Qui sont vos personnes ressources pour la gestion des données de recherche ? DPOs

The Data Protection Officer (DPO) is a role established by the General Data Protection Regulation n.  2016/679 (GDPR). In a university setting, the DPO is responsible for overseeing the institution’s data protection strategy and ensuring that all personal data is handled in compliance with GDPR.

Acting as an independent advisor, the DPO supports privacy and data protection throughout research activities, conducts data protection impact assessments, and serves as the main point of contact between univiersities and national data protection authorities.

In the universities of the Fédération Wallonie-Bruxelles, DPOs work closely with researchers and research support staff to integrate privacy by design into every stage of the research process. Their mission is to promote the lawful, ethical, and secure use of personal data while safeguarding the fundamental rights of data subjects.

Core Responsibilities and Activities of DPOs in Research Contexts

1. Legal Compliance and Ongoing Support

DPOs play a central role in ensuring that all research activities involving personal or sensitive data fully comply with:

• The GDPR and other relevant Belgian and international laws
• Internal university data protection policies
• Ethical principles related to data processing

They provide continuous support by:

• Advising researchers and institutional actors on their obligations
• Acting as a contact point for both researchers and supervisory authorities
• Monitoring compliance throughout the research lifecycle and recommending corrective actions when necessary
• Assisting in the preparation of information notices
• Supporting responses to data subject rights requests (e.g., access, erasure, rectification)

2. Review of Research Protocols and Data Processing Activities

DPOs assess the lawfulness and appropriateness of data processing within research proposals. Their role includes:

• Advising on the appropriate legal bases for data processing (e.g., consent, public interest, legitimate interest)
• Evaluating the use of special categories of data
• Guiding researchers in implementing safeguards such as anonymisation, pseudonymisation, and data minimisation

3. Ethics and Risk Management

• DPOs collaborate with ethics committees to assess data protection risks in:
• Studies involving vulnerable populations and/or personal or sensitive data
• Medical studies, studies involving animals, non-human genetic material
• Projects using AI, biometric data, or digital tracking technologies
• Research with international partners in countries with different legal frameworks
• Potential dual-use or high-risk applications
• Participate in or advise on the need for a Data Protection Impact Assessment (DPIA) where required

4. Training, Awareness, and Documentation

• Develop or support training initiatives on data protection in research
• Promote awareness of researchers’ responsibilities under the GDPR
• Ensure that data protection measures are documented (e.g., through records of processing activities, DPIAs, consent forms)

Collaboration with Research Support Structures

DPOs work closely with:

• Research Data Officers (RDOs) for coherent alignment between data protection and data management strategies
• Legal offices, IT departments, and research ethics committees to ensure a comprehensive approach to data governance

Together, these actors help ensure that research within the universities of the Fédération Wallonie-Bruxelles is legally sound, ethically responsible, and socially trustworthy.

Contacts

• ULiège: Data Protection Officer (GDPR):- dpo@uliege.be or consult the GDPR ULiège Intranet pages at https://my.rgpd.uliege.be/
• ULB: Cellule Data Protection (GDPR) and Data Protection Officer (DPO): rgpd@ulb.be or consult the GDPR ULB at https://portail.ulb.be/fr/documents-officiels/protection-des-donnees-a-caractere-personnel
• UCLouvain: Data Protection Officer (GDPR) : dpo@uclouvain.be or consult UCLouvain intranet web pages: https://www.uclouvain.be/fr/myuclouvain/vie-privee
• UNamur: Data Protection Officer (GDPR): dpo@unamur.be or consult the GDPR Web pages: https://www.unamur.be/fr/vie-privee
• UMons: Data Protection Officer (GDPR): dpo@umons.ac.be or browser the GDPR UMONS Intranet pages: https://alumniumonsac.sharepoint.com/sites/Enquete/SitePages/Modeles-textes-RGPD_BON.aspx