Processing of (research) data is defined in the second definition of art. 4 of the GDPR. Be aware that processing is much more than only storing data. It covers all activities with data, ranging from reading a file (or piece of paper), sending data per mail, transporting it from a handheld device to a laptop and from there to a central storage, etc. Even storing (archiving) and deleting data are considered processing activities. This definition is especially of importance when personal data is processed.