Application deadline: 15 January 2021
Send the application and any attachments to . The application will be registered in the Data Protection Authority’s archive system.
Applications must meet some general criteria. You can read more about this in our guide on the framework for the sandbox.
Application form - regulatory sandbox.docx
As applications are submitted via e-mail, we encourage you to protect the contents of your application if you believe all or some of the content is sensitive information. If you want to protect the content of your document before sending it, take the opportunity to password-protect the Word document (File, Save as, Tools, General options, Password to open). The password may be shared with us via telephone. Alternatively, you may use PGP encryption.
What happens next?
The Data Protection Authority will invite applicants to a short interview in January. Projects that meet the criteria will be asked to submit supplementary information. On this basis, the Data Protection Authority will select a handful of projects, which will receive an invitation to join the sandbox. Project initiation dates are agreed between the Data Protection Authority and the participant.
Applications are assessed and selected by an internal Data Protection Authority committee. Toward the end of the selection process, the Data Protection Authority will invite an external reference group to provide recommendations for the selection process. The objective of this reference group is to provide an external perspective, to make sure that the projects we select have the best possible potential for social relevance and benefit.
When projects are completed, we will accept applications for a new round of projects.
- 1 December — opening date for applications
- 15 January — application deadline
- 31 January — interviews with all applicants completed
- 1 February — deadline for submitting supplementary information for applicants who meet the criteria
- Mid-March — projects selected. All applicants will be notified.
Practical information about submitting, receiving and archiving applications
The Data Protection Authority is subject to the Freedom of Information Act, which means that anyone may demand access to documents sent to and from us. We do not grant access to confidential information. This includes technical devices and procedures or operational or business matters, which, for reasons of competition, it is important for the organization to keep secret, see Section 13 of the Public Administration Act.
If any party requests access to the applications, we will first contact the applicants to find out what their position is.