Privacy Policy

The said website is owned by Spandidos Publications and Spandidos Publications UK (hereinafter we, us, our), which act as Joint Controllers with regards to the personal data described below. The content of this website has the following aims: to allow access to scientific knowledge in the form of manuscripts published in specific journals, and to give you the opportunity, through its registration process, to submit and publish manuscripts, or to review manuscripts for publication. Both companies have defined the means and the purposes of the processing of your personal data, in order to offer you the aforementioned services.

We are the exclusive administrators of the website in discussion and are responsible for the processing of the personal data you submit, in accordance with the applicable General Data Protection Regulation (EU 2016/679 - GDPR).

1. What is personal data?

According to Article 4(1) of the General Data Protection Regulation, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. What personal data is collected and why?

In case the users of the website voluntarily provide their personal data (e.g. name, address, telephone number or email address), we shall process them for the purposes mentioned below. Users may decline to provide personal information; however, in this case, we may be unable to deliver the services requested.

2.1 For the purpose of your registration

Users are requested to provide the following personal details for registration on the website:

• Email address
• Title, name
• Company/institution
• Position
• Postal address
• Username & login password

You may also provide your mobile phone number on an optional basis.

Website registration is required before a manuscript can be submitted, subscriptions can be made, or newsletters received. The information is used to provide the service requested and to ensure standards of scientific integrity.

2.2 For the purpose of the submission and publication of a manuscript

Authors are asked to provide the following personal details when submitting a manuscript (in addition to the details required for registration):

• Email address of first and corresponding authors
• Postal address of first and corresponding authors

These details are used to facilitate scientific communication. Visitors of the website and subscribers to our journals can access this information. Our journals are also abstracted and indexed in various databases (see the page for each journal for specific details).

During the manuscript submission process, the authors are requested to suggest five (5) reviewers. In this case, we also process the name, email address, title, position and company/institution of the suggested reviewer. The authors are bound to inform the natural persons they suggest as reviewers about this process before they submit their personal data to us.

2.3 For the purpose of the submission of a CV

When a CV is submitted via the website as part of an application for a job with us, the information included in it is used to assess suitability for the role and will be used to contact you regarding the status of your application. In this case, the personal data we receive refers to employment and background data, which you knowingly disclose to us.

2.4 For the purpose of your registration for an upcoming conference

For participation in conferences and/or workshops organized by Spandidos Publications and/or Spandidos Publications UK, we collect the following personal data:

• Title (e.g. Dr, Professor)
• First name
• Family name
• Address
• Phone number
• Email address

2.5 For the purpose of your subscription to our newsletter lists

After you have provided your explicit consent through our website, your email address is used to send you general or conference newsletters, including newsletters relevant to the journal of your choice.

2.6 General

Payment for publication is carried out via bank transfer or credit card, using a third party; therefore, no payment information is processed by us.

3. The lawful basis we use to process your data

Processing of your data is based on one of the following lawful bases: i) performance of contract, ii) legitimate interest, iii) consent, iv) compliance with a legal or regulatory obligation.

4. Disclosure of information

Information about users of the website is not processed in any other manner than that described in the present privacy policy. Information may be disclosed to law enforcement authorities without your consent if required by law, following a reasonable request to prevent, investigate or act against actual or suspected illegal activity, physical harm or financial loss, and if part or all of the company or its assets are sold or transferred.

5. Security

The information we collect is kept secure via the use of administrative, technical and physical safeguards to protect it from loss, misuse, unauthorized access, disclosure or alteration. We use SSL Certificates to enhance the security of our website and web services.

6. Third parties that process data for us

Your personal data are accessed only by our employees, which are bound by confidentiality clauses.

We act on our own in the processing of the personal data we collect, while the recipients of your data might be companies that cooperate with us for the purpose of manuscript setup, and the conversion of your manuscript into xml files, or article databases and libraries.

The recipients of your data may be Mailgun Technologies, Inc., which is assigned with distributing our newsletters. Mailgun is self-certified to the EU-US Privacy Shield Framework maintained by the US Department of Commerce (Privacy Shield).

It is noted that our database host is Hetzner Online GmbH, based in the EU (Germany).

Moreover, when you book your attendance at one of our conferences, the travel agency that we cooperate with for the specific event might process your personal data.

Please note that all our affiliated companies are contractually committed to take the appropriate technical and organizational measures to protect confidentiality, integrity and availability of your data.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is applied to it by ensuring at least one of the following transfer solutions are implemented:

• We will transfer your personal data to countries that have been deemed by the European Commission to provide an adequate level of protection for personal data, referring to the protections afforded by the laws of the country to which the data will be transferred. You can find the relevant decisions of the European Commission here;
• We may use specific contracts approved by the European Commission (standard contractual clauses) to legally bind the processor of your personal data;
• We may transfer data to US-based companies if they are part of the Privacy Shield;
• We are provided with your consent for certain transfers, after informing you of the possible risks of such transfers due to the absence of an adequacy decision and appropriate safeguards;
• We transfer your personal data whenever it is necessary for the performance of the contract between us (the data subject and the Controller), or the implementation of pre-contractual measures taken at the data subject’s request.

Countries outside of the EEA to which we may transfer your personal information include, amongst others, Canada, P.R. China, USA and India.

7. When do we delete your data?

Your personal data are retained only for as long as it is required according to the terms of our contractual relationship. When the processing of your data is based on your consent (e.g. recipient of newsletters), we delete your data upon withdrawal of your consent. Moreover, we delete the personal data that you provide to us, if there is no legal basis or other requirement for keeping your data, five (5) years after your last activity. It is noted that all published information associated with your manuscript cannot be deleted.

8. Your rights towards your personal data

You can exercise your rights towards the processing of your personal data and specifically:

• Request access to your data here.
• Request the correction of your data, in cases where the data we hold about you are incorrect or insufficient here.
• Request to delete your data, if there is no legal obligation for us to keep them here.
• Withdraw your consent, in cases where consent is the lawful basis for the processing of your data.
• Object to processing for a specific reason here.
• Request restriction of processing here.
• Request to transfer your data to another Controller here.

You may exercise the aforementioned rights, using the above forms, addressed to: privacy@spandidos-publications.com.

You will receive a response to your request within one (1) month of its receipt. If an extension of two (2) months to respond to your request is required, taking into account the complexity and number of concurrent requests, we will inform you in due time.

If you do not receive a response to your request, you have the right to lodge a complaint with the Data Protection Authority of your residence.

9. Automated decision-making

We do not use automated decision-making.

10. About this privacy policy

This privacy policy is updated periodically and without prior notice. We encourage you to frequently review this policy so as to be informed about any possible changes with regard to processing of your personal data. This site contains links to external sites that may have different privacy policies.

For more information regarding our privacy policy, or for relevant questions or comments, please email us at: privacy@spandidos-publications.com.