Privacy Notice

What do you need to know about Aarhus University’s processing of your personal data? Here you will find information about why and how Aarhus University processes your personal data.

1. Who is the data controller?

Aarhus University (AU) is data controller for the processing of your personal data. Our information:

Aarhus University Nordre Ringgade 1 8000 Aarhus C CVR-no.: 31119103

Aarhus University has a Data Protection Officer. You can contact our Data Protection Officer at dpo@au.dk.

If you have any questions about the research project, including participation and processing of personal data, please contact Roman Senninger, Associate Professor at rsenninger@ps.au.dk.

2. What is personal data?

Personal data is any information that directly or indirectly can be attributed to you. This can, for example be your name, your age, but it can also be a lot of information that, when linked to other information, tells something about you, for example your address combined with information from a public register.

3. Why do we process personal data about you?

As a university in Denmark, we have an obligation to conduct research. In order to conduct research, we often need to process personal data. In the research project The Democratic Foundations of Policy Diffusion: A Replication and Extension of Linos (2011, 2013), we process personal data to better understand the diffusion mechanisms in different social groups.

4. What information do we process about you?

We will process the following categories of personal data about you: [general and sensitive personal data].

For example, information such as gender, age and political beliefs. And we collect the information directly from you.

5. What is the legal basis for processing your personal data?

The processing of personal data requires that there is a legal basis for the processing in the data protection rules or other legislation. We process your personal data on the basis of Section 10 (1) of the Danish Data Protection Act and article 6(1)(e) of the General Data Protection Regulation. This means that the processing is necessary for the performance of a task in the public interest, including scientific research purposes. Therefore, we do not ask for your consent to process your personal data.

6. How long do we process your personal data?

At present, it is not possible to say for how long Aarhus University will process your personal data, as this depends on the purpose of the research project and the rules on storage according to responsible research practice. When your personal data is no longer required for processing, it will be anonymised. And later, either archived in anonymized form or deleted.

When assessing how long it is necessary to process your personal data, we take into account, among other things: achieving the research purpose, disseminating the research results and being able to account for the accuracy of the research findings for a period after the research has been completed (e.g. according to the rules on responsible research practice or according to law).

7. Who do we share your information with?

We must provide you with information about who we share your personal data with. [It may be necessary to share your personal data at a later time. In this case, we will only share them with recipients who have a legitimate research purpose. If it is necessary to share your data, it will only be shared in anonymized form.]

To ensure continuity of research when researchers change institutions/ workplace, your personal data may be disclosed to other research institutions in Demark or EU. This will only be done when appropriate data agreements are in place.

8. What are your rights?

According to the General Data Protection Regulation, you have a number of rights when we process your personal data. Your rights are limited when the processing is carried out for research purposes. Therefore, you can read below what rights you have in connection with the processing of your personal data in research. Rights in research

• You have the right to have your data erased if the erasure of your data does not make it impossible or seriously impede the achievement of the research purpose.

• In the event that we erase your personal data, we are obliged to notify any recipients of your personal data of the deletion, unless this proves impossible or is disproportionately difficult.

You can assert your rights by contacting Roman Senninger, Associate Professor at rsenninger@ps.au.dk.

9. How can you complain?

The processing of your personal data and your trust are important to us. Therefore, we hope that you will contact us if you have any questions or are unhappy with the way we process your information.

If you nevertheless wish to complain about our processing of your personal data, you can contact the supervisory authority in Denmark:

Danish Data Protection Agency (Datatilsynet) Carl Jacobsens Vej 35 DK-2500 Valby