Privacy policy of the Sciendo website

 

PRIVACY POLICY OF THE SCIENDO WEBSITE

 

General information

This document defines the rules of privacy on the Sciendo website operating in the domains www.sciendo.com and www.sciendo.com/services/books-self-publishing and www.content.sciendo.com (hereinafter referred to as the "Website").

The Website Administrator and the controller of the personal data of the Website Users is DE GRUYTER POLAND sp. z o.o. with its registered office in Warsaw, ul. Bogumiła Zuga 32A, 01-811 Warsaw, registered in the National Court Register kept by the District Court of Warsaw, XIIIth Commercial Division of the National Court Register, under KRS number: 0000055478, NIP (fiscal identification number): 9521878738, REGON (statistical number): 017359274, share capital: PLN 1,905,000.00, hereinafter referred to as the "Administrator".

In all matters relating to the Website, you can contact the Administrator by email at: info@sciendo.com, traditional post at: ul. Bogumiła Zuga 32A, 01-811 Warsaw, or at the telephone number: +48 22 701 50 15.

"GDPR" means in this document Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing of Directive 95/46/ EC (General Data Protection Regulation).

Personal data

  1. In the case of registration on the Website, the Administrator collects the following information regarding the Website User (the “User”): name and surname, e-mail address, password, data regarding the published book and its author or editor gave when concluding contracts in accordance with the Sciendo Self-Publishing Terms for Books Authors hereinafter referred to as the "Sciendo Contracts", as well as data regarding the performance of Sciendo Contracts. The said Users' personal data will be processed by the Administrator in order to:
  2. conclude and perform the Sciendo Contracts (the legal basis for data processing in this respect is article 6 paragraph 1 item b of the GDPR, and the data will be processed by the Administrator for this purpose until the expiry of the limitation period of claims under the Sciendo Contracts),
  3. keep the Administrator's accounts, enable its tax settlements, pursue possible claims arising from or related to Sciendo Contracts, which is a legitimate interest of the Administrator (the legal basis for data processing in this respect is article 6 paragraph 1 item f of the GDPR, and the data will be processed by the Administrator for this purpose until the expiry of the limitation period of claims under the Sciendo Contracts or expiry of the limitation period of the Administrator’s tax liabilities, whichever is later),
  4. the Administrator's own services marketing, which is a legitimate interest of the Administrator (the legal basis for data processing in this respect is article 6 paragraph 1 item f of the GDPR, and the data will be processed by the Administrator for this purpose until the User objects or other grounds for their erasure arise).
  5. In each case (also when using the Website without registration), the Administrator saves information about the parameters of the User's Internet connection, in particular, the User's IP address, as well as general demographic information (e.g. on the region from which the connection takes place). This data is processed for technical purposes related to the administration of the Administrator's servers, statistical purposes, for security assurance as well as for the marketing of the Administrator's own services, which is a legitimate interest of the Administrator (the legal basis for data processing in this respect is article 6 paragraph 1 item f of the GDPR, and the data will be processed by the Administrator for five years.
  6. The Administrator makes a special effort to protect the privacy and information provided to it and regarding Users. The Administrator with due care selects and applies appropriate technical measures, including programming and organizational measures, ensuring the protection of the data being processed, in particular protecting data from unauthorized access, disclosure, loss and destruction, unauthorized modification, as well as against their processing in violation of the applicable law.
  7. The User providing his personal data is voluntary, however, it is necessary to use the services provided in the Sciendo Self-Publishing Terms for Books Authors and the Sciendo Website Terms of Service.
  8. Personal data collected by the Administrator are processed in accordance with the law. The Users have the right to:
  9. obtain information whether their personal data are processed by the Administrator, access their personal data and receive a copy of them,
  10. rectification of inaccurate personal data concerning them and have their incomplete personal data completed,
  11. obtain from the Administrator the erasure of personal data concerning them if
    the personal data are no longer necessary in relation to the purposes for which they were collected, have been unlawfully processed or have to be erased for compliance with a legal obligation in the European Union or a Member State of the European Union law to which the Administrator is subject, as well as in case of raising an objection to the processing of data in such situations and to such extent as indicated in item e below,
  12. restrict the processing of their data if they are inaccurate, their processing is unlawful, they are no longer necessary to achieve the purpose for which they have been collected, but they are required by the User for the establishment, exercise or defence of legal claims, and for the time of considering the User's objection to the processing of his data due to his particular situation – then the Administrator will be able to process such personal data of the User in a manner other than by storage, only with the consent of the User or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State of the European Union,
  13. object to the processing of their personal data:
  • for direct marketing purposes, or
  • on grounds relating to the User’s particular situation – to the processing of the User's data necessary to perform a task carried out in the public interest or based on a legitimate interest of the Administrator, including profiling within these purposes; in this case, the Administrator shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims,
  1. data portability – the Administrator shall transmit to the User, at his request, his personal data which the Administrator processes, in a structured, commonly used machine-readable format or transmit such personal data at the request of the User to another controller indicated by the User,
  2. lodge a complaint with the competent supervisory authority – the President of the Office for Personal Data Protection (details at: https://uodo.gov.pl/) or another competent authority.
  3. The User's personal data will be disclosed by the Administrator to Walter de Gruyter GmbH with its registered office in Berlin and companies or partnerships directly or indirectly controlled by the last-mentioned company for the purposes of internal group reporting and marketing of goods and services of the de Gruyter Group companies or partnerships, which is a legitimate interest of the Administrator and such companies or partnerships (the legal basis for data processing in this respect is article 6 paragraph 1 item f of the GDPR, and the data will be processed by the Administrator for this purpose until the User objects or other grounds for their erasure arise).
  4. The Users’ personal data shall not be transferred outside the European Economic Area or to any international organization.
  5. The Administrator does not take decisions concerning Users in an automated manner, and in particular, does not use profiling.

Cookies

  1. The Website uses ‘cookies’ files, which are small text files, which are saved on the User's end device in connection with the use of the Website. The use of ‘cookies’is aimed at the correct operation of the Website. Starting to use the Website with accepted ‘cookies’ support in the options of your browser amounts to consent to the use of ‘cookies’ in accordance with this Privacy Policy. If the User does not agree to save ‘cookies’ files and use of them by the Administrator and third parties as indicated in this Privacy Policy, please adjust the settings of your browser.
  2. The ‘cookies’ files used by the Administrator are safe for the User's devices. In particular, it is not possible to get viruses or other unwanted or malicious software onto the Users' end devices this way. The said files allow the Website to adapt to the individual preferences of each User. ‘Cookies’ files usually contain the name of the domain from which they originate, their storage time on the User's end device and the assigned value.
  3. The Administrator applies two types of ‘cookies’ files:
  4. Session ‘cookies’: these are stored on the end device of the User and remain there until the end of a given browser session. The saved information is then permanently erased from the memory of the User's end device. The mechanism of session ‘cookies’ does not allow for the collection of any personal data or any confidential information from the User's end device.
  5. Persistent ‘cookies’: these are stored on the end device of the User and remain there until they are erased. Ending a given browser session or turning off the device does not erase them from the end device of the User. The mechanism of persistent ‘cookies’ does not allow the collection of any personal data or any confidential information from the device of the User.
  6. The Administrator uses ‘cookies’ files for the following purposes:
  7. the Website configuration;
  8. verification and development of its own offer;
  9. statistics creation;
  10. in order to log in and popularize the Website using the Facebook.com social network, which is administered by Facebook Inc. based in the USA or Facebook Ireland Ltd based in Ireland. The Facebook Privacy Policy is available at the following link: https://www.facebook.com/help/cookies/;
  11. popularizing the Website by the twitter.com social network, the administrator of which is Twitter Inc. based in the USA. The twitter.com Privacy Policy is available at the following link: https://support.twitter.com/articles/2017051
  12. We use Hotjar, Hotjar Ltd, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta to better understand the needs of our users and to optimize the offer on this website. With the help of Hotjar technology, we get a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click on, what they like and what they don't like, etc.), and this helps us to tailor our offer to our users' feedback. Hotjar uses cookies and other technologies to collect information about the behaviour of our users and their devices (in particular the IP address of the device (collected and stored in anonymous form only), screen size, device type (unique device identifiers), information about the browser used, location (country only), language preferred to display our website). Hotjar stores this information in a pseudonymized user profile. The information is neither used by Hotjar nor by us to identify individual users or combined with other data about individual users. For more information, please see Hotjar's privacy policy here.

    The data processing is justified in accordance with Art. 6 Para. 1 letter f) GDPR, as we have a legitimate interest in evaluating the use of our website. If personal data is collected, it will be deleted immediately if it is no longer necessary.

    You can object to the storage of a user profile and information about your visit to our website by Hotjar and the setting of Hotjar tracking cookies on our website by clicking on this link and deactivating Hotjar:

    Deactivate Hotjar

    The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

  13. We recommend reading the privacy policies of the above-mentioned entities in order to learn the rules of their using ‘cookies’ files.
  1. ‘Cookies’ files are also used by advertising networks, in particular, the Google network, to display advertisements suited to the manner in which the User uses the Website. For this purpose, information about the User's navigation path and the time of staying on a given website is saved.
  2. In terms of information about the User's preferences collected by the Google advertising network, the User may view and edit information resulting from ‘cookies’ files using the tool: https://www.google.com/ads/preferences/.
  1. The User may independently and at any time change the ‘cookies’ settings, specifying the conditions for their storage and access to the end device of the User. The User can make the changes to the settings referred to in the previous sentence using the browser settings, usually in the "Tools" or "Options" menu. These settings can be changed in particular in such a way as to block the automatic ‘cookies’ files acceptance in the settings of the browser or inform about their every posting on the User's device. Detailed information about the possibilities and ways of handling ‘cookies’ files are available in the settings of individual browsers. The User can delete ‘cookies’ at any time using the functions available in the browser he uses.
  2. Restricting the use of ‘cookies’ may affect some of the functionalities of the Website.

 

Data Protection Regulation for Customers

Information for Authors in Accordance with Article 13 of the GDPR

With this data protection declaration, we would like to inform you of how we process your author data. We are hereby fulfilling our information obligation to you in accordance with article 13 of the GDPR.

"GDPR" means in this document Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing of Directive 95/46/ EC (General Data Protection Regulation).

De Gruyter Poland makes a special effort to protect the privacy and information provided to it and regarding users. De Gruyter Poland, with due care, selects and applies appropriate technical measures, including programming and organizational measures, ensuring the protection of the data being processed, in particular protecting data from unauthorized access, disclosure, loss and destruction, unauthorized modification, as well as against their processing in violation of the applicable law.

1. Name and contact details of the responsible body (Controller)

De Gruyter Poland sp. z o.o.

Bogumiła Zuga 32A Street

01-811 Warsaw

telephone number: +48 22 701 50 15

e-mail: info@sciendo.com

2. Purpose and Legal Grounds for Processing

Essentially, we only gather such information from you, as you have expressly given us. This may be especially, but not exclusively:

  • name
  • postal address
  • telephone number
  • fax
  • email address
  • advertising block
  • job title
  • bank account details
  • any other addresses than the billing address
  • delivery address
  • accounting information
  • dunning levels
  • delivery blocks
  • customer blocks
  • debit-side customer details
  • company
  • affiliation
  • department
  • language
  • salutation
  • use history (clicked email, opened or not)
  • IP addresses

If necessary, additional information may arise during the course of the contractual relationship, such as for example, incoming payments or similar, which we also store in connection with your details.

Details are processed by us for the following purposes:

  • initiation and termination of contracts
  • fulfilment of the contractual relationship
  • invoicing
  • accountancy and tax purposes
  • customer support after the expiry of warranty
  • sending of advertising by email
  • sending of catalogues

This processing has its legal basis in Article 6 paragraph 1 lit. b) GDPR and Article 6 paragraph 1 lit. c) GDPR. The subsequent storage for customer support is justified by Article 6 paragraph 1 lit. f) of the GDPR. It is our legitimate interest, in this case, to be able to offer you services after the end of our contractual relationship.

3. Recipients or Categories of Recipients of Personal Data, as well as Transmission to Third-party Countries

For the above-named purposes, we use external IT service providers, service providers for the dispatch of newsletters, as well as delivery service providers. In addition, the De Gruyter Poland affiliates have access to your details. One of these affiliates companies is registered in a third country, namely the United States of America. Finally, personal data is also transmitted under certain circumstances to our tax advisers and financial & tax authorities.

4. Duration of Saving

  • We store personal data under a continuing obligation for the duration of the contractual relationship and furthermore, 10 years from the ending of the contractual relationship.
  • To the extent that personal data arises in contracts and/or invoices, these are retained for 10 years.
  • Personal data necessary for direct advertising is saved by us, until you object or retract and is deleted subsequently.

5. Rights of affected parties

The GDPR guarantees you certain rights that you can exercise against us if the statutory conditions apply.

  • Article 15 of the GDPR - Affected Parties’ Right to Information: you have the right to request a confirmation from us as to whether personal data affecting you is processed and, if so, what information this is and how this data is processed
  • Article 16 of the GDPR - Right to Correction: you have the right to request the immediate correction of incorrect personal data affecting you. Considering the purpose of processing, you also have the right to request that incomplete personal data be completed - also by way of submitting an explanation.
  • Article 17 of the GDPR - Right to Deletion: you have the right to request that we immediately delete personal data affecting you.
  • Article 18 of the GDPR - Right to limits of processing: you have the right to demand that we limit the processing of data.
  • Article 20 of the GDPR - Right to Data Transferability: you have the right to receive personal data affecting you and provided by you in a structured, standard and machine-readable format and to transfer this data to another responsible authority without hindrance from us or to have this data transferred directly insofar as technically possible if data is processed based on consent or the fulfilment of a contract.
  • Article 21 of the GDPR - Right to Object: for reasons resulting from your particular situation, you have the right to object to the processing of personal data affecting you required due to our legitimate interest or necessary to uphold a task of public interest or to exercise official authority. Please direct your objections to one of the addresses provided in this statement. If you exercise your right to object, we will no longer process your personal data unless we can prove compelling grounds worthy of protection that outweigh your interests, rights and freedoms or if processing is required for the exercising or defending of legal claims. If we process your personal data to operate direct advertising, you have the right to object to such processing at any time. If you object to data processing for the purposes of direct advertising, your personal data will no longer be processed for these purposes.
  • Article 77 of the GDPR in Combination with §19 of the BDSG - Right to Complain to a Supervisory Body: You have the right to complain to a supervisory body, especially in the member state of your residence, your workplace or the location of the alleged violation, if you believe that the processing of personal data affecting you violates applicable law.

If you have granted us consent, you have the right to revoke your consent at any time. All data processing that we undertook up to the point of your revocation shall remain lawful. To this end, you can send us a message to info@sciendo.com.

6. The obligation to provide personal data

You have no legal or contractual obligation to provide us with personal data. Therefore, under certain circumstances, we are not in the position to enter into a contractual relationship with you.

7. Automated Decisions including Profiling

We do not use any automated decisions including profiling.

 

Data Protection

Declaration for Authors

Information for Authors in Accordance with Article 13 of the GDPR

With this data protection declaration, we would like to inform you of how we process your author data. We are hereby fulfilling our information obligation to you in accordance with article 13 of the GDPR.

"GDPR" means in this document Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing of Directive 95/46/ EC (General Data Protection Regulation).

De Gruyter Poland makes a special effort to protect the privacy and information provided to it and regarding users. De Gruyter Poland, with due care, selects and applies appropriate technical measures, including programming and organizational measures, ensuring the protection of the data being processed, in particular protecting data from unauthorized access, disclosure, loss and destruction, unauthorized modification, as well as against their processing in violation of the applicable law.

  1. Name and Contact Details of the Party Responsible for Data Protection (Controller)

De Gruyter Poland sp. z o.o.

Bogumiła Zuga 32A Street

01-811 Warsaw

telephone number: +48 22 701 50 15

e-mail: info@sciendo.com

  1. Author and Publisher Management for Book Publishing

If you have entered into an author or publisher contract regarding the publishing of a book, we will process your data in the following manner.

  1. Categories of Processed Data

We process the following data:

  • Name
  • Address (private)
  • Address (institute)
  • Telephone number
  • Fax
  • Email address
  • Bank account details
  • Tax number
  • Whether you pay VAT or not
  • Any other addresses than the billing address
  • Delivery address
  • Accounting information
  • Dunning levels
  • Delivery blocks
  • Customer blocks
  • Extra printing costs
  1. Purpose and Legal Grounds for Processing

We use this data for the general author and publisher management for the purpose of publishing the book or article. Specifically, this includes creating contracts, payments and general fulfilment of the publishing contract. The relevant legal grounds can be found in article 6 paragraph 1 b) of the GDPR.

Finally, we archive your data for bookkeeping and tax purposes. This is carried out due to article 6 paragraph 1 c) of the GDPR.

III. Recipients or Categories of Recipients of Personal Data

Your data will be processed by the following departments within Controller for the purposes of the author and publisher management:

  • Editing Department
  • Publishing Management Department
  • Production Department
  • Bookkeeping Department
  • Fulfilment Department
  • IT Department
  • Sales/Marketing Department
  • Rights and Licences Department

If necessary, we also transfer this data to external authorities. These include our technical service provider but also:

  • Freelancers
  • Peer reviewers
  • Shipping providers
  • Distribution providers
  • Printers and typesetting providers
  • Controller’s affiliates in EU
  1. Transfers to Third Countries

Transfers are made to the United States of America. Most significantly, we transfer data to our affiliates in the USA De Gruyter Inc and transfer data to our service providers for development and maintenance purposes, in particular.

  • Crossref, 50 Salem Street, Lynnfield, MA 01940, USA
  • Aries Systems Corporation, 50 High Street, Suite 21, North Andover, MA 01845 USA
  • Sheridan, 125 Broad St, 2nd Floor Boston, MA 02110, USA
  1. Duration of Saving

The following data is saved for the duration of the author or publisher contract and for 10 years after its end:

  • Name
  • Address (private)
  • Address (institute)
  • Telephone number
  • Fax
  • Email address
  • Bank account details
  • Tax number
  • Whether you pay VAT or not
  • Any other addresses than the billing address
  • Delivery address
  • Accounting information
  • Dunning levels
  1. Publication of a Newspaper Article

If you have entered into an author contract regarding the publishing of a newspaper article, we will process your data in the following manner.

  1. Categories of Processed Data

We process the following data:

  • Name
  • Address
  • Telephone number
  • Fax
  • Email address
  • Specialist skills/areas
  • Account details in case of transfer of Open Access charges or payment of fees
  1. Purpose and Legal Grounds for Processing

We only use this data for the publishing of your newspaper article. The relevant legal grounds can be found in article 6 paragraph 1 b) of the GDPR. Finally, we archive your data for bookkeeping and tax purposes. This is carried out due to article 6 paragraph 1 c) of the GDPR.

III. Recipients or Categories of Recipients of Personal Data

Your data will be processed by the following departments within Controller:

  • Editing
  • Production Department
  • IT Department
  • Marketing Department
  • Fulfilment Department
  • Accounting Department (in case of transfer of Open Access charges or payment of fees)

If necessary, we also transfer this data to external authorities. These include our technical service provider but also:

  • Freelance editors
  • Publishers
  • Business advisors (board of trustees, advisors, advisory boards)
  • Controller’s affiliates in EU
  1. Transfers to Third Countries

Transfers are made to the United States of America. Most significantly, we transfer data to our affiliates in the USA De Gruyter Inc and transfer data to our service providers for development and maintenance purposes, in particular.

  • Crossref, 50 Salem Street, Lynnfield, MA 01940, USA
  • Aries Systems Corporation, 50 High Street, Suite 21, North Andover, MA 01845 USA
  • Sheridan, 125 Broad St, 2nd Floor Boston, MA 02110, USA
  1. Duration of Saving

The following data is saved for the duration of the contract and for 10 years after its end:

  • Name
  • Address
  • Telephone number
  • Fax
  • Email address
  • Specialist skills/areas
  1. Rights of Affected Parties

The GDPR guarantees you certain rights that you can exercise against us if the statutory conditions apply.

  • Article 15 of the GDPR - Affected Parties’ Right to Information: You have the right to request a confirmation from us as to whether personal data affecting you is processed and, if yes, what information this is and how this data is processed.
  • Article 16 of the GDPR - Right to Correction: You have the right to request the immediate correction of incorrect personal data affecting you. Considering the purpose of processing, you also have the right to request that incomplete personal data is completed - even by way of submitting an explanation.
  • Article 17 of the GDPR - Right to Deletion: You have the right to request that we immediately delete personal data affecting you.
  • Article 18 of the GDPR - Right to Limit Processing: You have the right to demand that we limit the processing of data.
  • Article 20 of the GDPR - Right to Data Transferability:You have the right to receive personal data affecting you and provided by you in a structured, standard and machine-readable format and to transfer this data to another responsible authority without hindrance from us, or to have this data transferred directly, insofar as technically possible, if data is processed based on consent or the fulfilment of a contract.
  • Article 21 of the GDPR - Right to Object: For reasons resulting from your particular situation, you have the right to object to the processing of personal data affecting you, required due to our legitimate interest or necessary to uphold a task of public interest or to exercise official authority.

If you exercise your right to object, we will no longer process your personal data unless we can prove compelling grounds worthy of protection that outweigh your interests, rights and freedoms or if processing is required for the exercising or defending of legal claims.
If we process your personal data to operate direct advertising, you have the right to object to such processing at any time. If you object to data processing for the purposes of direct advertising, your personal data will no longer be processed for these purposes.

  • Article 77 of the GDPR in Combination with §(?)19 of the GDPR - Right to Complain to a Supervisory Body: You have the right to complain to a supervisory body, especially in the member state of your residence, your workplace or the location of the alleged violation, if you believe that the processing of personal data affecting you violates applicable law.

If you have granted us consent, you have the right to revoke your consent at any time. All data processing that we undertook up to the point of your revocation shall remain lawful. To this end, you can send us a message to info@sciendo.com.

  1. Statutory and Contractual Obligations to Provide Data

You are never obliged to provide us with data. If you do not provide the data outlined above for processing, we shall not be able to enter into a contract with you or, if one has been entered into, fulfil the contract. If you do not provide us with your data for direct marketing, we can no longer inform you about our products, services and publishing topics.

  1. Automated Decisions including Profiling

We do not use automatic decision making that would disadvantage you or have legal consequences for you.