Privacy Policy and Personal Data
PRIVACY POLICY
1. The Controller of personal data processed based on the ASTRJ journal (https://www.astrj.com) shall be company: WNGB Scientific Publishing House Sp. z o.o., ul. Lazurowa 26/1, 20-781 Lublin, Poland, TAX ID: 712-348-26-84, e-mail: office@wngb.pl
2. This Privacy Policy contains information on how the Controller processes personal data of Users while they are using Internet application.
3. This Privacy Policy may be amended. The up-to-date version of the Privacy Policy is available at: https://www.astrj.com/Privacy-Policy-and-Personal-Data,5737.html
Types of data collected and how they are used:
1. In order to use the Submit your paper, an account must be created and one must log into that account. Personal data may contain full name, sex, scientific degree, telephone number, email address, institutional affiliation, affiliation address, date of birth, specialty, areas of scientific interest and photograph. Some elements are not required. Some elements, e.g. a photograph, can be added at any time when using the Editorial System. Data of users are used to identify authors, reviewers, editorial staff, publishing house staff, members of scientific conferences’ committees involved in the flow of articles and abstracts submitted to scientific journals and for conferences, and to contact such persons to the extent necessary for that process as part of the electronic services. Personal data must be provided for correct performance of the agreement on services provided by electronic means.
2. As part of the use of the System, system logs containing but not limited to the date and duration of the visit and IP address from which the connection was made, domain name, browser type, operating system type, information on audience statistics. Such data are processed for statistical purposes and to improve the systems offered. Data are collected anonymously and do not permit identification of individual users.
3. The personal data shall be:
– processed lawfully, fairly and in a transparent manner in relation to the User,
– collected for specified, explicit and legitimate purposes (provision of services) and not further processed in a manner that is incompatible with those purposes;
– adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
– accurate and, where necessary, kept up to date;
– kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
– processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
4. The Controller shall process personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. Those measures shall be updated.
5. The Controller shall not process any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
Security
1. The Controller of personal data shall take all reasonable activities ensuring protection of personal data of users of the electronic journal system. This means for example development of relevant technical and organisational rules and procedures to minimise the risk of unauthorised access to the user’s account and to data of users and the risk of disclosing them. Information provided by users shall be processed and stored using appropriate measures of security compliant with requirements set by applicable laws. These measures shall be reviewed and updated where necessary.
2. The Controller shall implement technical and organisational measures such as:
– maintaining records of processing activities,
– pseudonymisation and encryption of personal data;
– ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
– the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
– a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
3. However, the Controller of personal data shall not guarantee that the risk of unauthorised use of personal data by unauthorised persons acting unlawfully shall be excluded entirely. Any passwords to accounts shall be kept in a safe place and shall not be disclosed to third parties. We must be promptly notified of any cases of unauthorised use of the password or of other threats to security.
Rights of Users
1. The User shall have the right to obtain from the Controller of personal data confirmation as to whether or not personal data concerning the User are being processed and, where that is the case, access to the personal data and the following information:
– the purposes of the processing;
– the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
– where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
– the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the User (data subject) or to object to such processing;
– the right to lodge a complaint with a supervisory authority;
– where the personal data are not collected from the User, any available information as to their source.
2. The Controller shall comply with the above obligation e.g. by providing Users with a document at https://www.astrj.com/Privacy-Policy-and-Personal-Data,5737.html, which is the performance of art. 13 of the GDPR.
3. The User shall have the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the User shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
4. The User shall have the right to obtain from the Controller the erasure of personal data concerning him or her without undue delay and the Controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
– the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
– the User objects to the processing,
– the personal data have been unlawfully processed;
– the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
– the personal data have been collected in relation to the offer of information society services.
5. The User shall have the right to obtain from the Controller restriction of processing where one of the following applies:
– the accuracy of the personal data is contested by the User, for a period enabling the Controller to verify the accuracy of the personal data;
– the processing is unlawful and the User opposes the erasure of the personal data and requests the restriction of their use instead;
– the Controller no longer needs the personal data for the purposes of the processing, but they are required by the User for the establishment, exercise or defence of legal claims;
- the User has objected to processing.
Change of personal data
The Controller of personal data shall ensure that the user has the right to access to and updating or erasure of personal data. These activities can be done mostly on one’s own after logging into the Editorial System. If a functionality has not been provided, this can be done by contacting the Controller at office@wngb.com.
Amendments to the Privacy Policy
1. The Controller may update this Policy from time to time. The Controller shall inform Users about each amendment to this Policy by publishing a new document on this website.
2. The User may read this document and amendments thereto at this website. Amendments to the Privacy Policy shall take effect on thy day they are published on this website.
PERSONAL DATA INFORMATION FORM
(information obligation set out in art. 13 of the GDPR )
Who is the personal data controller and how to contact the controller?
The controller of personal data processed in the ASTRJ jounal is company WNGB Scientific Publishing House Sp. z o.o., ul. Lazurowa 26/1, 20-781 Lublin, Poland, TAX ID: 712-348-26-84, e-mail: office@wngb.pl
What is the scope of personal data processing within the ASTRJ?
The personal data controller provides to Users services by electronic means via the astrj.com. In order to provide such services, Users are obliged to provide personal data. Personal data will be processed in particular:
1. To identify authors, reviewers, editorial staff, publishing house staff, members of scientific conferences’ committees involved in the flow of articles and conference abstracts submitted to scientific journals and for conferences and to contact such persons to the extent necessary for that process.
2. Under art. 6.1(b) of the GDPR, in order to perform the agreement to which the data subject is a party (personal data must be provided for the Controller to provide services by electronic means). Detailed information on categories of data collected and processed is given in the Privacy Policy.
Who is the data recipient?
Recipients of personal data will be publishing house of scientific journal with which the Controller has executed agreements.
How long will my personal data be processed?
Personal data processed in order to perform the agreement will be processed for the term of the agreement and thereafter, for the period necessary for archiving purposes in the context of publishing activities of data recipients. If data are not required to comply with obligations under the agreement on provision of services by electronic means or statutory obligations, such data are deleted.
Do I have to provide my personal data?
The use of the System is voluntary, nevertheless, in order to provide services via the System, we need your data. If no data are provided, we will be unable to provide services and fulfil the obligation to provide services by electronic means.
What are my rights?
Rights of each person whose data are processed by the Controller:
1. the right of access to his/her personal data, i.e. the right to obtain confirmation as to whether or not personal data concerning him or her are being processed and information on such processing,
2. the right to rectification if data processed by the Controller are inaccurate or incomplete,
3. the right to request from the Controller erasure of data,
4. the right to request from the Controller restriction of personal data processing,
5. if applicable - the right to data portability, i.e. the right to receive personal data provided to the Controller and to transmit those data to another controller;
6. the right to object processing of personal data,
7. the right to withdraw consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal),
8. the right to lodge a complaint with a Polish supervisory authority or a supervisory authority of another European Union Member State of his or her habitual residence or place of work of the data subject or place of the alleged infringement of the GDPR
The rights listed in items 1-7 above may be exercised e.g. by contacting the Controller.
Definitions
GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
1. The Controller of personal data processed based on the ASTRJ journal (https://www.astrj.com) shall be company: WNGB Scientific Publishing House Sp. z o.o., ul. Lazurowa 26/1, 20-781 Lublin, Poland, TAX ID: 712-348-26-84, e-mail: office@wngb.pl
2. This Privacy Policy contains information on how the Controller processes personal data of Users while they are using Internet application.
3. This Privacy Policy may be amended. The up-to-date version of the Privacy Policy is available at: https://www.astrj.com/Privacy-Policy-and-Personal-Data,5737.html
Types of data collected and how they are used:
1. In order to use the Submit your paper, an account must be created and one must log into that account. Personal data may contain full name, sex, scientific degree, telephone number, email address, institutional affiliation, affiliation address, date of birth, specialty, areas of scientific interest and photograph. Some elements are not required. Some elements, e.g. a photograph, can be added at any time when using the Editorial System. Data of users are used to identify authors, reviewers, editorial staff, publishing house staff, members of scientific conferences’ committees involved in the flow of articles and abstracts submitted to scientific journals and for conferences, and to contact such persons to the extent necessary for that process as part of the electronic services. Personal data must be provided for correct performance of the agreement on services provided by electronic means.
2. As part of the use of the System, system logs containing but not limited to the date and duration of the visit and IP address from which the connection was made, domain name, browser type, operating system type, information on audience statistics. Such data are processed for statistical purposes and to improve the systems offered. Data are collected anonymously and do not permit identification of individual users.
3. The personal data shall be:
– processed lawfully, fairly and in a transparent manner in relation to the User,
– collected for specified, explicit and legitimate purposes (provision of services) and not further processed in a manner that is incompatible with those purposes;
– adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
– accurate and, where necessary, kept up to date;
– kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
– processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
4. The Controller shall process personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. Those measures shall be updated.
5. The Controller shall not process any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
Security
1. The Controller of personal data shall take all reasonable activities ensuring protection of personal data of users of the electronic journal system. This means for example development of relevant technical and organisational rules and procedures to minimise the risk of unauthorised access to the user’s account and to data of users and the risk of disclosing them. Information provided by users shall be processed and stored using appropriate measures of security compliant with requirements set by applicable laws. These measures shall be reviewed and updated where necessary.
2. The Controller shall implement technical and organisational measures such as:
– maintaining records of processing activities,
– pseudonymisation and encryption of personal data;
– ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
– the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
– a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
3. However, the Controller of personal data shall not guarantee that the risk of unauthorised use of personal data by unauthorised persons acting unlawfully shall be excluded entirely. Any passwords to accounts shall be kept in a safe place and shall not be disclosed to third parties. We must be promptly notified of any cases of unauthorised use of the password or of other threats to security.
Rights of Users
1. The User shall have the right to obtain from the Controller of personal data confirmation as to whether or not personal data concerning the User are being processed and, where that is the case, access to the personal data and the following information:
– the purposes of the processing;
– the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
– where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
– the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the User (data subject) or to object to such processing;
– the right to lodge a complaint with a supervisory authority;
– where the personal data are not collected from the User, any available information as to their source.
2. The Controller shall comply with the above obligation e.g. by providing Users with a document at https://www.astrj.com/Privacy-Policy-and-Personal-Data,5737.html, which is the performance of art. 13 of the GDPR.
3. The User shall have the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the User shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
4. The User shall have the right to obtain from the Controller the erasure of personal data concerning him or her without undue delay and the Controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
– the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
– the User objects to the processing,
– the personal data have been unlawfully processed;
– the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
– the personal data have been collected in relation to the offer of information society services.
5. The User shall have the right to obtain from the Controller restriction of processing where one of the following applies:
– the accuracy of the personal data is contested by the User, for a period enabling the Controller to verify the accuracy of the personal data;
– the processing is unlawful and the User opposes the erasure of the personal data and requests the restriction of their use instead;
– the Controller no longer needs the personal data for the purposes of the processing, but they are required by the User for the establishment, exercise or defence of legal claims;
- the User has objected to processing.
Change of personal data
The Controller of personal data shall ensure that the user has the right to access to and updating or erasure of personal data. These activities can be done mostly on one’s own after logging into the Editorial System. If a functionality has not been provided, this can be done by contacting the Controller at office@wngb.com.
Amendments to the Privacy Policy
1. The Controller may update this Policy from time to time. The Controller shall inform Users about each amendment to this Policy by publishing a new document on this website.
2. The User may read this document and amendments thereto at this website. Amendments to the Privacy Policy shall take effect on thy day they are published on this website.
PERSONAL DATA INFORMATION FORM
(information obligation set out in art. 13 of the GDPR )
Who is the personal data controller and how to contact the controller?
The controller of personal data processed in the ASTRJ jounal is company WNGB Scientific Publishing House Sp. z o.o., ul. Lazurowa 26/1, 20-781 Lublin, Poland, TAX ID: 712-348-26-84, e-mail: office@wngb.pl
What is the scope of personal data processing within the ASTRJ?
The personal data controller provides to Users services by electronic means via the astrj.com. In order to provide such services, Users are obliged to provide personal data. Personal data will be processed in particular:
1. To identify authors, reviewers, editorial staff, publishing house staff, members of scientific conferences’ committees involved in the flow of articles and conference abstracts submitted to scientific journals and for conferences and to contact such persons to the extent necessary for that process.
2. Under art. 6.1(b) of the GDPR, in order to perform the agreement to which the data subject is a party (personal data must be provided for the Controller to provide services by electronic means). Detailed information on categories of data collected and processed is given in the Privacy Policy.
Who is the data recipient?
Recipients of personal data will be publishing house of scientific journal with which the Controller has executed agreements.
How long will my personal data be processed?
Personal data processed in order to perform the agreement will be processed for the term of the agreement and thereafter, for the period necessary for archiving purposes in the context of publishing activities of data recipients. If data are not required to comply with obligations under the agreement on provision of services by electronic means or statutory obligations, such data are deleted.
Do I have to provide my personal data?
The use of the System is voluntary, nevertheless, in order to provide services via the System, we need your data. If no data are provided, we will be unable to provide services and fulfil the obligation to provide services by electronic means.
What are my rights?
Rights of each person whose data are processed by the Controller:
1. the right of access to his/her personal data, i.e. the right to obtain confirmation as to whether or not personal data concerning him or her are being processed and information on such processing,
2. the right to rectification if data processed by the Controller are inaccurate or incomplete,
3. the right to request from the Controller erasure of data,
4. the right to request from the Controller restriction of personal data processing,
5. if applicable - the right to data portability, i.e. the right to receive personal data provided to the Controller and to transmit those data to another controller;
6. the right to object processing of personal data,
7. the right to withdraw consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal),
8. the right to lodge a complaint with a Polish supervisory authority or a supervisory authority of another European Union Member State of his or her habitual residence or place of work of the data subject or place of the alleged infringement of the GDPR
The rights listed in items 1-7 above may be exercised e.g. by contacting the Controller.
Definitions
GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Most read
- Month
- Year
We process personal data collected when visiting the website. The function of obtaining information about users and their behavior is carried out by voluntarily entered information in forms and saving cookies in end devices. Data, including cookies, are used to provide services, improve the user experience and to analyze the traffic in accordance with the Privacy policy. Data are also collected and processed by Google Analytics tool (more).
You can change cookies settings in your browser. Restricted use of cookies in the browser configuration may affect some functionalities of the website.
You can change cookies settings in your browser. Restricted use of cookies in the browser configuration may affect some functionalities of the website.
