The aim of this Guide is to set out practical advice and scenarios to illustrate the ways data creators and managers may encounter issues related to UK GDPR, and how they may be mitigated. This includes both ensuring compliance with the legislation and understanding the implications for current and future research for archaeology.
We hope the Guide is a starting point for wider conversations about how to introduce more complexity and nuance into the handling of personal data. In its most narrow application, GDPR strips archives of all such data. This approach may legally be the simplest means of navigating GDPR, but TETRARCHs has demonstrated it leads to significantly denuded archives with limited reuse value. In contrast, careful attention to informed consent, and continued innovation with flexible models of data stewardship, can ensure rights holders, data users and other responsible parties are protected, whilst also populating archaeological archives with datasets that are sufficiently rich and diverse to ensure reuse.
This Guide provides general information and best practice for the archaeological sector; it does not constitute legal advice. Please consult a qualified professional for specific GDPR compliance requirements.