From 93ef369828c356ef0630738daace57642b096a73 Mon Sep 17 00:00:00 2001 From: Dorien Huijser Date: Tue, 19 Nov 2024 10:38:26 +0100 Subject: [PATCH 1/2] add anchors for individual terms --- chapters/glossary.Rmd | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/chapters/glossary.Rmd b/chapters/glossary.Rmd index 2a8eea9..b4093ca 100644 --- a/chapters/glossary.Rmd +++ b/chapters/glossary.Rmd @@ -29,9 +29,14 @@ formatdefs <- function(letter){ tryCatch( { # Only include if "include" == 1 and there are terms there if(subselection$include[item] == 1 & !is.na(subselection$term[item]) & !is.na(subselection$include[item])){ - formattedtext[[item]] <- paste0("
**", + formattedtext[[item]] <- paste0("
", + subselection$term[item], - "**
", + "
", subselection$definition[item], "

") } @@ -73,4 +78,4 @@ for (letter in toupper(letters)) { fullglossarytext <- paste(glossarytext, collapse = " ") ``` -`r fullglossarytext` \ No newline at end of file +`r fullglossarytext` From fa8dc02bbf17f99cefc6571fd1c4abf545fc291d Mon Sep 17 00:00:00 2001 From: Dorien Huijser Date: Tue, 19 Nov 2024 10:40:39 +0100 Subject: [PATCH 2/2] render book --- docs/data-storage-duration.html | 3 ++- docs/data-storage-how.html | 3 ++- docs/data-storage-where.html | 3 ++- docs/data-storage.html | 3 ++- docs/data-subject-rights.html | 3 ++- docs/definitions.html | 3 ++- docs/disclaimer.html | 3 ++- docs/encryption.html | 3 ++- docs/faq.html | 3 ++- docs/gdpr-principles.html | 3 ++- docs/gdpr.html | 3 ++- docs/glossary.html | 29 ++++++++++++------------ docs/how-to-use-this-handbook.html | 3 ++- docs/index.html | 9 ++++---- docs/informed-consent-forms.html | 3 ++- docs/legal-basis.html | 3 ++- docs/legitimate-interest-assessment.html | 3 ++- docs/open-science-questionnaire.html | 3 ++- docs/personal-data.html | 3 ++- docs/pet-survey.html | 3 ++- docs/privacy-by-design.html | 3 ++- docs/privacy-notices.html | 3 ++- docs/references.html | 3 ++- docs/risk-assessment.html | 3 ++- docs/search_index.json | 2 +- docs/seeking-help.html | 3 ++- docs/synthetic-data.html | 5 ++-- docs/tools-and-services.html | 3 ++- docs/what-is-the-gdpr.html | 3 ++- docs/youth-pseudonymisation.html | 3 ++- 30 files changed, 76 insertions(+), 47 deletions(-) diff --git a/docs/data-storage-duration.html b/docs/data-storage-duration.html index 0769882..c6186c9 100644 --- a/docs/data-storage-duration.html +++ b/docs/data-storage-duration.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/data-storage-how.html b/docs/data-storage-how.html index e4af2a8..cf16fc2 100644 --- a/docs/data-storage-how.html +++ b/docs/data-storage-how.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/data-storage-where.html b/docs/data-storage-where.html index da774b0..025d8c6 100644 --- a/docs/data-storage-where.html +++ b/docs/data-storage-where.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/data-storage.html b/docs/data-storage.html index 6da9813..9ca2394 100644 --- a/docs/data-storage.html +++ b/docs/data-storage.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/data-subject-rights.html b/docs/data-subject-rights.html index edb5c36..5ff2201 100644 --- a/docs/data-subject-rights.html +++ b/docs/data-subject-rights.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/definitions.html b/docs/definitions.html index 608b86a..11c47a1 100644 --- a/docs/definitions.html +++ b/docs/definitions.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/disclaimer.html b/docs/disclaimer.html index 7c4b025..aa2259d 100644 --- a/docs/disclaimer.html +++ b/docs/disclaimer.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/encryption.html b/docs/encryption.html index a1b7f04..c3d5006 100644 --- a/docs/encryption.html +++ b/docs/encryption.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/faq.html b/docs/faq.html index 2ebf9b4..fe1dd81 100644 --- a/docs/faq.html +++ b/docs/faq.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/gdpr-principles.html b/docs/gdpr-principles.html index 958affc..7f182c9 100644 --- a/docs/gdpr-principles.html +++ b/docs/gdpr-principles.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/gdpr.html b/docs/gdpr.html index 962b51a..499fac5 100644 --- a/docs/gdpr.html +++ b/docs/gdpr.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/glossary.html b/docs/glossary.html index 1e7ffcb..4d80184 100644 --- a/docs/glossary.html +++ b/docs/glossary.html @@ -26,9 +26,10 @@ Support.

" /> - + + @@ -548,7 +549,7 @@

-Anonymous data +Anonymous data
Any data where an individual is irreversibly de-identified, both directly (e.g., through names and email addresses) and indirectly. The latter means that you cannot identify someone: @@ -576,7 +577,7 @@

-Controller +Controller

@@ -595,7 +596,7 @@

-Data subject +Data subject
A living individual who can be identified directly or indirectly through personal data. In a research setting, this would be the individual whose personal data is being processed (see below for the definition of processing). @@ -608,7 +609,7 @@

-European Economic Area (EEA) +European Economic Area (EEA)
The member states of the European Union and Iceland, Liechtenstein, and Norway. In total, the EEA now consists of 30 countries. The aim of the EEA is to enable the “free movement of goods, people, services and capital” between countries, and this includes (personal) data (source: Eurostat). @@ -621,7 +622,7 @@

-General Data Protection Regulation (GDPR) +General Data Protection Regulation (GDPR)
A European data protection regulation meant to protect the personal data of individuals, and facilitates the free movement of personal data within the European Economic Area (EEA). The Dutch name of the regulation is “Algemene Verordening Gegevensbescherming” (AVG). @@ -634,7 +635,7 @@

-Hashing +Hashing
Hashing is a way of obscuring data with a string of seemingly random characters with a fixed length. It can be used to create a ‘hashed’ pseudonym, or to replace multiple variables with one unique value. There are many hash functions which all have their own strength. It is usually quite difficult to reverse the hashing process, except if an attacker has knowledge about the type of information that was masked through hashing (e.g., for the MD5 algorithm, there are many lookup tables that can reverse common hashes). To prevent reversal, cryptographic hashing techniques add a ‘salt’, i.e., a random number or string, to the hash (the result is called a ‘digest’). If the ‘salt’ is kept confidential or is removed (similar to a keyfile), it is almost impossible to reverse the hashing process. @@ -647,7 +648,7 @@

-Legal basis +Legal basis
Any processing of personal data should have a valid legal basis. Without it, you are now allowed to process personal data at all. The GDPR provides 6 legal bases: consent, public interest, legitimate interest, legal obligation, performance of a contract, and vital interest. Consent and public interest are most often used in a research context. @@ -660,7 +661,7 @@

-Personal data +Personal data

@@ -674,7 +675,7 @@

-Processing +Processing
Any operation performed on personal data. This includes collection, storage, organisation, alteration, analysis, transcription, sharing, publishing, deletion, etc. @@ -683,7 +684,7 @@

-Processor +Processor
A natural or legal entity that processes personal data on behalf of the controller. For example, when using a cloud transcription service, you often need to send personal data (e.g., an audio recording) to the transcription service for the purpose of your research, which is then fulfilling the role of processor. Other examples of processors are mailhouses used to send emails to data subjects, or Trusted Third Parties who hold the keyfile to link pseudonyms to personal data. When using such a third party, you must have a data processing agreement in place. @@ -692,7 +693,7 @@

-Pseudonymous data +Pseudonymous data
Personal data that cannot lead to identification without additional information, such as a key file linking pseudonyms to names. This additional information should be kept separately and securely and makes for de-identification that is reversible. Data are sometimes pseudonymised by replacing direct identifiers (e.g., names) with a participant code (e.g., number). However, this may not always suffice, as sometimes it is still possible to identify participants indirectly (e.g., through linkage, inference or singling out). Importantly, pseudonymous data are still personal data and therefore must be handled in accordance with the GDPR. @@ -705,7 +706,7 @@

-Special categories of personal data +Special categories of personal data
Any information pertaining to the data subject which reveals any of the below categories: @@ -756,7 +757,7 @@

-Third-country transfer +Third-country transfer
In legal terms, a transfer exists when personal data controlled by one party are accessible to another, irrespective of whether the data are physically sent to that party. An international/third-country transfer exists when the party that can potentially gain access is based in a country outside the European Economic Area (EEA) which does not have an adequacy decision from the European Commission. diff --git a/docs/how-to-use-this-handbook.html b/docs/how-to-use-this-handbook.html index c65081f..31f8ec9 100644 --- a/docs/how-to-use-this-handbook.html +++ b/docs/how-to-use-this-handbook.html @@ -26,9 +26,10 @@ Support.

" /> - + + diff --git a/docs/index.html b/docs/index.html index fa54897..89ec9f6 100644 --- a/docs/index.html +++ b/docs/index.html @@ -26,9 +26,10 @@ Support.

" /> - + + @@ -539,14 +540,14 @@

Data Privacy Handbook

DOI

Illustrated cover image for the Data Privacy Handbook, showing a person sitting cross-legged with a laptop on their lap. From the laptop arise several concepts that are covered in the Data Privacy Handbook: Anonymisation (depicted as a face covered with a censor bar), Transparency (depicted as one person showing another person a checklist, informing them), Data sharing (depicted as two laptops connected to a globe), Privacy by Design (depicted as a map with a shield on it), and Personal data (depicted as a fingerprint that connects zeros and ones). The person is floating as if in meditation: happy that they achieved GDPR compliance. The left upper corner of the image shows the Utrecht University logo, and the bottom of the image says ‘Data Privacy Handbook’. Image drawn by Erik van Tuijn for Utrecht University in May of 2023.

-

Last Handbook update: 25 June 2024

+

Last Handbook update: 19 November 2024