SD Apply detailed service description

HomeSD Apply Service Description

Public Detailed service description

Sensitive Data (SD) Apply is a CSC service for data controllers to manage data access permissions on their datasets stored in the Finnish Federated European Genome-phenome Archive (FEGA) or SD Submit. Data users can submit access requests to controlled access datasets. During the application process researchers must provide all the necessary information required by the data controllers to make their authorization decision.

Services for data controllers

Data controller nominates a Data Access Committee (DAC) for managing data access authorizations on the datasets in SD Apply. 

The service supports workflows for:

  • Approving access decisions based on applications
  • Logging of all access decisions for six years
  • Support for audit trail and annual reports
  • Necessary documentation and training for data controllers to use SD Apply as part of their daily work.

Services for end-users

  • SD Apply includes a catalog of data controller’s datasets that are made visible for end-users (researchers, teachers, students) to discover and apply access.
  • Once access has been granted, authorized datasets are made available in SD Desktop.

Certifications

None.

User content including personal data in the Service

This service is designed process special categories of personal data

User must evaluate whether this Service is suitable for their purpose. Please pay attention to special categories of personal data.

When CSC processes personal data in CSC’s services on behalf of the controller, we always require a personal data processing agreement.  The user creates the description of processing activities in MyCSC customer portal. Data Processing Agreement

Technical and organisational security measures for protection of personal data.

The Service do not assert ownership or any intellectual property rights to users or customers organisations’ content in the services.

Client’s responsibilities

User must follow all the Terms of Use that applies using the Service.

Client is also responsible for:

  • Information security
  • Nominating a Data Access Committee (DAC) to oversee data access authorization.
  • Providing necessary documents to enable data reuse, such as Data Access Agreement (DAA) and Data Transfer Agreement (DTA) and the application form and making them available in SD Apply 
  • Analyzing and reviewing applications submitted by data users, requesting any additional information necessary to make an access decision and granting access to datasets.
  • Ensuring that staff members involved in data access review are trained and competent in using the system.
  • Ensuring that the content they process in SD Apply complies with all applicable laws and regulations and that the provided information is accurate, good quality, comprehensive, and up-to-date.
  • Keeping the DAC information up-to-date. 

Service producer’s responsibilities

The service producer ensures that the service is available to customers as described in the service description. 

The service producer is responsible for producing and developing the Service.

Service producer

CSC – IT Center for Science Ltd.

Service provider

CSC – IT Center for Science Ltd.

Last updated

2025-06-13