple people – what does that mean for data portability? (Open Data Institute, May 11, 2018)
• Open Data Charter Measurement Guide (Open Knowledge International, 2018) analyses the Open Data Charter principles and how they are assessed based on current open government data measurement tools. Governments, civil society, journalists, and researchers may use it to better understand how they can measure open data activities according to the Charter principles.
• Big Data vs. Smart Data, by By Keith D. Foote, Dataversity, May 10, 2018
• How GDPR is affecting Big Data ethics
• Implement effective Open Data & Keep it alive with Open Data TOOLKIT