Privacy Policy

PRIVACY STATEMENT


Last updated: 24th May 2018

Thank you for visiting the OpenJournalSystems.com website. This Privacy Policy will be effective as of May 23, 2018 for all new users and users in EU and EEA member countries. It explains what information we collect when you visit our website or register a user account, as well as how and why we collect and use it. We take your privacy seriously and are proactive in ensuring the necessary steps are taken to protect your personal data.

Introduction


OpenJournalSystems.com is committed to protecting the personal information of our customers and visitors to our websites. By using our services you agree to the use of the data collected in accordance with this Privacy Policy.

This document will outline what personal information is collected and the way it is processed, stored and protected. We will also detail how and when we might use or share your information and how you can correct any errors.

This Policy covers all areas where user privacy is concerned and outlines the obligations & requirements of the users, the website, and website owners. This Privacy Policy will also explain our online information practices and the choices you can make about the way your information is collected and used.

If you have any questions about this Privacy Policy or the practices described herein, you may contact privacy@openjournalsystems.com or 13835 N. Tatum Blvd, #9-319, Phoenix, AZ 85032.

About Us


OpenJournalSystems.com was founded in 2013 and is headquartered in Phoenix, Arizona. We provide publishing technology solutions and expertise to facilitate the creation and launch of Scholarly Publishing using the Open Journal Systems (OJS) publishing platform. Our products and services include OJS managed hosting and installations, custom themes, workflow and plugin customization, premium expert support, software upgrades, personalized training, programming, editorial services, OJS 3.x services, and much more.

Information Collected


In the course of your use of our services, we compile a variety of information (detailed below). This data is stored in a variety of places within our infrastructure.

Contact Information

Online forms are used to collect basic personal information such as name, address, telephone number, email address. This enables you to place orders, request information, and obtain support. This information is collected and stored on our site.

Payments and Billing Information

When signing up for any of our services, products, or programs, we require additional personal and payment information such as your name, credit card number or PayPal and mailing address.

Automated Information and Analytics Tools

When you visit our website we receive and collect information, which may – in certain circumstances constitute personal information – and could include IP address, referral URL, exit URL, browser software, and operating system, date/time and/or clickstream data. We also use analytics services of third parties to collect information about the use of this site. This includes number of visits, pages visited, and popularity of certain content. Analytics tools use tracking technologies (like cookies) to recognize a device and compile information about the user. They collect information such as what pages you visit and how much time you spend on these pages, the IP address assigned to you, what operating system and web browser you use, and what site you visited prior to visiting our website.

Other sources of information obtained can include:

information you provide to us in surveys; information that is publicly available; and information you consent to us receiving from third parties.

How Your Information is Used


We have a legitimate interest in running a successful and efficient business and in providing you with services and useful content. Information is used both on its own and combined with other information we collect about you for the following purposes:

  • To provide the requested services;
  • To perform any contractual obligations in order to provide any services;
  • To provide useful content;
  • To ensure the proper functioning of our services;
  • To offer and improve our services;
  • To provide any requested information or technical support;
  • To facilitate movement through our websites or your use of our services;
  • To do a better job of advertising and marketing our services (our use of your information to do this is performed with consent where required by applicable law);
  • To advertise and market third-party products and services (such advertisements are only performed with permission where consent is required by applicable law);
  • To diagnose problems with our servers or our services;
  • In connection with our security and compliance programs;
  • To administer our websites;
  • To communicate with our clients;
  • To identify prospective customers for our products or services (such targeting is only performed with permission where consent is required by applicable law);
  • To assist us in offering a personalized experience or otherwise tailor our services to the client; and
  • To comply with a legal obligation, a court order, or to exercise or defend legal claims. For example, if we are requested to disclose personal information to regulatory bodies or law enforcement authorities; or to use your personal information for tax calculations;
  • As otherwise described in this Privacy Policy.

We also use information received in aggregated and anonymized formats to produce reports on trends and statistics, such as mobile search trends, email open rates by industry, campaign best practices or the number of users that have been exposed to, or clicked on, our websites or evaluated or purchased our products and services. Payment information that you provide to us, including credit card data, will only be used to facilitate payment for our products and services.

Sharing of Information


As described below, we will only share certain personal information with select people.

Our Employees and Independent Contractors

We do disclose personal information with some of our employees our independent contractors. This helps us provide services and process information on our behalf and also for administrative, billing, and tax purposes, All employees and independent contractors are required to comply strictly with this Privacy Policy.

Legal Process

We may disclose information about you in response to subpoenas, court orders, or other legitimate governmental requests.

Business Transfers and Corporate Reorganization
If we are involved in a merger, acquisition, a sale of all or a substantial portion of our assets, or other similar sale transactions, your information will be transferred as part of that transaction. We will notify you by email and/or a prominent notice on our website of any such transfer and any choices you may have regarding your information.
Your Consent and Authorized Users

With your explicit consent or at your direction we may share or disclose authorized information with third parties. We will not, however, sell, rent, share or otherwise disclose personally identifiable information for commercial purposes in any way that is contrary this Privacy Policy. We will take all reasonable steps to notify you when and what information might go to third parties and you will be able to choose whether to share it or not. All users authorized by you to have access to your account can view personal information stored in the account. A primary account holder can view personal information saved in subaccounts to which they have authorized access. We share information about authorized users only for legitimate purposes consistent with this Privacy Policy.

Cookies and Tracking Technologies


Cookies are used to collect some of the information set out in this Policy. A Cookie is a small piece of data sent from a website and is stored in the web browser on your computer, mobile, or other handheld device.

Cookies are used to identify you. They can store your account identifier, ordering status, personalization, or website tracking. They can also be used for technical purposes such as tracking your current shopping session and enabling you to proceed to checkout and pay for your order or to save information which has already been entered (such as languages choices or region), so that we can offer improved personalized services, products, and other relevant communication tailored to you. Cookies also allow us to fulfill our contractual obligations to third parties and partners if you have made a purchase on our website by following a link from their website.

Preferences regarding Cookies  can be managed by modifying your browser settings or using the designated pop-up tool on our website. In the “Cookie Settings” pop-up on our site you will find a list of all cookies within each category (required, statistics, marketing), or a list of vendors serving cookies and similar technologies. You can then choose which types of cookies (if any) you would like our site to use.

You can also modify your Cookie preferences directly from your own browser. Please note that if you simply disable all of our cookies or cookies in general in your browser settings, you may find that certain sections and features of our site will not work as your browser may prevent us from setting site functionally required cookies.

For information about how to manage and opt out from cookies, please visit our Cookie Policy.

Retention of Personal Information


Information collected on our website will only be retained for as long as necessary to fulfill the reason it was collected. We will automatically delete your User Area account information 2 years after you no longer have any active services with us. As we offer a service for customers worldwide and need to comply with regulations across the globe regarding retention of personal information related to contractual agreements, provision of services, financial, billing, invoicing operations and tax calculations, a versioned copy of your contact, payment and billing personal data associated with your past invoices is stored for a period of 7 years and 10 years for payroll records after deactivating an account. Your personal data is deleted automatically by our systems in accordance with these retention periods.

Security Measures


Transmission of information via the Internet, email, or text message is not completely secure. We will always do our best to protect your personal information; however, we cannot guarantee the absolute security of your information transmitted through the services or over email; any transmission is at your own risk. Once we have received your information, we will always take appropriate technical and organizational measures to safeguard your personal information against loss, theft and unauthorized use, access or modification.

Secure Sockets Layer (SSL) software is used to encrypt the information you enter on our site to protect its security during transmission to and from our site. We protect the security of stored information by encryption and pseudonymization of critical data. Credit card information and payments processed are subject to tokenization and strong security measures.

OpenJournalSystems.com maintains physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of all personally identifiable customer information. Our security procedures require us in some cases to request proof of identity before disclosing personal information to you.
To protect against any unauthorized access to your account or information, we implement session management, login expiration mechanisms, and the option of using 2-factor authentication for User Area access. As an additional safety measure, ensure you sign off when finished using your account and computer.

International Transfers


We host, store or otherwise handle your personal information within the borders of the USA and European Economic Area (EEA). We will ensure that any transfers of personal information from one country to another complies with all applicable data protection and privacy laws. European data protection laws, in particular, include specific rules on transferring personal information outside the EEA.

When transferring personal information outside the USA to EEA, we will include the standard data protection clauses approved by the European Commission under Article 46.2 of the General Data Protection Regulation (GDPR) into our contract with the EEA-based Partners.

For further information about the rules on data transfers outside the USA, including the mechanisms that we rely upon, on the European Commission please click here.

In any event, your information will be processed in accordance with this Privacy Policy.  If you would like further information about the global handling of your personal information, please contact us using the details set out in the “Further questions and contacts” section below.

Your Rights


Where the European Union’s General Data Protection Regulation 2016/679, or GDPR, applies, in certain circumstances and subject to data processing agreements, you have rights in relation to your personal information held. Outlined below are those rights and how to exercise those them. Please note that we will require you to verify your identity before responding to any requests to exercise your rights by providing details only known to the account holder. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.

Access

You have the right to know whether we process personal information about you, and if so, to access the data held as well as certain information about its use.

Portability

You have the right to receive a subset of the personal information you provided us if we process it on the legal bases of our contract with you or with your consent. This will be done in a structured, commonly used and machine-readable format and you have the right to request transfer such personal information to another party. If this is desired, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal information or its processing once received by the third party.

Correction

You have the right to require corrections to any personal information held about you that is inaccurate. When requesting a correction, please explain in detail why you believe the personal information we hold is inaccurate or incomplete. Please note that while we assess whether the personal information we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.

Erasure

You may request that we erase any held personal information in the following circumstances:

  • where you believe it is no longer necessary for us to hold the personal information;
  • when we are processing it on the basis of your consent and you wish to withdraw consent;
  • when we are processing your data on the basis of our legitimate interest and you object to such processing;
  • when you no longer wish us to use your data to send you marketing; or
  • you believe we are unlawfully processing your data.

Please provide as much detail as possible regarding your reasons for the request. This will assist us in determining whether you have a valid basis for erasure.

Restriction of Processing to Storage Only

You have a right to require us to stop processing the personal information we hold about you other than for storage purposes in the following circumstances:

  • You believe the personal information is not accurate for the period it takes for us to verify whether the data is accurate;
  • We wish to erase the personal information as the processing we are doing is unlawful but you want us to simply restrict the use of that data;
  • When we no longer need the personal information for the purposes of the processing but you require us to retain the data for the establishment, exercise or defense of legal claims; or
  • You have objected to us processing personal information we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal information while we determine whether there is an overriding interest in us retaining such personal information.
Objection

You have the right to object to our processing of data about you. You will need to provide details so that we can determine if there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.

You also have the right to object to our processing of data about you in order to send you marketing information, including where we build profiles for such purposes and we will stop processing the data for that purpose.

Withdrawal of Consent

You have the right to withdraw consent regarding the use of your personal information where we rely on your consent as a legal basis to justify using your personal data.

Age Restrictions


Our services are not directed to people under 18 and we do not knowingly collect personal information from anyone under 18. If a parent or guardian becomes aware that their child has provided us with personal information without such parent or guardian’s consent, they should contact us. If we become aware that a child under 18 has provided us with personal information, it will be deleted from our files.

Changes to the Privacy Policy


We reserve the right to modify this Privacy Policy at any time. If we decide to change our Privacy Policy, we will post updates to our website and any other places deemed appropriate. We will notify users by email, or by means of a notice via our website, at least fifteen (15) days before the changes take effect. This will ensure that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

Further Questions and Contacts


If you have any questions regarding this Privacy Policy, to exercise any of your rights in relation to your personal information, or if you want to object to the collection or processing of your data by OpenJournalSystems.com, please contact us at info@openjournalsystems.com or our Data Protection Officer who can be reached at privacy@openjournalsystems.com