GDPR Compliance Statement for ScholarNote

At Mahatma Gandhi University Innovation Foundation, herein referred to as MGU IF, we are committed to protecting the privacy and security of personal data provided by users of the ScholarNote application. This compliance statement outlines how we collect, process, and safeguard your data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

1. Data Controller

MGU IF is the data controller for the personal data processed within the ScholarNote application. We are responsible for ensuring that your personal data is handled in a secure and lawful manner.

2. Data Collection

We collect and process personal data only to the extent necessary for providing the ScholarNote services. The types of personal data we may collect include:

  • User Information: Name, email address, contact details, organization, work title, address, city, state and country.
  • Journal Submission Data: Manuscripts, abstracts, and related metadata submitted by users for review.
  • Review and Feedback Data: Reviewer comments, ratings, and feedback.

We collect this information when users register, submit manuscripts, participate in peer reviews, or otherwise engage with the application.

3. Purpose of Data Processing

We process your personal data for the following purposes:

  • To provide and maintain the ScholarNote platform.
  • To enable manuscript submissions, peer reviews, and collaboration.
  • To communicate with users regarding application updates, features, and support.
  • To ensure the security and integrity of the platform.

4. Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Consent: You provide explicit consent when you register and use ScholarNote or submit personal data.
  • Contractual Necessity: The processing is required for the performance of a contract, such as managing journal submissions and reviews.
  • Legitimate Interests: We process data to ensure the functionality, security, and improvement of the ScholarNote platform.

5. Data Sharing and Transfers

We will not share your personal data with third parties except in the following circumstances:

  • With service providers who assist in the operation of the ScholarNote platform (e.g., cloud hosting providers).
  • As required by law or to protect our legal rights.

Your personal data may be transferred to countries outside the European Economic Area (EEA) in compliance with GDPR. Appropriate safeguards will be in place, such as standard contractual clauses, to ensure the protection of your data.

6. Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this statement, or as required by law or contractual obligations. Once no longer required, we securely delete or anonymize your data.

7. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct any inaccurate or incomplete data.
  • Right to Erasure: You can request the deletion of your personal data, subject to certain legal exceptions.
  • Right to Restriction of Processing: You can request that we limit the processing of your data.
  • Right to Data Portability: You can request that we transfer your personal data to another service provider in a structured, commonly used format.
  • Right to Object: You can object to the processing of your data based on legitimate interests or direct marketing purposes.

To exercise any of these rights, please contact us at [Your Contact Email].

8. Data Security

We take appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. This includes encryption, access controls, and regular security assessments.

9. Changes to this Statement

We may update this GDPR Compliance Statement from time to time. Any changes will be posted on this page, and where appropriate, you will be notified.

10. Contact Information

If you have any questions about this GDPR Compliance Statement or how we handle your personal data, please contact us at:

MGU IF
Email: [Your Contact Email]
Address: [Your Company Address]