In the Preliminary opinion (p. 12), European Data Protection Supervisor has expressed the view that exceptions to data protection apply only to research carried out ethically. Therefore, when processing personal data, it is necessary to respect the principles of both research ethics and data protection.
The European Code of Conduct for Research Integrity was adopted in Europe in 2017. It is a “guide to researchers in their work as well as in their engagement with the practical, ethical and intellectual challenges inherent in research”. The code describes the fundamental principles and violations of research integrity.
In Estonia, the general principles of research integrity have been agreed upon in the Estonian Code of Conduct for Research Integrity, which deals with the same issues as this guide. The ethical and legal obligations largely overlap, but in some individual matters, more ethical obligations may be imposed on the researcher, while in other cases, more exceptions may apply. The following chapters describe the Code of Conduct for Research Integrity, which is directly related to the processing of personal data, particularly consent, information, access and data retention.