Introduction

Informed consent
A focus area maturity model for privacy-by-design
You are invited to participate in a research study about privacy-by-design maturity. Please read this informed consent notice carefully before participating. Privacy-by-design is a paradigm that prescribes embedding privacy concerns in the life cycle of systems, processing activities, and data. Often this term is described as vague and there is no consensus on what privacy-by-design entails or how it should be applied in practice.
The goal of this study is to identify and classify the best privacy-by-design activities and consolidate them in a maturity model. This type of model can guide practitioners in determining what must be done and in what order so that privacy-by-design can be applied effectively.
Your participation in this study consists of completing a questionnaire as part of the evaluation of the model. You will perform the regular assessment which will include several additional questions about your opinion of the model, the assessment, and the resulting maturity results. Your answers to these questions will be used to further improve the model and support future research.
Your participation in this study is completely voluntary. You are not forced to participate and you may stop participating at any time, this will have no negative effects. There are no physical, legal, or economic risks tied to this research. There are no additional inducements or incentives apart from the maturity assessment results tied to your participation in this research.
The answers you provide during the assessment and evaluation questions will be stored and processed. The assessment questions ask for information regarding the privacy practices of your organisation while the evaluation questions ask for your opinion. We do not ask you to provide any personal data, all data is anonymised and will not be related to any specific person. Research data will be stored for 10 years following the policy framework for research data of Utrecht University.
This research study is conducted by researchers from Utrecht University. For questions or complaints regarding your data, you may contact the data protection officer of Utrecht University (privacy@uu.nl). For general questions or further information regarding this research, you can contact the researchers: