Skip to main content
Federal Grant Program

STTR Research Data Policy

Effective Date: March 30, 2026 | Last Updated: March 30, 2026

This policy governs the collection, use, and protection of personal data for participants in Small Business Technology Transfer (STTR) research projects coordinated through DAKDAN Talent.

What is STTR?

The Small Business Technology Transfer (STTR) program is a federal initiative that funds collaborative R&D between small businesses and research institutions. DAKDAN Talent facilitates student/researcher placements in STTR-funded projects.

Phase I/II/III
Proof-of-concept to commercialization
40/30 Split
40% university, 30% small business minimum
Bayh-Dole Act
IP retained by performing institutions

Data Collection & Use

Categories of Data Collected

Researcher/Student Data

  • Name, contact information, academic credentials
  • Research interests, technical expertise, publications
  • University affiliation, department, advisor information
  • Work authorization status (US Persons requirements)
  • Security clearance (if applicable for DOD projects)

Project Data

  • Grant proposal abstracts (public information)
  • Research milestones and deliverables
  • Collaboration agreements and NDAs
  • Progress reports (de-identified for matching)
  • Budget allocation (40/30 compliance tracking)

Purposes of Processing

1

Researcher Matching

Connect qualified researchers/students with STTR projects based on technical expertise and research interests

2

Compliance Tracking

Monitor 40/30 budget split requirements between university and small business partners

3

Grant Administration

Facilitate proposal submissions, budget planning, and reporting to federal agencies (DOD, NSF, NIH, etc.)

4

IP Management Support

Track invention disclosures and IP allocations per Bayh-Dole Act and project agreements

5

Outcome Reporting

Aggregate outcomes (publications, patents, commercialization) for federal reporting requirements

6

Security Clearances

Verify clearances for classified or export-controlled research (DOD, DOE projects)

Legal Basis for Processing

Federal Law & Regulation

  • Bayh-Dole Act (35 U.S.C. § 200-212): IP and data retention requirements
  • SBIR/STTR Policy Directive: Budget tracking and reporting mandates
  • FAR/DFARS: Federal Acquisition Regulation for DOD contracts
  • Export Control (ITAR/EAR): Restricted data for foreign nationals

Consent & Contract

  • Explicit Consent: Researchers consent to data use for STTR matching
  • Contract Performance: Processing necessary to fulfill grant administration services
  • Legitimate Interest: Aggregate outcomes reporting for program improvement

Data Sharing & Disclosure

Who We Share With

Federal Agencies

De-identified aggregate data shared with granting agencies for program evaluation:

  • • Department of Defense (DOD) - STTR Program Office
  • • National Science Foundation (NSF)
  • • National Institutes of Health (NIH)
  • • Department of Energy (DOE)
  • • NASA, USDA, EPA, and other participating agencies

Project Partners

Researcher contact info and CVs shared with small business partners and university principal investigators for matching. Requires signed NDA and collaboration agreement.

University Partners

Student placement data, progress reports, and IP disclosures shared with university tech transfer offices and sponsored research departments per institutional agreements.

What We Do NOT Share

  • Proprietary Research Data: Experimental results, formulas, trade secrets remain confidential per project NDAs
  • Personal Financial Data: Researcher salaries, stipends not shared externally
  • Classified Information: Security-cleared data handled in separate systems per NISPOM
  • Third-Party Marketing: No selling or renting of researcher lists to recruiters or vendors

Data Retention & Deletion

Data TypeRetention PeriodLegal Basis
Grant proposals & awards7 years after project completionFAR 4.703, Bayh-Dole
IP disclosures & patentsLife of patent + 7 years35 U.S.C. § 202
Researcher CVs & profilesActive + 2 years inactiveLegitimate interest
Financial records7 yearsIRS, FAR 4.705
Export control documentation5 yearsITAR § 122.5, EAR § 762.6
Aggregate outcomes dataIndefinite (de-identified)Public interest research

Early Deletion Requests

Researchers may request deletion of CVs and contact info at any time. However, grant-related records must be retained per federal law. We anonymize personal identifiers while retaining project data.

Security Measures

Data Protection

  • AES-256 encryption for all STTR data at rest
  • TLS 1.3 for data in transit
  • Isolated database instances for federal projects
  • Multi-factor authentication for all users

Access Controls

  • Role-based access: project teams see only their data
  • Background checks for staff handling sensitive data
  • Annual ITAR/EAR compliance training
  • Audit logging for all data access (7-year retention)

Your Privacy Rights

Researchers and students have the following rights regarding their STTR data:

Right to Access

Request a copy of your CV, project history, and IP disclosures

Right to Correction

Update your profile, qualifications, or contact information

Right to Deletion

Remove CV/contact info (grant records retained per law)

Right to Opt-Out

Stop receiving new STTR project matches

Right to Data Portability

Export your profile in machine-readable format

Right to Object

Object to specific data uses (e.g., outcomes reporting)

Submit Data Request

STTR Privacy Contacts

STTR Program Manager

sttr@dakdantalent.com

Data Protection Officer

dpo@dakdantalent.com

Export Control Compliance

export-control@dakdantalent.com

Version: 1.0 | Effective Date: March 30, 2026 | Last Updated: March 30, 2026
Complies with: Bayh-Dole Act, FAR/DFARS, ITAR/EAR, GDPR, CCPA
Main Privacy Policy | Data Privacy Framework | Data Processing Agreement