For best experience please turn on javascript and use a modern browser!
You are using a browser that is no longer supported by Microsoft. Please upgrade your browser. The site may not present itself correctly if you continue browsing.

During the research

In addition to complying with laws and regulations, good research data management has further advantages during your research project.

Safety Loss or unauthorised use of your data is minimised and you can securely share data with others.
Organisation Clear file structures and metadata standards provide a better overview and searchability of your data, in particular when working in a team.
Impact Publication, reuse and citation of your data contribute to the impact and verifiability of your research.

Opslaan van onderzoeksdata
Opslaan van onderzoeksdata (for subtitle choice click cc)
Organiseren en beschrijven van onderzoeksdata
Organiseren en beschrijven van onderzoeksdata (for subtitle choice click cc)

Storage & Security instructions  for research data

According to the Humanities Research Data Management Protocol (see: FGw RDM Protocol), researchers are responsible to comply with the statutory requirements when storing and sharing research data. The following provides information on UvA storage facilities and security measures to protect research data. 

  • Cloud storage for research data

    The UvA provides access via the UvA account to the personal and group storage options listed here.





    Research Drive*

    For who?




    Research groups





    on demand


    Microsoft (MS)

    Microsoft (MS)



    Server location





    * Request via ICT Servicedesk. More info about Research Drive: UvA and SURF.

    Further information on UvA storage facilities

    For secure sending and receiving of files use SURFfilesender (also with externals).

    Advantages of UvA cloud storage

    • Data cannot be lost due to hardware damage / loss / theft

    • Data can be accessed from any computer worldwide via web browser (with UvA account and two-factor authentication)

    • Can be synchronised with one or more local devices

    • Multiple sharing options with users within or outside of the UvA

    • Version history which allows to restore previous versions of a file

    • Recycle bin which stores deleted files up to a certain amount of days


    Third-party cloud services & external storage devices

    You are not advised to store research data on third-party cloud services, such as Dropbox or GoogleDrive. The reason is that there will be no control over who can access the data. For personal data, you cannot ensure that they are handled according to the privacy law.

    It’s not recommended to store data (only) on internal or external hard drives, nor on USB devices, because they can get easily lost, stolen or damaged.

  • Security measures


    • Never leave your device unattended.

    • Lock your device (Windows key + L), even when leaving for a brief period of time.

    • Outside the UvA use UvAVPN. Click here for more information.

    • As soon as you notice any UvA (storage) device is stolen or missing, immediately contact the IT department at or outside of office hours.

    • More information about general security measures can be found here.

    UvA-managed devices

    If you are using an UvA-managed computer or laptop, basic security measures are already in place.

    Self-managed devices

    Self-managed devices refer here to private devices which are used for research data and also devices purchased, but not managed, by the UvA, such as Mac or Linux devices for example.

    • Encrypt your computer’s internal hard disk
      Windows:           Bitlocker  (for staff members: upgrade to Windows 10 Education)
      Mac:                    Filevault
    • Make sure your computer is set up with basic security: anti-malware software, a firewall, and the most recent software updates.
    • Use a unique and strong password
      Minimum 12 characters with 1 digit, 1 upper case letter, 1 lower case letter, and 1 special character. Click here for the complete password requirements.
    • Information on protecting smartphones and tablets can be found here.

    Extra measures for personal data

    • Use extra encryption, such as VeraCrypt.
    • Pseudonymise personal data as soon as possible. Store the pseudonymisation key securely and at a location different from the personal data. Ensure that only the principal investigator has access to the key.
    • With commissioning parties, only share anonymised data. If this proves impossible, sign a data processing agreement with the third party. Contact your faculties’ privacy officer to assistance.
    • A data protection impact assessment (DPIA) may be necessary. The DPIA tool is used to identify privacy risks for data subjects in advance and to take mitigating measures to reduce these risks. The UvA is not required to carry out a DPIA for all processing activities. However, a DPIA is compulsory if it is likely that a processing activity will expose data subjects to a significant privacy risk – for example, if special personal data are being processed on a large scale. Contact your faculties’ privacy officer to assistance.
    • Apply for Ethics Review. More information about the Humanities Ethics Committee and their procedure:
  • Support

    Faculty Security Officer

    Silvain Smit

    Faculty Privacy Officer

    Kasper de Bruijn

    Faculty Data Steward

    Hanna Fricke

    Secretary of the Ethics Committee

    Gea Lindeboom

Further information on UvA storage facilities