Privacy Policy

1. Types of Personal Information we process

Personal information means any information relating to an identified or identifiable individual. The types of personal information that we process are determined by how individuals interact with us and the particular products and services that we provide. The types of personal information that we process include:

Identifiers, such as name, email address, username, IP address, institution identification number (e.g. student ID) or government-issued identification number (e.g. Social Security Number);
Contact information, such as email address, postal address, telephone number;
Demographic information, such as age or gender;
Commercial information about how individuals engage with us, such as purchase history and subscription information;
Financial information, such as a credit or debit card number or scholarship information;
Academic or Professional information, such as publications, work history, education history, expertise;
Engagement information, such as comments, feedback, posts, enquiries, and communications;
Images, such as closed-circuit television if visiting our office locations;
Website activity information, as explained below in the section “Information Collected Through Automated Technologies;”
Preferences, such as communication, language, or marketing.

Some of the personal information that we process may constitute sensitive personal information, which can be defined differently according to each country’s local data protection laws. We will only process such sensitive personal information where this is necessary to fulfil a specific and legitimate purpose.

2. Where we collect Personal Information from

Information provided directly

We collect personal information directly from individuals who use our Sites or services, visit our office locations, or communicate with us. All information that we ask for is mandatory unless it is indicated as being optional. If mandatory information is not provided, we will be unable to provide the requested service.

Information collected through automated technologies

We collect personal information when our Sites are used, either directly or through our third-party analytics providers. This might include Internet Protocol (IP) address, browser type and settings, device identifier details, internet service provider (ISP), referring and exit pages, the Site content interacted with, operating system, clickstream data, location data, or other usage information. We collect this information through tracking technologies, including first and third-party cookies, web beacons (also known as tracking pixels or pixel tags), embedded scripts, location-identifying technologies, device recognition technologies, and session replay software. We may combine this information with other information that we hold.

We use this information to enable Site functionality, understand Site interaction trends, gather demographic insights about our user base, personalize user experiences, and otherwise administer and improve our Sites and services. While we do not currently respond to “do not track” browser signals, users have several options to exercise choices about cookies and tracking technologies. Our Cookies Policy provides more information about cookies and tracking technologies on our Sites and how to control their use.

Information we receive from other sources

We receive personal information from third parties such as: business partners that we work with to provide our services; advertising, marketing, digital and social media agencies; data brokers; analytics providers; academic institutions; journal owners, societies and similar organizations; search information providers; third parties who may recommend potential authors, reviewers, editors or contributors; and credit reference agencies. We also receive information from publicly accessible sources, such as public databases or social media platforms.

If you choose to register and sign in by using a third-party account as an identity service (such as your Facebook or Google account), that third party manages the authentication of your account. Atypon will collect your name, email address and any other information that you agree to share with us at the time you give permission for your Atypon account to be linked to your third-party account.

3. Use of Personal Information

Depending on how individuals interact with Atypon, we use personal information where it is necessary to perform contractual obligations, where consent has been given, where it is necessary to comply with a legal or regulatory obligation, or (if permitted by jurisdictional law) where we or a third party have a legitimate and lawful business need. This includes processing personal information for the following purposes:

Administration of products and services
- Performing contracts or other transactions that we enter into;
- Providing, managing and supporting our products and services.

Marketing and communication
- Communicating about our or our partners’ programs or events (including webinars, conferences, contests, or surveys);
- Marketing our Sites, products, or services (including by delivering commercial emails, newsletters, targeted advertising, phone calls, and/or SMS messages);
- Responding to enquiries, requests, or other comments;
- Personalizing our Sites, services, products, and communications.
Development of products and services
- Evaluating and improving our business (including enhancing our Sites, services, products, and communications; developing new Sites, services, and products; and assessing the effectiveness of our promotions and advertising);
- Performing data analytics for internal research or other business purposes.
Business management and administration
- Diversity and inclusion initiatives (for example, we might use gender to analyze representation and improve equitable outcomes);
- Detecting and investigating fraud and suspicious activity (e.g., violations of our Terms of Use) and otherwise keeping our Sites safe and secure;
- Complying with legal or regulatory obligations.

We use information collected through automated technologies for the purposes described in the “Information Collected Through Automated Technologies” section above.

Atypon does not use solely automated means to produce decisions that would have legal or similarly significant effects on individuals without providing the opportunity for human review. If such decisions are made in any particular instance, we will provide information about how the decision is made, the consequences of the decision, and how to ask for that automated decision to be reviewed by a person.

We may use personal information for other purposes that we inform you of where we have prior consent, a legitimate business interest, or another lawful basis to do so.

We may aggregate or anonymise information so that it is de-identified and can no longer be used to identify individuals. Subject to applicable laws, this information may be used for analytical purposes such as developing our products and services, identifying industry trends, and benchmarking. Where allowed by law, we may share aggregated or de-identified information with third parties as described in the “Sharing Personal Information” section below.

4. Sharing Personal Information

Within Atypon. We may share personal information with our subsidiary and affiliate companies for the purposes described in the “Use of Personal Information” section above.

With our service providers. We may share personal information with service providers that perform services on our behalf. Before we share personal information with any service provider, they must agree to comply with applicable laws, maintain strong data security, and only process personal information as we instruct.

With partner organizations. We may share personal information with certain partners, including:

Where a third party such as an academic institution, school, employer, business or other entity provides you with access to a Atypon product or service, we may share information regarding your usage of the product or service, results of assessments taken, and other information you input into the product or service;
Where you participate in a program or event in which we partner with third parties (such as a webinar, conference, or promotional event), we may share your information with the sponsor of that program or event;
Where you have access to our content or Sites, or you have chosen to receive electronic alerts about journals, or your contribution to one of our journals or other works has been accepted for publication, we may share your information with the organization(s) associated with such content or Sites (for example, the journal owner or a society);
Where you declare an affiliation to a funder, institution, consortia, or similar organization, we may share your information with that organization where such sharing is necessary to fulfil any of our services of which that organization is a customer;
Where your information is part of the published content to which Atypon is providing access;
Where we use advertising partners to serve ads and/or collect certain information when you visit our Sites to provide advertisements about goods and services likely to be of greater interest to you;
Where, even if not described above, you have consented to disclosure or we have a lawful and legitimate business reason for disclosure.

With public authorities: We may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

With other third parties. We will share personal information with other third parties where we have a good faith belief that disclosure is necessary to comply with the law or with legal process, to protect and defend our rights and property, to protect the safety or property of our users or the general public, or to protect against misuse or unauthorized use of our Sites and services. We may also share personal information in connection with corporate transactions, such as a transfer of a journal or other assets, merger, acquisition, consolidation, or change of control.

Atypon does not sell personal information to other organizations.

5. International Transfers

Atypon is an international business. We may transfer, store or process personal information in any country where Atypon or its service providers operate. This includes the United States, the United Kingdom, Germany, Singapore, Brazil, India, Sri Lanka, Australia, the Philippines, and China. These countries might have privacy laws that do not provide the same level of protection as those of your country of residence. We take all necessary steps to ensure that personal information is treated securely and in accordance with all applicable data protection laws.

If we transfer personal information out of the European Economic Area we implement appropriate safeguards in accordance with applicable law, such as the European Commission’s Standard Contractual Clauses.

EU-US Data Privacy Framework, UK Extension, and Swiss-U.S. Data Privacy Framework

Atypon Systems, LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. We have also certified to the U.S. Department of Commerce that we adhere to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.

To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. Atypon is committed to processing all personal data received under the EU-U.S. DPF or under the Swiss-U.S. DPF in line with the requirements of those Frameworks. Where personal data received under either DPF is shared with third parties, we will comply with the Notice and Choice Principles as required by those Frameworks, and we retain responsibility in line with the Frameworks’ requirements for any such personal data processed by a third party acting as an agent on our behalf and we are responsible for the event giving rise to the damage.

This Privacy Statement describes the types of Personal Data we collect, the purposes for which we collect and use your Personal Data, and the purposes for which we disclose your Personal Data to certain types of third parties in the sections above. Pursuant to the DPF, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain Personal Data relating to you in the U.S. Upon request, we will provide you with access to the Personal Data that we hold about you. You may also correct, amend, or delete the Personal Data we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the U.S. under DPF, should direct their query to [email protected]. See Section 9 Your Rights below for more information.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, we commit to resolve DPF Principles-related complaints about our collection and use of your personal information. EU,UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF,the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF should first contact us by emailing [email protected]. In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Atypon commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you. If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Annex 1 of the DPF Principles, located at https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction. The Federal Trade Commission has jurisdiction over Atypon’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), UK Extension to the EU-U.S. DPF, the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

You can find detailed information on the Data Privacy Framework Program at https://www.dataprivacyframework.gov/.

6. Retention of Personal Information

We keep personal information for as long as necessary to carry out the purposes described above, to resolve disputes, and for any additional period required by law (e.g., reporting or accounting obligations).

7. Security of Personal Information

The security, integrity, and confidentiality of personal information is of paramount importance to Atypon. We have implemented technical, administrative, and physical security measures that are designed to protect personal information from unauthorized access, disclosure, use, modification and destruction.

8. Children and Students

We do not knowingly collect, use, or disclose information from or about a child under 14 years old without the prior consent of their parent or guardian. If you are a minor under applicable law, you should not use Atypon’s Sites or services for any purpose without first obtaining consent from your parent or guardian. If you would like to review any personal information that we have collected from your child, or to request the deletion of such information, or to request that there be no further collection or use of your child’s information, or if you have questions about these information practices, please contact us at [email protected].

In the United States, certain information relating to students is governed by the Family Educational Rights and Privacy Act (FERPA). Please click here to read our FERPA Policy.

9. Your Rights

The rights provided by data privacy laws vary by geographical location, and we will respond to requests as required by relevant laws. You will not receive discriminatory treatment from us if you choose to exercise any of your rights. These laws typically include your right to ask for:

Access to the personal information we have about you;
An electronic copy of the personal information we have about you;
Correction of any errors in your personal information;
Deletion of your personal information; and
Restrictions or objections to how we process your personal information.
You also have the right to lodge a complaint with a supervisory authority. However we would encourage you to contact us first so that we can try to resolve your concerns.

To exercise your rights you can submit a request to the Data Privacy Team by email at [email protected] or by phone at +1-877-762-2974. Only you, your authorized representative, or you on behalf of your child may submit a request. For the protection of all individuals’ personal information, we will only process your request if we can reasonably verify that you are, or are the authorized representative of, the person whose personal information we hold.

When you submit a request, we may ask for more information to verify your identity and to help us comply with your request. If we cannot fulfil your request for any reason, an explanation will be provided. We do not typically charge for the exercise of individual rights, but we reserve the right to apply a charge in exceptional cases if there is a business need and in compliance with relevant data privacy laws.

If you have given your consent to processing, you can withdraw that consent at any time. If you wish to review or change your marketing preferences, you can use the “opt-out” or unsubscribe mechanism provided within the communications that you receive from us, or submit an email request to [email protected]. You may still receive necessary transactional communications if you engage with our products or services.

10. Questions and Complaints

If you have any questions or comments about Atypon’s use of your personal information, or if you wish to submit a complaint, please email us at [email protected]. Or you can contact Atypon’s Data Protection Officer using the details found here: Data Protection Contacts.

If you have any questions or complaints specific to personal data transferred under the EU-U.S. Data Privacy Framework, or the UK Extension to the EU-U.S. Data Privacy Framework, or the Swiss-U.S. Data Privacy Framework, please see section 5 above.

11. Links to Third-Party Websites

Atypon’s Sites or services may include links to third-party websites not owned by Atypon. When using such links, please be aware that any third-party website is subject to its own privacy and data protection policies and is not covered by this Privacy Policy.

12. Updates to this Privacy Policy

We periodically review this Privacy Policy to ensure it is up to date. Any changes to the Privacy Policy will be posted on this page and will become effective as of the Effective Date above. If we make a material change in the way we collect, use, or share personal information, we will post a prominent notice or provide other notice as required by law. If required, we may request your updated consent to enable us to continue processing. We encourage you to periodically review this page for the latest information on our privacy practices.