General Data Protection Regulation
IndraStra Global

General Data Protection Regulation


General Data Protection Regulation

The General Data Protection Regulation (European Union - EU) 2016/689 is a law designed to enhance data protection and provide a consolidated framework to guide business usage of personal data across the EU. 

This Data Processing Addendum (DPA) is published in draft for the purposes of review and acceptance by existing authors, clients, and users, before the GDPR legislation comes into force on May 25th, 2018.

We duly accept data privacy and data security are two sides of the same coin.  That is why, at our end, we specifically classified our "data headers" below, to effectively minimize any unwanted future inconvenience caused to our authors and users;

What information (data) is being collected?


Contributing Authors ("data subjects")
  • Name (Only from contributing authors a.k.a. "data subjects")
  • Email  IDs (Only from contributing authors and RSS subscribers a.k.a. "data subjects")
  • Social media profiles (Only from contributing authors a.k.a. "data subjects")
  • Department and institutional affiliations (Only from contributing authors a.k.a. "data subjects")
  • ORCID IDs* (Only from contributing authors a.k.a. "data subjects")
  • Thomson Reuters ResearcherIDs* (Only from contributing authors a.k.a. "data subjects")
  • Figshare IDs* (Only from contributing authors a.k.a. "data subjects")
*Global Author Identifiers are pieces of information which are closely connected with a particular individual, which could be used to single them out/re-identify.

Contributing Authors ("data subjects") have full control of all permissions granted to us or to their individual institutions. The permission can be revoked at any stage.

Contributing Authors ("data subjects") can delete all items an institution has updated in their ORCID/Thomson Reuters ResearcherID/Figshare ID record and control the visibility of these items.

The institution does not add entire publications to an individual’s ORCID/Thomson Reuters ResearcherID/Figshare record, only metadata.

Systems can only update ORCID/Thomson Reuters ResearcherID/Figshare records if they have been granted permission to do so by the individual record-holder; the Registry cannot import metadata from other system APIs without individual consent.

RSS Subscribers ("data subjects")

RSS subscription by the site users ("data subjects") at IndraStra owned sites is voluntary in nature. The permission can be revoked at any stage.

Anonymized Data 

We use third-party web analytics services on our Site, such as Google Analytics. These service providers help us analyze how users use our Site. The information collected for this purpose (including your IP address and other information collected by automated means) will be disclosed to or collected directly by these service providers. These service providers may retain and use anonymized, aggregated data collected from users of our Site in connection with their own businesses, including in order to improve their products and services. To learn more about opting out of data collection through Google Analytics, click the link.


What information (data) is NOT being collected?

  • Telephone Numbers (From "no one")
  • Bank Accounts (From "no one")
  • TAX IDs (From "no one")
  • Government IDs (From "no one")
  • Company IDs (From "no one")
  • Any sort of Performance Reports (From "no one")

Who is collecting the information (data)?


IndraStra Global Editorial Team (for the article submissions) and IndraStra Global Engineering Team (for RSS subscriber's data)

How is information (data) collected?


The information (data) at IndraStra owned digital properties (incl. mobile applications) is collected via email and RSS subscription link. Anonymised Data a.k.a "Non-identifiable Personal Data" collected through Google Analytics and other such platforms are not subjected to GDPR norms. 

Why is information (data) being collected?


We collect author data as part of our basic data sharing policy, which applies across many of our publications, encourages authors ("data subjects") to deposit data in a suitable repository, cite it, and include a data availability statement explaining where others can access the data. Do note, we ourselves provide repository service - IndraStra Global Open Repository (IGOR)

We collect RSS subscribers data based on the voluntary submission via a subscription link. This service provided by IndraStra Global for sending new post/publications updates to the subscribers via email which they have provided during the time of registration. The permission can be revoked at any stage via clicking at unsubscription link provided within the body of the email or by visiting feedburner.google.com.

How will the collected information (data) be used?


The collected information (data) from contributing authors ("data subjects") will be used only for library indexing and open access repository submissions.

The collected information (data) from RSS subscribers ("data subjects") will be used for sending new post notifications only. 

Who will it be shared with?


Any "personally identifiable information (PII)" shared by our contributing authors ("data subjects") and RSS subscribers ("data subjects") are not processed, stored, modified or shared with anyone.

However, each of our 15 different third-party portals/applications undertakes a different level of personal data collection, usage, storage, and disposal. Defining the purview of personal data for each of these applications and documenting the various sources of data are in compliance with respective's GDPR addendums linked with a data protection official (DPO) from our end.

IndraStra Global and its team uses multiple third-party services which are as follows;

1. Academia.edu
2. Android Enterprise
3. Dataverse Project
4. Facebook Business
5. Facebook Workplace Premium
6. FigShare
7. Google
8. Google Cloud
9. Linkedin
10. ORCID
11.. ResearchGate
12. Thomson Reuters ResearcherID
13. Twitter
14. Zenodo
15. Zoho

What will be the effect of this on the individuals concerned?


Contributing Authors ("data subjects") can/will always control the settings for visibility & sharing of their own ORCID/Thomson Reuters ResearcherID/Figshare Record data. 

Anonymised Data a.k.a "Non-identifiable Personal Data" collected through Google Analytics and other such platforms are not subjected to GDPR norms.

Regardless of where we store and process data, we take steps to protect your information, consistent with the principles set forth in this Privacy Policy, which are intended to comply with the Privacy Shield Framework issued by the U.S. Department of Commerce and with Article 26 of the EU Data Protection Directive covering data transfers. In addition, we are in the process of thoroughly reviewing our privacy practices and procedures in line with the European General Data Protection Regulation

Questions?


If you have any questions about IndraStra Global’s GDPR program, please reach out to your IndraStra contact or email our Data Protection Officer at dpo(at)indrastra(dot)com.

NOTE: This "GDPR Addendum" is a "DRAFT" legal instrument written by IndraStra Global Editorial Team. It is provided on an "as-is" basis. No legal services are provided or intended to be provided in connection with this Addendum. To learn more about our Privacy Policy, please click here.