RNA data for EGAS00001004660

• US DUO:0000026 (version: 2019-01-07)user specific restrictionThis data use modifier indicates that use is limited to use by approved users.

Data Transfer Agreement for the German Cancer Research Center

Data Transfer Agreement of Human Genomic Data for Research PurposesBetween:(1)Deutsches Krebsforschungszentrum (DKFZ), Stiftung des öffentlichen Rechts, legally represented by its Directors, Prof. Dr. med. Dr. h.c. mult. Otmar D. Wiestler and Prof. Dr. rer. pol. Josef Puchta Im Neuenheimer Feld 280, D-69120 Heidelberg, Germany (“PROVIDER“) and(2)[INSERT INSTITUTION DETAILS] (“RECIPIENT”).1PreamblePublic genetic sequence databases are a critical part of our academic biomedical research infrastructure. However, human genetic data should only be made public if we can adequately protect the privacy of research subjects. Individual genomic sequence data are sensible patient data and any attempt to re-identify such data is forbidden under any circumstances. Our efforts to understand disease susceptibility or therapeutic opportunity require access to large genomic data sets. Therefore, the special privacy challenges posed by genomic data are addressed by PROVIDER with this Agreement.In response to the RECIPIENT's request for access to the DATA (as defined below), PROVIDER and the RECIPIENT agree as follows:2Definitions“DATA” shall mean all and any human genetic data obtained by the RECIPIENT from the PROVIDER including the Data Subjects’ e.g. age, sex and tumor pathology (as listed in Annex 2). For the avoidance of doubt, Data does not include samples or biological materials;“DATA SUBJECT” shall mean the person (irrespective of the state of health) to whom Data refers and who has been informed of the purpose for which the Data is held and has given his/her informed consent thereto;“COMMERCIAL PURPOSES” shall mean the sale, lease, license, or other transfer and/or the use of the DATA to and/or by a for-profit organization. However, industrially sponsored academic research shall not be considered a use of the DATA for Commercial Purposes per se.“INTELLECTUAL PROPERTY” shall mean (i) patents, designs, trademarks and trade names (whether registered or unregistered), copyright and related rights, database rights, know-how and confidential information; (ii) all other intellectual property rights and similar or equivalent rights (whether registered or unregistered and whether registrable or unregistrable) anywhere in the world which currently exist or are recognized in the future; and (iii) applications, extensions and renewals in relation to any such rights;“RECIPIENT SCIENTIST” shall mean a researcher (or an individual conducting Research under the supervision of a researcher) that is employed by the RECIPIENT and is bound by confidentiality and non-use obligations in respect of DATA and who has accepted the terms of this Agreement in writing (however, for the avoidance of doubt, without being a party to this Agreement) and has received acknowledgement of its acceptance. For the avoidance of doubt and without having explicitly accepted the terms of this Agreement in writing, “RECIPIENT SCIENTIST” may also include any other RECIPIENT’s employees, students, visiting academics, contractors, sub-contractors or independent consultants provided that any of such latter individuals is bound by confidentiality and non- use obligations no less onerous then those binding the RECIPIENT’s employees;“RESEARCH” shall mean research that is seeking to advance the understanding and treatment of cancer and closely related diseases, and work on statistical methods that may be applied to such research;“PROJECT” shall mean a detailed description as in Annex 3;3Purpose of the ProjectThe RECIPIENT agrees to use DATA only for RESEARCH as described in the purpose of the PROJECT (Annex 3).4ConfidentialityThe RECIPIENT agrees to preserve, at all times, the confidentiality of DATA pertaining to DATA SUBJECTs. In particular, the RECIPIENT undertakes not to use, or attempt to use the DATA to deliberately compromise or otherwise infringe the confidentiality of information on DATA SUBJECTs and their respective rights to privacy.5DATA ProtectionThe Recipient and its RECIPIENT SCIENTIST are covered by and the RECIPIENT shall, and shall procure that its RECIPIENT SCIENTISTS shall, comply with the obligations contained in the applicable German and EU data protection laws and regulations as amended from time to time. In particular, the RECIPIENT and its RECIPIENT SCIENTISTs inter alia understands, and shall procure that its RECIPIENT SCIENTISTs understand, their duties under the German and EU legislation in relation to the handling of DATA and the rights of DATA SUBJECTs.The RECIPIENT agrees that it, and its RECIPIENT SCIENTISTs, shall not analyze or make any use of the DATA in such a way that has the potential to:a) lead to the re-identification of any DATA SUBJECT; orb) compromise the anonymity of any DATA SUBJECT in any way.The RECIPIENT shall, and it shall procure that its RECIPIENT SCIENTISTS shall, adhere to the principles of IT-Security as set forth in Annex 1 hereto.6Access and GovernanceThe RECIPIENT agrees that it shall take all (commercially) reasonable security precautions to keep the DATA confidential, such precautions to be no less onerous than in the applicable German and EU data protection laws and regulations.The RECIPIENT agrees to use the DATA solely for RESEARCH in the frame of the purpose of the PROJECT.The RECIPIENT agrees that the DATA shall not be distributed or released to any other location and/or to any other person other than RECIPIENT SCIENTISTs or laboratory personnel under the RECIPIENT SCIENTISTs direct supervision. RECIPIENT does not have the right to sublicense the DATA. RECIPIENT shall inform PROVIDER about any third party requests for the DATA.PROVIDER reserves the right to request and inspect DATA security and management documentation at the RECIPIENT’s premises to ensure the adequacy of DATA protection measures with prior notice during the RECIPIENT’s ordinary working hours.DATA shall not be used for COMMERCIAL PURPOSES (e.g. diagnostic services). In case of intended commercial use of DATA, the RECIPIENT shall start negotiations in good faith leading to a fair market compensation of PROVIDER. Such a disclosure of DATA shall require a binding declaration of consent in writing from the person concerned.7ErrorsThe RECIPIENT agrees to notify the PROVIDER of any errors detected in the DATA without undue delay.8DATA reissueThe RECIPIENT accepts that PROVIDER will reissue DATA from time to time, with suitable versioning. If DATA is reissued at the request of the DATA SUBJECT and/or as the result of other ethical scrutiny, the RECIPIENT agrees to destroy all earlier versions of the DATA without undue delay once he has received such information. This shall not apply to the extent that DATA is saved in automatic back-up systems for which destruction shall follow the regular process of such back-up system, however, such DATA shall be eliminated within a period of four (4) weeks after reception of the respective request to do so or within a period of four (4) weeks upon termination in accordance with this Agreement.9INTELLECTUAL PROPERTYThe RECIPIENT recognizes that nothing in this Agreement shall operate to transfer to the RECIPIENT or its RECIPIENT SCIENTISTs any INTELLECTUAL PROPERTY rights in or relating to the DATA, i.e. ownership of DATA remains unchanged. The RECIPIENT does not have the right to sublicense the DATA. The RECIPIENT shall inform PROVIDER about any third party requests for the DATA.In case the RECIPIENT and its RECIPIENT SCIENTISTs developsINTELLECTUAL PROPERTY based on or related to DATA as set forth in this Agreement the RECIPIENT shall become owner of such results.The RECIPIENT will inform PROVIDER about all developed INTELLECTUAL PROPERTY based on or related to DATA as set forth in this Agreement without undue delay in writing. The RECIPIENT grants PROVIDER a non-exclusive, non-transferable, royalty-free, perpetual, non-sublicensable right to use such developed INTELLECTUAL PROPERTY for internal research purposes including collaborations with any third parties excluding any COMMERCIAL PURPOSES.10PublicationsThe RECIPIENT agrees to acknowledge in any PROVIDER’s work based in whole or part on the DATA, any PROVIDER publications which encompass and from which DATA derive, the respective version of the DATA obtained, and the role of PROVIDER. The RECIPIENT is also entitled to release publications and, in doing so, agrees to acknowledge any of PROVIDER’s work based in whole or part on the DATA in its publication. The RECIPIENT will also declare in any such work that PROVIDER and its employees bear no responsibility for the further analysis or interpretation of the DATA by the RECIPIENT. 11Violation/Termination of AgreementThis Agreement shall expire automatically three (3) years after its signature by both parties.This Agreement will terminate immediately upon any material breach of a provision of this Agreement.The RECIPIENT accepts that the changing ethical framework of human genetic research may lead to: (i) alteration to the provisions of this Agreement, in which case the RECIPIENT may accept such alterations or terminate this Agreement; or (ii) the withdrawal of this Agreement in extreme circumstances.Either party shall have the right to terminate this Agreement with immediate effect upon giving written notice of termination to the other party.In the event that this Agreement is expired the RECIPIENT is required to destroy/discard any Data held, including but not limited to copies and backup copies. This shall not apply to the extent that DATA is saved in automatic back-up systems for which destruction shall follow the regular process of such back-up system, however, such DATA shall be eliminated within a period of four (4) weeks after the date of termination. Upon request of PROVIDER, the RECIPIENT will certify the destruction of the DATA. Sections 4, 5, 9 and 10 of this Agreement remain in full force and effect in case of termination.Notwithstanding the aforementioned, any provision of this Agreement related to confidentiality and/or DATA protection shall survive the expiration of this Agreement to the extent applicable statutory law provides for a deviating period of validity and effectiveness.Nothing contained in this paragraph shall restrict the right of the PROVIDER to seek injunctive relieve to prevent any breach or threatened breach of this agreement, furthermore nothing contained in this paragraph shall prohibit the PROVIDER from pursuing any other remedies available to it for such breach or threatened breach, including the recovery of damages from RECIPIENT. 12CostsThe RECIPIENT acknowledges that PROVIDER shall incur costs in providing the DATA to the RECIPIENT, including but not limited to administrative costs and the cost of obtaining appropriate data storage devices. The RECIPIENT agrees to pay, at the request of PROVIDER, such reasonable costs as PROVIDER may incur in providing the DATA, within thirty (30) days after having received an invoice by PROVIDER consistent with the current provisions of the German VAT Act (Umsatzsteuergesetz - UStG) as amended from time to time.13Legal statementThe RECIPIENT acknowledges that PROVIDER and all other parties involved in the creation, funding or protection of the DATA:a)make no warranty or representation, express or implied as to the accuracy, quality or comprehensiveness of the DATA; andb)Except to the extent prohibited by law, the RECIPIENT assumes all liability for damages which may arise from its use, storage or disposal of the DATA. PROVIDER will not be liable to the RECIPIENT for any loss, claim or demand made by the RECIPIENT, or made against the RECIPIENT by any other party, due to or arising from the use of the data by the RECIPIENT, except to the extent permitted by law when caused by the gross negligence or willful misconduct of PROVIDER. The RECIPIENT understands that all the DATA are protected by INTELLECTUAL PROPERTY rights, such that duplication or sale of all of or part of the DATA on any media is not permitted under any circumstances, except with the prior written consent of PROVIDER.In no event shall PROVIDER be liable for any use by RECIPIENT of the PROVIDER DATA or any loss, claim, damage or liability, of whatsoever kind of nature, which may arise from or in connection with this agreement or the use, handling or storage of the PROVIDER DATA or derived from PROVIDER DATA by the RECIPIENT.14Governing LawThis Agreement (and any dispute, controversy, proceedings or claim of whatever nature arising out of this Agreement or its formation) shall be construed, interpreted and governed by the laws of Germany excluding its conflict of law rules and shall be subject to the exclusive jurisdiction of the competent courts in Mannheim.PROVIDER complies with the requirements of the applicable German (LDSG / BDSG) and EU data protection laws and regulations with regard to the collection, storage, processing and disclosure of personal information and is committed to upholding the Act's core data protection principles. AGREED by the parties through their authorised signatoriesPROVIDER:AuthorisedSignature:Name:Prof. Dr. Michael Boutros (interim)Title:Scientific DirectorDate:AuthorisedSignature:Name:Prof. Dr. Josef PuchtaTitle:Administrative DirectorDate:PROVIDER scientist acknowledges the contents of this Agreement and confirms that the DATA SUBJECT's declarations of consent for the provided DATA as set forth in Annex 2 are in full force and effect and allow the DATA transfer to the RECIPIENT: Signature:Name:Title:Date:RECIPIENT INSTITUTION:AuthorisedSignature:Name:Title:Date:RECIPIENT SCIENTIST:The RECIPIENT SCIENTIST acknowledges the contents of this Agreement and agrees to comply with the obligations herein. For the avoidance of doubt the RECIPIENT SCIENTIST is not a party to this Agreement. (see Annex 1 for further reading and information)Signature:Name:Title:Date:Email: Annex 1 toData Transfer Agreement of Human Data for Research Purposes IT SecurityAccess to Data covered by this Data Transfer Agreement is a procedure that entails legal and ethical obligations. We require that you and your institution has adequateinformation technology (IT) policies in place that meet industry standards and include, in particular, the following items:Should personal data be automatically processed or used, this shall be organised within the agency or company to ensure that it meets data protection requirements. Depending on the type of personal data or data categories to be protected, the measures taken shall, 1. Deny unauthorized access to data processing facilities in which personal data is processed or used (physical access controls),2. Prevent unauthorised persons from using data processing systems (access controls),3. Ensure that authorised users only have access to the data to which they have access rights, and that personal data cannot be read, copied, modified or deleted by unauthorised persons during processing or use, and after storage (user-access control),4. Ensure that personal data cannot be read, copied, modified or deleted by unauthorised persons during electronic transmission or during their transport or their storage on data carriers, and that it can be verified and established at which points a transmission of personal data by data transmission equipment (transmission control) is foreseen,5. Ensure that it can be subsequently verified and established whether and by whom personal data are entered, modified or deleted in the data processing systems (input control),6. Ensure that personal data which are processed on behalf of clients can be processed only in accordance with the instructions of the client (job control),7. Ensure that personal data are protected against accidental destruction or loss (availability control),8. Ensure that data collected for different purposes can be processed separately.One measure, in particular, to be taken in compliance with paragraph 2, numbers 2-4, is the use of state-of-the-art encryption methods.In the event that the Recipient becomes aware that there has been a breach or suspected breach of the agreement, the Recipient shall immediately notify PROVIDER by telephone followed by written notice.6.RECIPIENT SCIENTIST:Signature:Name:Title:Date:Email: Annex 2 toData Transfer Agreement of Human Data for Research Purposes Data Annex 3 toData Transfer Agreement of Human Data for Research Purposes Purpose of the Project Please send completed forms to:PROVIDERDKFZOffice of Technology Transfer, T010Im Neuenheimer Feld 28069120 Heidelberg/Germany