The General Data Protection Regulation (GDPR) is the privacy and security law edited by European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU, if you process the personal data of EU citizens or residents, or you offer goods or services to such people, then the GDPR applies to you even if you’re not in the EU.

The fines for violating the GDPR are very high. There are two tiers of penalties, which max out at €20 million or 4% of global revenue (whichever is higher), plus data subjects have the right to seek compensation for damages. 

The GDPR defines an array of legal terms at length, some of the most important of them are :

Personal data 

Personal data is any information that relates to an individual who can be directly or indirectly identified. Names and email addresses are obviously personal data. Location information, ethnicity, gender, biometric data, religious beliefs, healthy data, biosignals like EEG, fNIRS  can also be considered as personal data.

Pseudonymous data can also fall under the definition if it’s relatively easy to ID someone from it.

**Pseudonymization is a data management and de-identification procedure by which personally identifiable information fields within a data record are replaced by one or more artificial identifiers, or pseudonyms.[ 

A single pseudonym for each replaced field or collection of replaced fields makes the data record less identifiable while remaining suitable for data analysis and data processing.

 Data processing 

Any action performed on data, whether automated or manual. The examples cited in the text include collecting, recording, organizing, structuring, storing, using, erasing… so basically anything.

Data subject

The person whose data is processed. These are your volonteers for trials,  patients, customers or visitors.

 Data controller

The person who decides why and how personal data will be processed. If you’re an owner or employee in your organization who handles data, this is you.

Data processor 

A third party that processes personal data on behalf of a data controller, like subcontrators. The GDPR has special rules for these individuals and organizations. 

Data protection principles

If you process data, you have to do so according to seven protection and accountability principles outlined in Article 5.1-2:

1. Lawfulness, fairness and transparency Processing must be lawful, fair, and transparent to the data subject.

2. Purpose limitation

You must process data for the legitimate purposes specified explicitly to the data subject when you collected it.

3. Data minimization

You should collect and process only as much data as absolutely necessary for the purposes specified.

4. Accuracy 

You must keep personal data accurate and up to date.

5. Storage limitation 

You may only store personally identifying data for as long as necessary for the specified purpose.

6. Integrity and confidentiality 

Processing must be done in such a way as to ensure appropriate security, integrity, and confidentiality (e.g. by using encryption or any other solution).

FF5 is a reliable solution to store data in totally accordance  with this requirement.

7. Accountability 

The data controller is responsible for being able to demonstrate GDPR compliance with all of these principles.

The GDPR says data controllers have to be able to demonstrate they are GDPR compliant. 

And this isn’t something you can do after the fact: If you think you are compliant with the GDPR but can’t show how, then you’re not GDPR compliant.

FF5  makes easy to do it for which concern data storage and protection.

Data security

You’re required to handle data securely by implementing “appropriate technical and organizational measures.”

Technical measures mean anything from requiring your employees to use two-factor authentication on accounts where personal data are stored to contracting with cloud providers that use end-to-end encryption.

Organizational measures are things like staff trainings, adding a data privacy policy to your employee handbook, or limiting access to personal data to only those employees in your organization who need it.

If you have a data breach, you have 72 hours to tell the data subjects or face penalties. (This notification requirement may be waived if you use technological safeguards, such as encryption, to render data useless to an attacker.)

FF5 is a reliable and easy solution to manage data in totally accordance  with this requirement. As it isn't linked to any global network and that access are limited and pre-defined by administrator, you don't need to add two-factor authentification or any other strong and tricky solution.

Data protection by design and by default

From now on, everything you do in your organization must, “by design and by default,” consider data protection. Practically speaking, this means you must consider the data protection principles in the design of any new product or activity. 

FF5 has been designed to manage data in a safety manner 

Progress in life sciences, biomedical sciences, computer sciences, and social sciences hinges on the acquisition of new data and the application of methodologies that are reliable enough to form a robust basis for future advancements. A crucial aspect of scientific research is the reproducibility and transferability of work—both data and methodology—whether within the same unit or across different units, as well as across various locations or different points in time.

The scripts and codes used to carry out the experimental protocol, often crafted by the researcher, are critical to ensuring reproducibility and establishing a reliable methodology.

Reproducibility is crucial for validating results and enhancing the thoroughness of research. It fortifies datasets, outcomes, and scientific scrutiny. Given the broad consensus on the importance of data reproducibility in the scientific method, it should be integrated into your laboratory protocol to ensure data is shareable and reproducible across various locations and times (for future achievements).

You can facilitate this process adopting our new powerfull and friendly-user tool : the FF5.

Unfortunately, despite many studies claiming significant results, their findings often cannot be replicated, even by the same researchers in subsequent trials, due to the loss of the final versions of code and scripts. This phenomenon is known as the reproducibility crisis, or replication crisis, within or across research units.

FF5 make sure you store only the last released version of your scripts and programs for each project

This is underscored by the fact that in biology, most of researchers have failed to replicate the findings of others and than more of 50% could not replicate their own findings due to gaps in methodology. It raises the question of  how often a PhD departs, taking all their knowledge with them.

FF5 make sure you keep in house the knowledge and the reasons of the last released version, all changes are tracked and that's for  each project

The inability to reproduce scientific results leads to various adverse outcomes within the scientific community, including hindered scientific advancement, squandered resources and funds, reduced efficiency, and the diminishing of public confidence.

Factors contributing to the reproducibility crisis include:

* Restricted access or access to wrong or not update version of methodologies, raw data, and research techniques

* Mismanagement of intricate datasets

* Substandard research practices

* Deficient experimental designs

* Bias in publication preferences

FF5 can help you to reach only the last up-date released version of your programs and records

Reproducibility has transcended its status as a mere buzzword to become a fundamental component in the lifecycle of research projects in recent years.

That's why we have developed a reliable and user-friendly tool to help you ensure all your research projects are fully reproducible: the FF5

FF5 allow you to enhance : 

* Team working & collaboration

Easily collaborate with your team members, or share your scripts and codes as well as data collection for peer review from one virtual data source, while reducing the risk of transfer errors and reducing the risk of non-reproducibility.

* Methodology assessing 

You can easily  access to all your last released versions in a single virtual space without the hassle of searching through multiple database and be able to see all previuos versions with changes.

• FF5 acts as an electronic lab notebook (ELN) as complement of the laboratory and inventor's notebook.
• FF5 is an embedded system that aims to replace or complete traditional paper laboratory notebooks to note and trace the creation, development and releasing of codes, scripts, programs or softwares.
• FF5 may serve as a legal document, a lab notebook may be presented as evidence in legal proceedings and considered as an inventor's notebook, and you can use it in patent prosecution and intellectual property disputes in order to assess about the origin and property of the invention or creation.
• FF5 provides several advantages for both individuals and organizations; they facilitate easier searching, streamline data duplication and backups, and enhance collaboration among multiple users. 
• FF5s feature detailed access controls and tend to be more secure than paper versions. 
• FF5 come as a standalone tool or use a local client-server model.
• FF5 enables the storage, centralization, and protection of scientific data and self-created programs. It offers a highly searchable platform that ensures historical accuracy and legal compliance, while also fostering secure collaboration, increased efficiency, fewer errors, and reduced overall research costs.

Le crédit d’impôt recherche (CIR) est un dispositif fiscal composé de trois types de dépenses : les dépenses de recherche, d’innovation (pour les PME communautaires uniquement) et de collection (textile‑habillement‑cuir).

Peuvent bénéficier du CIR les entreprises de droit français, industrielles, commerciales et agricoles soumises à l’impôt sur le revenu, dans la catégorie des bénéfices industriels et commerciaux, ou à l’impôt sur les sociétés, à

condition d’être placées sous le régime du bénéfice réel (normal ou simplifié), de plein droit ou sur option.

Ce dispositif s’applique quel que soit le mode d’exploitation de ces entreprises (entreprise sous forme individuelle, société artisanale, société à responsabilité limitée, société anonyme…). Il en est de même pour les groupements de coopération sanitaire et les groupements de coopération sociale ou médicosociale qui ont opté pour leur assujettissement à l’impôt sur les sociétés.

La recherche éligible au CIR englobe les activités réalisées selon une démarche scientifique* en vue de lever des verrous scientifiques ou techniques*, c’est‑à‑dire des problèmes qui ne trouvent pas de

solution dans les connaissances accessibles.

Cette démarche scientifique consiste, à partir de l’état de l’art, à définir des hypothèses, à identifier les conséquences vérifiables, à identifier et/ou développer la théorie et les modèles nécessaires, à décrire le protocole expérimental et les expérimentations effectuées, à analyser les résultats obtenus et à tirer des conclusions sur les hypothèses formulées.

Cette démarche scientifique permet de formaliser une solution et ainsi de capitaliser les résultats en les rendant génériques, systématiques et transférables à d’autres

problématiques similaires.

Il est important de distinguer les activités de R&D au sein de l’ensemble des activités que les entreprises engagent pour développer un nouveau produit. Pour les différencier, nous pouvons souligner que les activités de R&D sont les plus incertaines et les plus risquées. Ce sont celles qui génèrent de nouvelles

connaissances scientifiques, par rapport à un état de l’art initial.

Une activité de R&D pour être éligible au CIR doit satisfaire aux 5 critères du Manuel de Frascati : 

1. Comporter un élément de nouveauté (Viser à obtenir des résultats nouveaux :

§ 2.14 à 2.16)

2. Comporter un élément de créativité (Reposer sur des notions et hypothèses

originales et non évidentes : § 2.17)

3. Comporter un élément d’incertitude (Revêtir un caractère incertain sur le

résultat final : § 2.18)

4.Être systématique (S’inscrire dans une planification et une budgétisation : § 2.19)

5.Être transférable et/ou reproductible (Déboucher sur des résultats qu’il est

possible de reproduire : § 2.20)

Lors d'un contrôle fiscale l'ensemble de ces 5 critères sont vérifiés et si la société n'est pas capable de les démontrer le CIR est remis en question et les sommes perçues doivent être remboursées.

FF5 est un outil conçu pour les travaux de recherche "informatique" afin de vous aider à démontrer votre éligibilité aux 5 critères.

Vous pourrez ainsi facilement démontrer la démarche systèmatique de votre processus d'innovation et de création, de montrer les vérrous lévées dans l'ordre chronologique.

Il sera aussi un outil pour assurer la transférabilité et la reproductibilité de vos travaux de recherche à caractére informatique.