Information security and data protection (GDPR)

Information security

Information security and data protection (GDPR)

As an employee, you must familiarise yourself with AU's policy and guidelines within information security and GDPR (data protection). Among other things, it is important that you as a researcher ensure that you store your files and research data correctly. You can contact Arts IT support if you have any questions about drive/file sharing.

You will find relevant material on information security, appropriate backup of files, etc. at

Read and comply with AU's rules for information security

9 good tips on how to look after information

As an employee and student at Aarhus University, you have a duty to know and comply with the rules for information security below. In addition, you must be familiar with the central information security policy.

Data protection and GDPR

Data protection/GDPR

As mentioned above, it is important to be know the laws and regulations on data protection/GDPR. On this site you will find information on precautions you should take in the different roles in the organisation.

You are expected to complete the online course offered in GDPR within the first 3 months of your employment.

Find information on this page about AU's rules for data processing agreements. Remember that data processing agreements must always be filed in Workzone.

Processing and storing data

See this matrix regarding AU's classification of data

See examples of systems on which you can save the different types of data. Exactly which system you should choose depends on your responsibilities. It may depend on the duty to record and file, functionality, how long the data must be stored, and which system is used for your specific tasks.
Ask your colleagues or your immediate supervisor if you are in doubt.


Panopto Yes Yes No No
Workzone Yes Yes Yes Yes
mitHR (HR) Yes Yes Yes Yes
U-drive (personal drive) Yes Yes No* No*
O-drive (shared drive) with limited log safety (standard) Yes Yes Yes No
O-drive (shared drive) with extended log safety (contact IT-support) Yes Yes Yes No*
STADS Yes Yes Yes Yes
TYPO3 Yes No No No
OneDrive Yes  Yes No* No*
Sharepoint Yes Yes No* No*
Outlook Yes Yes No No
Teams + Zoom Yes Yes No* No*
Other online Microsoft services Yes Yes No* No*
Survey-Xact Yes Yes Yes Yes
REDCap Yes Yes Yes Yes
Free Cloud services, e.g. Dropbox or Google drive** Yes No No No

Yes: You are ALLOWED to save/share data here
No: You are NOT ALLOWED to save/share data here
No*: Saving requires that the personal data has been PSEUDONYMISED

**AU has not assessed use of the individual cloud services. Therefore, you must ensure that the use complies with the terms of service that apply to the service in question. Please note that the use of cloud services may entail disclosure and/or a transfer covered by the rules on data protection.