🔒 GDPR Compliance
We are committed to full compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. Your privacy and data security are our top priorities.
⚖️ Legal Basis for Processing
We process personal data based on the following legal grounds:
Consent
You have given clear consent to process your data for specific purposes
Contract
Processing is necessary for our agreement with you
Legal Obligation
Required by applicable law or regulations
Legitimate Interests
Necessary for our business operations
👤 Data Subject Rights
Under GDPR, you have the following rights:
🔍 Right to Access
Request copies of your personal data we hold
✏️ Right to Rectification
Correct inaccurate or incomplete data
🗑️ Right to Erasure
Request deletion of your data (right to be forgotten)
🔒 Right to Restrict Processing
Limit how we use your data
📦 Right to Data Portability
Receive your data in a structured, machine-readable format
⛔ Right to Object
Object to processing based on legitimate interests
⏰ Data Retention
We retain personal data only as long as necessary:
Active Users
Duration of account plus 2 years
Manuscripts
7 years after publication/rejection
Financial Records
As required by law (typically 7 years)
Correspondence
3 years from last contact
🛡️ Data Security Measures
We implement comprehensive security measures:
Encryption
Data encrypted in transit (TLS/SSL) and at rest (AES-256)
Regular Security Audits
Periodic vulnerability assessments and penetration testing
Access Controls
Role-based access and multi-factor authentication
Staff Training
Regular data protection training for all staff
Incident Response
Documented procedures for data breach response
🌍 International Data Transfers
When transferring data outside the EU/EEA, we ensure adequate protection through:
📧 Contact Our Data Protection Officer
For data protection inquiries, exercise your rights, or report concerns:
Email: dpo@yourjournal.com
We will respond to all requests within 30 days as required by GDPR.