Data should be published ‘as open as possible, as closed as necessary’. It is not always possible to offer all project data openly due to certain contractual terms or legal restrictions.
For commercially sensitive data, it may be necessary to keep it confidential for an extended period after collection and analysis. This can occur in projects involving digitisation of copyright-protected materials or collaborations with commercial partners or publishers, where a delayed Open Access publication (moving wall) may be required after the project concludes. In such cases, a data embargo can be applied. During this period, only the description of the dataset is published, while the data itself remains inaccessible. The full data will be made available after a specified time.
Clearly state the accessibility of both the data and the metadata.
When choosing access options, consider legal requirements, discipline-specific policies and any applicable ethical guidelines. Opt for Open Access whenever possible. If you are collecting personal data, check whether this is covered by the platform's terms of use, whether individuals have given their consent for use, and what measures you have taken to protect the data.
Ensure that the chosen licensing is machine-readable. You can find more details on this in the documentation of the selected metadata schema.
Make the metadata publicly available as soon as possible and attach an open license to it, even if the associated data cannot be published under Open Access. This will at least make your restricted-access data discoverable.
If you are working with a data embargo, clearly state the reasons for it and the duration it will be necessary.
Support the publication of (meta-)data in Open Access. Clearly communicate any access restrictions that your repository can accommodate if needed. Indicate whether an embargo on submitted data is allowed and specify the conditions for it.
Clearly explain to users how they can be granted limited access to sensitive (meta-)data that cannot be made publicly accessible. In such cases, aim to make the (meta-)data available through a controlled and documented access procedure that is also suitable for machine-based access. The relevant contact information and responsibilities must be clearly communicated. Sometimes, user accounts are required to authorise access and manage specific permissions.
An example of the documentation of the access restrictions supported by the repository can be found at RADAR.