When you collect your data from your research participants, informing research participants about the processing of their personal data is a crucial part of the transparency principle laid down in the General Data Protection Regulation of the European Union (GDPR). In other words, research participants should obtain the information from you about how their personal data are being collected, used, stored, disseminated, or otherwise processed.
If you collect personal data, justify why you have the right to collect, handle, and preserve personal data:
Basically, there are two situations with different must-dos when collecting personal data:
See Hanken's security instructions for recording interviews with mobile phones and dictaphones and interviews' content in teleconferences in the section below.
Remember to indicate in the informed consent message:
You can still have a separate ﬁle about the research participants’ contact information (e.g., email addresses), but that ﬁle must be separate from the actual research dataset.
More information about what you need to provide research participants about the processing of their personal data, see Content of the information by the Finnish Social Science Data Archive (FSD).
Note that in special situations, for example, if you collect data from children under 15 years old or other populations belonging to vulnerable groups, or your data collection exposes participants to certain kinds of sensitivities or risks, you need to request an ethical review from Hanken's Research Ethics Committee. See Ethical review about the six types of studies that request an ethical review. Contact Hanken's Research Integrity Advisor, Anu Helkkula, firstname.lastname@example.org, for detailed advice.
More information, see Informing research participants about the processing of their personal data by the Finnish Social Science Data Archive (FSD).
Recorded interviews are usually materials associated with the base information security level (restricted).
Exceptions consist of:
For more information on information security levels, see the PDF file Instructions for handling and storing data and documents on different information security levels on the page of Information Management at Hanken.
The following rules apply when recording interviews:
For surveys, you can also use respondents from participants pools/panels (e.g., Amazon MTurk, Prolific Academic). If doing so, all the same principles for data processing and protection apply as for other sources of respondents. Especially, remember to inform the respondents (on the cover letter or first page of the survey) about the purpose of data gathering and processing, about whether any direct identifier information is stored (stored at all, stored in separate file, or in the same file as the research data), and how and when all the data will be erased. Note that if the actual survey instrument that you use is not Hanken-provided Webropol (but e.g., Qualtrics), you have to check with email@example.com that there is a Data Processing Agreement in place with the provider of the survey instrument.
Data files should also be clearly named, well organised, and version controlled throughout the research. Sensible file names and well-organised folder structures make it easier to find and keep track of data files. See Organizing data by UK Data Service.
Read also "Chapter 2. Documentation during research project" in Making a research project understandable - Guide for data documentation by Siiri Fuchs and Mari Elisa Kuusniemi at Helsinki University Library.