Skip to main content

Research Data Management: Ethics and Legal Aspects

Risk assesment

GDPR requires that the risks related to the processing of personal data be assessed before any such processing. Familiarise yourself with the data protection and risk management guidelines of Tampere higher education community and consider the following:

  • Which freedoms and rights of the data subject can be compromised by the processing?
  • What kind of damage can the planned processing of personal data cause to the data subject?
  • What kind of damage can the inappropriate disclosure, destruction or corruption of the data cause to the data subject?
  • What kind of risks must your data be protected against?
  • What measures are used to manage identified risks?
  • What is an accepted level for the probability and impact of residual risks?

After completing the assessment, verify with the Data Protection Officer of the University whether your data requires an impact assessment in accordance with the GDPR. Data Protection Officer can be reached at

Please also find out whether the funder of your research, owner of the data or any other external party has any claims concerning the data.

Sensitive data

Collecting and processing special categories of personal data (or “sensitive data”) is possible for scientific or historical research purposes or statistical purposes (article 9, EU’s General Data Protection Regulation). Special categories of personal data include:

  • racial or ethnic origin
  • political opinions
  • religious or philosophical beliefs
  • trade union membership
  • sexual orientation
  • information about a person’s health
  • criminal convictions and offenses
  • genetic or biometric data processed for uniquely identifying a person.

When sensitive data belonging to special categories are collected, consent must be explicit. Sensitive data also requires specific protection because there is a significant risk to the fundamental rights of the individual. In the data management, actions intended to minimise the risks of revealing sensitive information must be taken care of during the entire data lifecycle.


Photo by

Intellectual property


Intellectual property rights affect the way you and others can use your data. Consider at the early stage of your research

Copyright is regulated by the Finnish Copyright Act (pdf), but research data are not always protected by copyright, because it seldom meets the criteria for originality. Research data, can however, include parts that are protected by copyright. Especially if you use third-party data, copyright issues and permissions to reuse the data must be considered.

Read more:

Copyright (Finnish Social Science Data Archive)

It important to agree on who owns the data in order to avoid possible conflicts about the usage rights to the data. Data ownership issues should always be agreed upon before the collection process begins. If ownership issues have not been considered early enough in the research life cycle, sharing and reusing the data may become impossible.

  • Familiarise yourself with institutional policies. Tampere higher education community's Open Science and Research policy states that research data produced within Tampere higher education community is primarily owned by Tampere University or Tampere University of Applied Sciences. The researcher always has the first right to the data. When the data form a work as stipulated in Section 1 of the Copyright Act, the copyright belongs to the producer of the data.
  • Make agreements on the ownership of the data inside the research group and between the research partners.
  • Remember also, that if you are using or reusing data from a third party (data created by somebody else), the data are generally owned by the third party.

Patent is a form of legal protection for intellectual property. It gives its owner exclusive right to an invention, therefore excluding others from making, using, selling and importing that invention. To be patentable, an invention must be new, involve an inventive step, and be industrially applicable. 

Loading ...

Contact us

Is there something you did not found in this guide? Or is some important information missing? You can always contact us for further information, and we will help you with the research data management.

Personal data

If your research data contains personal data, plan your research data management with special care. Personal data means:

any information relating to an identified or identifiable natural person (‘data subject’); identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (EU’s General Data Protection Regulation).

According to Tampere higher education community's Data Protection policy (Tuni intra) the the basis for collecting, processing and storing personal data for research purposes must always be described in the research plan and in the data management plan.

Remember these when collecting and processing personal data:

  • Data should be collected for specified, explicit and legitimate purposes.
  • Don't collect any personal data if it is not necessary for you research.
  • The period for which the personal data are stored is limited to a strict minimum.
  • Collecting data must be based on informed consent of the research subject 
  • Protect the privacy of the research subjects by anonymising the data

For more information, please contact

Read more: Anonymisation and Personal Data (Finnish Social Science Data Archive

Research ethics

Responsible conduct of research and good scientific practice should be followed at all times. Each researcher and research group member is responsible for ensuring that their research complies with the generally accepted ethical principles. Ethical review is needed in precisely defined research configurations. See more at Finnish National Board of Research Integrity.

Read more about research ethics and good scientific practice in Tampere higher education community (in Finnish).

Ethical commitees in Tampere:

There are several national advisory boards which promote and review ethical issues of research: