Policy | TU Wien

The TU Wien sees itself as playing an important role in the expansion of knowledge and technology transfer of research results. It thus encourages innovation and ultimately benefits economy and society. A key to supporting academic research activities lies in the institution's ability to systematically manage, preserve and make available scientific output from different disciplines for reuse. In its Policy for Research Data Management, the TU Wien affirms the value of research data for research and teaching and the potential of their reuse by society.

PDF download Policy for Research Data Management at TU Wien, opens an external URL in a new window

The policy content

The TU Wien recognizes the fundamental importance of research data and the management of research data and records in maintaining quality research and scientific integrity, and is committed to state-of-the-art handling and management of research data. RDM policies are highly valuable to current and future researchers.

The TU Wien acknowledges that correct and easily retrievable research data are the foundation of and integral to research. They are necessary to verify and defend the process and results of research. Research data have a long-term value for research and academia, with the potential for widespread use in society.

This policy for the management of research data applies to all researchers active at TU Wien. The policy was approved by the Rectorate on 03.07.2018. In cases when research is funded by a third party, any agreements made with that party concerning intellectual property rights (IPR), access rights, exploitation rights and the storage of research data take precedence over this policy.

The TU Wien holds the right to use all data created or processed in the course of research work at the TU Wien for research purposes and commercial exploitation. In cases where a legal entity other than the TU Wien has the primary right of use under a contractual arrangement, the TU Wien shall be granted the rights of use required to ensure compliance with all applicable legal and contractual provisions. In cases where the IPR belong to the TU Wien, the TU Wien has the right to choose how to publish and share the research data.

Research data refer to all information (regardless of form or presentation) needed to support or validate the development, results, observations or findings of research work, including contextual information. Research data include all materials created in the course of academic work, e.g. through digitisation, records, source research, experiments, measurements, surveys and interviews. This includes software and code.

Research data management spans the entire life cycle of the research data: their planning, generation, analysis, evaluation, archiving, publication and eventual reuse by third parties. Besides documenting the research data, RDM includes specifying – and possibly storing – the equipment and software employed in producing them. Metadata should be captured together with the research data during the research process, since they facilitate the identification, interpretation and reuse of research data.

Research data should from the beginning be stored and maintained in appropriate systems and made available for use in a suitable repository (see 6.1. b). Research data must be provided with persistent identifiers within the repository.

It is important to preserve the integrity of research data and to comply with the FAIR principles. Research data must be stored in a correct, complete, unadulterated, and reliable manner. They must be findable, identifiable, accessible, traceable, interoperable and whenever possible reusable and replicable.

In compliance with intellectual property rights, and unless third-party rights, legal requirements, Rectorate decisions, other reasonable interests or property laws prohibit it, research data should be assigned an open use license.

Citation norms and requirements regarding publication and future research should be followed; data sources should be explicitly traceable in order for the original sources to be acknowledged.

Research data and records are to be stored and made available in accordance with intellectual property laws or the requirements of third-party funders as well as applicable legal or contractual requirements (e.g. EU restrictions on where identifiable personal data may be stored). Research data that may be of future historical interest and the records accompanying them should also be archived.

The minimum retention period for research data and records is 10 years after either the assignment of a persistent identifier or the publication of a related work following research completion, whichever is later.

In the event that research data and records are to be deleted or destroyed, either after expiration of the required retention period or for legal or ethical reasons, such action is to be carried out only after consideration of all legal and ethical perspectives. The following aspects must be taken into consideration when decisions are made about the retention or destruction of research data: interests and contractual provisions of third-party funders and other stakeholders, employees, and partner participants in particular, as well as confidentiality and security. Any decision taken must be documented.

The responsibilities for research data management during and after research lie with the TU Wien and its researchers, who should comply with widely recognized national and international codes for the responsible conduct of research. The TU Wien and its researchers should become aware of their responsibilities as follows.

Researchers are responsible for

Managing research data in adherence with the principles and requirements expressed in this policy; this also includes defining responsibilities for joint research;
Collecting, documenting, storing, archiving, providing access to or ensuring the proper destruction of research data and records;
Completing and updating data management plans (DMPs) that explicitly define the approach to matters of research data collection, administration, integrity, confidentiality, storage, use and publication;
Ensuring compliance with
- all organisational, regulatory, institutional and other contractual and legal requirements with regard to both research data and records,
- the “Code of Conduct – Rules to Ensure Good Scientific Practice” (Regeln zur Sicherung guter wissenschaftlicher Praxis)
- the “Code of Conduct for third-party gifts”,
- the “Richtlinie Datenschutz und Informationssicherheit”;
Registering new research at the proposal stage in the TISS Project Database in order to ensure appropriate institutional support.

The TU Wien is responsible for

Providing the means and resources for research support, ensuring ongoing access to services and infrastructures, and providing employee education and training according to financial possibilities;
Supporting established scientific practices from the beginning through e.g. DMPs, providing training, education and support for researchers in compliance with regulations, third-party contracts for research grants, university statutes, codes of conduct and other relevant guidelines; encouraging the integration of good practices of research data management in education to strengthen the research data management expertise of early-stage researchers;
Designing and deploying mechanisms and services for the storage, safekeeping, registration and deposition of research data to support current and future access to research data during and after the completion of research activities;
According to financial possibilities providing information on, or access to, services and infrastructures for the storage, safekeeping and archiving of research data and records, enabling researchers to exercise their responsibilities (as outlined above) and to comply with obligations to third-party funders or other legal entities;
Communicating its commitment to the principles of research ethics and scientific integrity and ensuring their implementation at the TU Wien; raising awareness of the importance of research data management;
Ensuring compatibility of this policy with data protection regulations.

This policy will be reviewed and updated as required by the Rectorate of the TU Wien every three years. In case of legal or regulatory changes, the review of this policy can take place at an earlier point in time.

Research

is any creative work undertaken on a systematic basis in order to increase the stock of knowledge, including knowledge of man, culture and society, and the use of this stock of knowledge to devise new applications.

Researchers

are all members of TU Wien, specifically employees and doctoral candidates, who conduct research. Persons not directly affiliated to TU Wien who are conducting research on TU Wien premises or using TU Wien facilities are also included in the term. Visiting researchers or collaborators are also expected to comply with the policy.

Third parties

are natural or legal persons, public authorities, institutions or other entities that are not affiliated to TU Wien.
Research data
refer to all information (regardless of form or presentation) needed to support or validate the development, results, observations or findings of research work, including contextual information. Research data include all materials created in the course of academic work, e.g. through digitisation, records, source research, experiments, measurements, surveys and interviews. This includes software and code. Research data can be classified as
•   raw or primary data: information recorded as notes, images, video footage, paper surveys, computer files etc.,
•   processed data: analyses, descriptions and conclusions in the form of reports or papers, and
•   published data: information distributed to others than those involved in data acquisition and administration.

Metadata

is descriptive or contextual information associated with publications and research data to assist in their identification, location and retrieval by users, while facilitating content and access management. Metadata usually takes the form of a structured set of elements.

Persistent identifiers

are identifiers attached to publications and research data that make them easier to link to and find. They must be unique and remain associated with the correct version of the publication or research data. Ideally, they provide access to digital objects through a resolver service, as digital object identifiers (DOIs) and handles do.

The FAIR principles

provide a framework to ensure that research data can be effectively reused. FAIR stands for Findable, Accessible, Interoperable and Reusable.

Data management plans (DMPs)

are living documents that describe how research data will be managed during their life cycle. DMPs should state what research data will be created and how, as well as outlining plans for sharing and preserving them. Any restrictions on access to research data should be noted along with mechanisms to protect unauthorised access. In the event that research data and records are to be deleted or destroyed, the DMP should specify the person(s) responsible for taking and carrying out that decision, the storage location of the deletion process documentation, the person(s) responsible for preserving this documentation and the basis of the decision. Ideally, DMPs should be delivered in a machine-actionable format.

Recommendations for open use licensing

The license is selected according to the type of data and in order to label the research data and facilitate their utilization. An example for a source code license would be the GNU General Public License (GPL). For all other kinds of research data, Creative Commons Attribution (CC BY) licenses can be used. Research data which are not subject to any copyright restrictions should be clearly marked as such with e.g. the Creative Commons Public Domain Mark.

Name	Purpose	Lifetime	Type	Provider
CookieConsent	Saves your settings for the use of cookies on this website.	1 year	HTML	Homepage TU Wien
SimpleSAML	This is needed to distinguish between the sessions of the logged-in users.	session	HTTP	Login TU Wien
SimpleSAMLAuthToken	This is needed to distinguish between the sessions of the logged-in users.	session	HTTP	Login TU Wien
fe_typo_user	Is needed so that in case of a Typo3 frontend login the session ID is recognized to grant access to protected areas.	session	HTTP	Homepage TU Wien
staticfilecache	Is needed to optimize the delivery time of the website.	session	HTTP	Homepage TU Wien
JESSIONSID	Is needed so that in case of a LectureTube the session ID is recognized to grant access to protected areas.	session	HTTP	LectureTube TU Wien
_shibsession_lecturetube	This is needed to distinguish between the sessions of the logged-in users.	session	HTTP	LectureTube TU Wien

Name	Purpose	Lifetime	Type	Provider
_pk_id	Used to store a few details about the user such as the unique visitor ID.	13 months	HTML	Matomo TU Wien
_pk_ref	Is used to store the information of the users home website.	6 months	HTML	Matomo TU Wien
_pk_ses	Is needed to store temporary data of the visit.	30 minutes	HTML	Matomo TU Wien
nmstat	Is used to record the behaviour on the website. It is used to collect statistics about website usage, such as when the visitor last visited the website. The cookie does not contain any personal data and is only used for website analysis.	1000 days	HTML	Siteimprove
siteimproveses	Is used to track the sequence of pages that a visitor views during his/her visit to the website. The cookie does not contain any personal data and is used solely for website analysis.	session	HTTP	Siteimprove
AWSELB	Always occurs in pairs with siteimproveses (for load balancing on the provider server)	session	HTTP	Siteimprove

Name	Purpose	Lifetime	Type	Provider
_ga	Is needed to distinguish the sessions of the users from each other.	persistent	HTTP	Google Analytics
_gali	Is needed to determine which links are clicked on a page.	expires immediately	HTTP	Google Analytics
_gat	This is a function-related cookie, whose tasks may differ.	2 years	HTTP	Google Analytics
_gid	Is needed to distinguish users and create statistics.	24 hours	HTTP	Google Analytics
_gads	Required to enable websites to display advertising from Google, including personalized advertising.	13 months	HTTP	Google Analytics
_gac_	Required by advertisers to measure user activity and the performance of their advertising campaigns.	90 days	HTTP	Google Analytics
_gcl_	Required by advertisers to determine how often users who click on their ads end up taking an action on their website.	90 days	HTTP	Google Analytics
_gcl_au	Contains a randomly generated user ID.	90 days	HTTP	Google
_gcl_aw	Is set when users click on a Google ad on the website and contains information about which ad was clicked.	90 days	HTTP	Google
__utma	Is used to record visits and visitors.	2 years	HTTP	Google Analytics
__utmb	Is used to detect new visits.	30 minutes	HTTP	Google Analytics
__utmc	Is used in connection with __utmb to determine whether it is a new (recent) visit.	session	HTTP	Google Analytics
__utmd	Is used to store and track visitor journeys through the site and classifies them into groups (marketing/tracking).	1 second	HTTP	Google Analytics
__utmt	Is needed to limit the query rate on Google Analytics.	10 minutes	HTTP	Google Analytics
__utmz	Is needed to determine from which source/campaign visitors come.	6 months	HTTP	Google Analytics
__utmvc	Is needed to collect information about user behavior on multiple websites. This information is used to optimize the relevance of advertising on the website.	24 hours	HTTP	Google AdSense
utm_source	Is needed to tag URLs with parameters to identify the campaigns that forward traffic.	expires immediately	HTTP	Google Analytics
__utm.gif	Is needed to save browser details.	session	HTTP	Google Analytics
gtag	Is needed to perform remarketing.	30 days	HTTP	Google AdSense
id	Is needed to perform remarketing.	2 years	HTTP	Google AdWords
1P_JAR	Is needed to optimize advertising, provide ads that are relevant to users, improve campaign performance reports, or prevent users from seeing the same ads more than once.	2 years	HTTP	Google
AID	Is needed to activate targeted advertising.	2 years	HTTP	Google Analytics
ANID	Is needed to display Google ads on non-Google websites.	2 years	HTTP	Google AdSense
APISID	Unknown functionality	2 years	HTTP	Google Ads Optimization
AR	Is needed to profile visitors' interests and display relevant ads on other websites. This cookie works by uniquely identifying your browser and device.	2 years	HTTP	Google AdSense
CONSENT	Is needed to store the preferences of visitors and personalize advertising.	persistent	HTTP	Google
DSID	Is needed by DoubleClick for advertising displayed in various places on the web and used to store the preferences of users.	2 years	HTTP	Doubleclick
DV	Is needed to store user preferences and other information. This includes, in particular, the preferred language, the number of search results to be displayed on the page, and the decision whether or not to activate the Google SafeSearch filter.	2 years	HTTP	Google
HSID	Contains the Google account ID and the last login time of the user.	2 years	HTTP	Google
IDE	Is needed by DoubleClick to record and report the actions of users on the website after viewing or clicking on one of the provider's ads, with the purpose of measuring the effectiveness of an advertisement and displaying targeted advertisements to users.	2 years	HTTP	Doubleclick
LOGIN_INFO	Is used to store the credentials of users of Google services.	2 years	HTTP	Google
NID	Is used to store information about user settings.	6 months	HTTP	Google
OTZ	Is needed to link activities of visitors with other devices that are previously logged in via the Google account. In this way, advertising is tailored to different devices.	1 month	HTTP	Google
RUL	Is needed by DoubleClick to determine whether advertising has been displayed correctly in order to make marketing activities more efficient.	1 year	HTTP	Doubleclick
SAPISID	Is needed by YouTube to store user settings and to calculate user bandwidth.	persistent	HTTP	Google
SEARCH_SAMESITE	Enables servers to mitigate the risk of CSRF and information leakage attacks by specifying that a particular cookie may only be sent on requests originating from the same registerable domain.	6 months	HTTP	Google
SID	Contains the Google account ID and the last login time of the user.	2 years	HTTP	Google
SIDCC	Is needed to store information about user settings and information for Google Maps.	3 months	HTTP	Google
SSID	Is needed to collect visitor information for videos hosted by YouTube on Google Maps integrated maps.	persistent	HTTP	Google
__SECURE-1PAPISID	Is needed for targeting purposes to create a profile of the interests of website visitors.	2 years	HTTP	Google
__SECURE-1PSID	Is needed for targeting purposes to create a profile of the interests of website visitors.	2 years	HTTP	Google
__SECURE-3PAPISID	Is needed for targeting purposes to create a profile of the interests of website visitors.	2 years	HTTP	Google
__SECURE-3PSID	Is needed for targeting purposes to create a profile of the interests of website visitors.	2 years	HTTP	Google
__SECURE-3PSIDCC	Is needed for targeting purposes to create a profile of the interests of website visitors.	2 years	HTTP	Google
__SECURE-APISID	Is needed to profile the interests of website visitors in order to display relevant and personalized advertising through retargeting.	8 months	HTTP	Google
__SECURE-HSID	Is needed to secure digitally signed and encrypted data from the unique Google ID and to store the last login time that Google uses to identify visitors, prevent fraudulent use of login data, and protect visitor data from unauthorized parties. This may also be used for targeting purposes to display relevant and personalized advertising content.	8 months	HTTP	Google
__SECURE-SSID	Is needed to store information about how visitors use the site and about the ads they may have seen before visiting the site. Also used to customize ads on Google domains.	8 months	HTTP	Google
test_cookie	Is set as a test to check whether the browser allows cookies to be set. Does not contain any identification features.	15 minutes	HTTP	Google
VISITOR_INFO1_LIVE	Is needed by YouTube to store user settings and to calculate user bandwidth.	6 months	HTTP	Youtube
facebook	Is used to Enable ad delivery or retargeting	90 days	HTTP	Meta (Facebook)
__fb_chat_plugin	Is needed to store and track interactions (marketing/tracking).	persistent	HTTP	Meta (Facebook)
_js_datr	Is needed to save user settings.	2 years	HTTP	Meta (Facebook)
_fbc	Is needed to save the last visit (marketing/tracking).	2 years	HTTP	Meta (Facebook)
fbm	Is needed to store account data (marketing/tracking).	1 year	HTTP	Meta (Facebook)
xs	Is needed to store a unique session ID (marketing/tracking).	1 year	HTTP	Meta (Facebook)
wd	Is needed to log the screen resolution.	1 week	HTTP	Meta (Facebook)
fr	Is needed to serve ads and measure and improve their relevance.	3 months	HTTP	Meta (Facebook)
act	Is needed to store logged in users (marketing/tracking).	90 days	HTTP	Meta (Facebook)
_fbp	Is needed to store and track visits to various websites (marketing/tracking).	3 months	HTTP	Meta (Facebook)
datr	Is needed to identify the browser for security and website integrity purposes, including account recovery and identification of potentially compromised accounts.	2 years	HTTP	Meta (Facebook)
dpr	Is used for analysis purposes. Technical parameters are logged (e.g. aspect ratio and dimensions of the screen) so that Facebook apps can be displayed correctly.	1 week	HTTP	Meta (Facebook)
sb	Is needed to store browser details and security information of the Facebook account.	2 years	HTTP	Meta (Facebook)
dbln	Is needed to store browser details and security information of the Facebook account.	2 years	HTTP	Meta (Facebook)
spin	Is needed for promotional purposes and social campaign reporting.	session	HTTP	Meta (Facebook)
presence	Contains the "chat" status of logged in users.	1 month	HTTP	Meta (Facebook)
cppo	Is needed for statistical purposes.	90 days	HTTP	Meta (Facebook)
locale	Is needed to save the language settings.	session	HTTP	Meta (Facebook)
pl	Required for Facebook Pixel.	2 years	HTTP	Meta (Facebook)
lu	Required for Facebook Pixel.	2 years	HTTP	Meta (Facebook)
c_user	Required for Facebook Pixel.	3 months	HTTP	Meta (Facebook)
bcookie	Is needed to store browser data (marketing/tracking).	2 years	HTTP	LinkedIn
li_oatml	Is needed to identify LinkedIn members outside of LinkedIn for advertising and analytics purposes.	1 month	HTTP	LinkedIn
BizographicsOptOut	Is needed to save privacy settings.	10 years	HTTP	LinkedIn
li_sugr	Is needed to store browser data (marketing/tracking).	3 months	HTTP	LinkedIn
UserMatchHistory	Is needed to provide advertising or retargeting (marketing/tracking).	30 days	HTTP	LinkedIn
linkedin_oauth_	Is needed to provide cross-page functionality.	session	HTTP	LinkedIn
lidc	Is needed to store performed actions on the website (marketing/tracking).	1 day	HTTP	LinkedIn
bscookie	Is needed to store performed actions on the website (marketing/tracking).	2 years	HTTP	LinkedIn
X-LI-IDC	Is needed to provide cross-page functionality (marketing/tracking).	session	HTTP	LinkedIn
AnalyticsSyncHistory	Stores the time when the user was synchronized with the "lms_analytics" cookie.	30 days	HTTP	LinkedIn
lms_ads	Is needed to identify LinkedIn members outside of LinkedIn.	30 days	HTTP	LinkedIn
lms_analytics	Is needed to identify LinkedIn members for analytics purposes.	30 days	HTTP	LinkedIn
li_fat_id	Required for indirect member identification used for conversion tracking, retargeting and analytics.	30 days	HTTP	LinkedIn
U	Is needed to identify the browser.	3 months	HTTP	LinkedIn
_guid	Is needed to identify a LinkedIn member for advertising via Google Ads.	90 days	HTTP	LinkedIn

Policy for Research Data Management at TU Wien

The policy content

1. PREAMBLE

2. SCOPE

3. RIGHTS OF USE

4. RESEARCH DATA AND RESEARCH DATA MANAGEMENT

5. HANDLING RESEARCH DATA

6. RESPONSIBILITIES, RIGHTS AND DUTIES