Подать статью

Privacy Policy

Privacy Policy (Personal Data Processing Policy)

Website: https://spjdid.kz Project: 'UNAIDS Journal' (official website of the scientific journal) Personal Data Operator: RSE on REU 'Kazakh Scientific Center of Dermatology and Infectious Diseases' of the Ministry of Health of the Republic of Kazakhstan BIN: 181240026355 Contact for personal data inquiries: [email protected]

This Privacy Policy (hereinafter referred to as the Policy) defines the legal grounds, purposes, composition and methods of processing personal data, as well as measures for their protection when using the website https://spjdid.kz (hereinafter referred to as the Website).

The Policy applies to all users of the Website, including visitors without registration, as well as registered users (authors, reviewers, editors and other persons who have access to the functionality of the personal account), and persons sending inquiries through feedback forms.

The Policy applies to the processing of personal data within the framework of:

  1. registration and administration of accounts;
  2. online submission of manuscripts and accompanying materials;
  3. editorial consideration, review (including double-blind review - when using the appropriate mode), literary editing and preparation for publication;
  4. publication of materials and metadata of articles, including placement of PDF and/or other publication formats;
  5. processing of inquiries, requests and notifications.

1. Terms and Definitions

Personal dataany information relating to an identified or identifiable individual.

Operatoran organization that independently or together with other persons determines the purposes and means of processing personal data and carries out such processing (the Operator is specified in the preamble).

Personal data processingany action (operation) or set of actions (operations) with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), use, transfer (provision, access), depersonalization, blocking, deletion and destruction.

Userany person using the Website.

Account (personal office/cabinet)a set of data and functions of the Website attached to the user and intended for identification, profile management and participation in the publication process.

Publication processa set of procedures ensuring the receipt of a manuscript, its consideration, review, editorial preparation and publication.

2. Principles of Personal Data Processing

The Operator processes personal data in accordance with the principles of legality, fairness and proportionality.

In particular, the Operator proceeds from the following methodological guidelines:

  1. processing is carried out for pre-defined, specific and legitimate purposes;
  2. the volume and content of data correspond to the purposes of processing (minimization principle);
  3. relevance and reliability of data are ensured within reasonable and technically feasible measures;
  4. storage is carried out no longer than required for the purposes of processing and fulfillment of the Operator's obligations;
  5. organizational and technical measures aimed at confidentiality, integrity and availability of data are implemented.

3. Categories of Processed Data

The Operator may process the following categories of data (depending on the Website usage scenario and user role).

3.1. Technical and Operational Data

  1. IP address, device type, browser and operating system information, interface language;
  2. display parameters (screen resolution, time zone), date and time of access to the Website;
  3. session identifiers and related data;
  4. information about interaction with the Website (pages viewed, clicks, transitions) - primarily for the purpose of ensuring correct operation and improving the quality of the service.

3.2. Registered User Data (Profile)

Depending on the role (Author / Reviewer / Editor / Reader, etc.), the following may be processed:

  1. login (username), account identifiers;
  2. first and last name, preferred form of address;
  3. gender and age (if there is a corresponding field in the functionality);
  4. citizenship and/or country;
  5. contact data: e-mail, phone (if specified);
  6. postal address (if specified);
  7. biographical information and affiliation/organization details (if specified), including multilingual versions;
  8. ORCID iD (if specified);
  9. information about selected working languages;
  10. notification settings and access rights determined by roles.

3.3. Data Related to Manuscripts and the Publication Process

  1. information about authors and co-authors (full name, affiliation/organization, contact details - in the volume provided by submission forms);
  2. manuscript text, accompanying documents, illustrations, tables and other materials;
  3. article metadata: title, abstract, keywords, section, language, issue information (year, volume, number), dates, DOI (if available);
  4. correspondence, comments and other communications arising within the framework of consideration and review;
  5. stages progress statuses (e.g.: materials, review, literary editing, payment - if applicable, publication).

3.4. Inquiries and Requests Data

  1. name, phone and/or e-mail (if specified);
  2. message content;
  3. other information that the user voluntarily reports in the text of the inquiry.

The Operator does not set a goal to process redundant or sensitive data. The user is recommended not to specify in free fields information that is not necessary for the purpose of the inquiry or publication process.

4. Purposes of Personal Data Processing

Personal data processing is carried out for:

  1. identification of the user, registration and administration of the account;
  2. providing the functionality of the personal cabinet and related services;
  3. organization and support of the publication process (receipt of the manuscript, consideration, review, editing, preparation for publication);
  4. communication with users (notification of statuses, requests for clarification, answers to inquiries);
  5. publication of journal materials and article metadata in accordance with the editorial policy;
  6. ensuring information security, preventing abuse and violation of the rules for using the Website;
  7. error diagnostics, improvement of user experience and Quality of the Website (by possibility - in depersonalized/aggregated form);
  8. compliance with the requirements of the legislation of the Republic of Kazakhstan, internal regulations of the Operator and editorial policy documents.

5. Legal Grounds for Processing

The Operator processes personal data in the presence of one or more legal grounds, including:

  1. user consent expressed through actions on the Website (e.g., during registration, filling out forms, setting profile settings);
  2. the necessity of processing to provide Website services and fulfill user requests;
  3. fulfillment of duties assigned to the Operator by the legislation of the Republic of Kazakhstan;
  4. legitimate interests of the Operator, including ensuring security, stability and correct operation of the Website, as well as prevention of violations.

6. Transfer of Personal Data to Third Parties

The Operator may provide access to personal data to third parties solely to the extent necessary to achieve the goals of processing and/or in cases directly provided by law.

In particular, personal data may be available to:

  1. reviewers, editors, members of the editorial board - in the part necessary for performing functions within the publication process and in accordance with the selected review model;
  2. technical contractors and providers (hosting, infrastructure maintenance, notification delivery services and other support services) - subject to their assumption of confidentiality obligations and compliance with security measures;
  3. state authorities - in the presence of a legal request and in the prescribed manner.

The Operator does not sell personal data and does not transfer it to third parties for purposes not related to the functioning of the Website and the publication process.

7. Publication of Information and Open Access

The specifics of a scientific publication involve placing some information in open access when publishing an article.

Depending on the editorial policy and the structure of the publication, the following can be published:

  1. author(s) full name;
  2. affiliation/organization;
  3. contact details of the corresponding author (if provided by the rules);
  4. ORCID iD (if provided by the user and used in metadata);
  5. article metadata (title, abstract, keywords, DOI, year/volume/number, publication date, section);
  6. PDF of the article and/or other formats of published material (if provided);
  7. licensing information (including license type and conditions of use).

Placement of open information is carried out in accordance with the rules for authors, editorial policies and standards for metadata presentation adopted in scientific communication.

8. Data Retention Periods

Personal data is stored for the period necessary to achieve the goals of processing, including ensuring traceability of the publication process, as well as within the time limits provided by the legislation of the Republic of Kazakhstan and internal regulations of the Operator.

Upon reaching the processing goals, personal data are subject to deletion, destruction or depersonalization, unless otherwise required by law or conditioned by the necessity of documenting and protecting the legitimate interests of the publication process participants.

9. Measures to Ensure Security and Confidentiality

The Operator implements a complex of organizational and technical measures aimed at preventing unauthorized access, leakage, modification, blocking and other illegal actions regarding personal data, including:

  1. differentiation of access rights based on roles and the principle of least privilege;
  2. use of authentication and access control mechanisms;
  3. protection of data transmission channels (where applicable), as well as measures to protect sessions;
  4. backup and recovery procedures;
  5. monitoring of security events and software updates within operational capabilities.

The user, on their part, is obliged to ensure the confidentiality of credentials (login and password), not to transfer them to third parties and use reasonable protection measures of their devices.

10. Cookie and Similar Technologies

The Website may use cookies and functionally related technologies to:

  1. maintain session and authorization;
  2. save user settings (e.g., interface language);
  3. ensure correct operation of interface elements;
  4. collect usage statistics and improve the quality of the Website.

The user has the right to restrict or disable cookies in the browser settings. At the same time, individual functions of the Website may work incorrectly or become unavailable.

11. User Rights

The user has the right (within the limits established by the legislation of the Republic of Kazakhstan):

  1. receive information about the processing of their personal data;
  2. request clarification, blocking or deletion of data if they are incomplete, outdated, inaccurate or processed in violation of legal grounds (except for cases when storage is mandatory by law or necessary for documenting the publication process);
  3. withdraw consent for processing if processing is based on consent and withdrawal does not contradict legal grounds for continuing processing;
  4. send requests and inquiries on personal data processing issues.

The request is sent to **[email protected]** and must contain:

  1. identifying information (full name and/or account identifier);
  2. description of the essence of the inquiry;
  3. contact details for response.

The Operator considers the request within a reasonable time and in the manner prescribed by applicable norms.

12. Confidentiality of Review and Editorial Consideration Processes

Within the publication process, the Journal observes a confidentiality regime regarding personal data and information related to the consideration and review of manuscripts.

12.1. Published Author Information

The following information about authors can be placed in a published article in the 'Information about the author' section and refers to open data:

  1. name and surname of the author(s);
  2. affiliation (name of the organization);
  3. contact information of the corresponding author (if available and in accordance with the rules of the journal);
  4. information about the position held and academic degree;
  5. identifiers and links to author profiles (including ORCID iD), if provided by the author.

The placement of the specified information is carried out solely for the purpose of scientific identification of the author and in accordance with the editorial policy of the Journal.

12.2. Confidentiality of Reviewer Information

Reviewers' names, as well as any information allowing to directly or indirectly identify the reviewer, are not disclosed to authors, readers or third parties.

Information about the identity of reviewers is used exclusively by the Journal's editorial office within the organization of the review procedure and is not subject to disclosure, except for cases directly provided by law or international standards of publication ethics.

13. International Data Transfer

Depending on the infrastructure and technical services used (including notification services or infrastructure platforms), processing may involve storage and/or transmission of data using servers and communication channels located outside the Republic of Kazakhstan.

In such cases, the Operator takes reasonable measures to ensure data confidentiality and security, including the establishment of contractual obligations with service providers and the use of organizational and technical protection mechanisms.

14. Policy Changes

The Operator has the right to change this Policy in connection with the development of the Website functionality, changes in publication processes, legislative requirements or organizational procedures.

The current version of the Policy is placed on the Website and enters into force from the moment of publication, unless otherwise specified in the update text.

15. Contact Information

For questions related to the processing of personal data and confidentiality, the user can contact:

E-mail: [email protected]

Operator: RSE on REU 'Kazakh Scientific Center of Dermatology and Infectious Diseases' of the Ministry of Health of the Republic of Kazakhstan

BIN: 181240026355

Other Documents

Publication EthicsConflict of Interest PolicyPeer Review PolicyRetraction and Corrections PolicyPrivacy PolicyCopyright and Licensing