Protecting your privacy is important to us. Please take a few moments to review this Policy as we have revised it by updating and expanding it to include information on:
- the information we collect from you and how we use it;
- why we need to collect personal data;
- how we store personal data;
- how we process it;
- for how long we store that data and when we delete data;
- who we share data with;
- how to delete your account and request that your personal data is deleted;
- how to submit a subject access request (SAR) to us;
- how to withdraw consent;
- how to complain; and
- other information collected by this site.
Summary
The Committee on Publication Ethics ("COPE") is a charity registered in the United Kingdom (Registered Charity No 1123023, Registered in England and Wales, Company No 6389120). COPE is a member organisation which exists to educate and support editors, publishers and those involved in publication ethics with the aim of moving the culture of publishing towards one where ethical practices becomes the norm. When a journal or a publisher applies to be a member of COPE, we collect personal data which is needed to assist with the application process, usually someone to contact with questions or details of people connected to the journal in some way. COPE has two membership application forms, one for journals and one for publishers, where this data is collected. COPE also has a newsletter service which people can sign up to via the COPE website.
COPE does have working relationships with some organisations around the world whose mission is closely aligned to that of COPE's. These approved organisations promote publication ethics to local journals and publisher, host events under the COPE name or in association with COPE, and provide related services.
Who to contact at COPE about protecting your privacy
The COPE Web Manager, Christina McGuire, has assumed responsibility of the COPE data policy and implementing the changes required by the GDPR which came into effect on 25th May 2018. If you have any questions or concerns about any of the information laid out in this Notice, or any other question about how COPE protects your data, please send an email to Christina: cope_webmanager@publicationethics.org. Alternatively, you can write to him: Christina McGuire, c/o COPE, New Kings Court, Tollgate, Chandler's Ford, Eastleigh, Hampshire, SO53 3LG, United Kingdom.
The Policy
This is the website for Committee on Publication Ethics (COPE), a UK-registered charity. COPE does not have an app nor any other web presence apart from this website. All information in this Privacy Information Notice pertains to the handling of personal data by this website.
1) THE PERSONAL DATA WE COLLECT AND HOW WE USE IT
1.a. Journal Membership Applications
When an applicant applies for a journal to be a member of COPE, we collect the following personal data:
APPLICANT, EDITOR-IN-CHIEF and PUBLISHER
Name
Address
Telephone number
Email Address
Membership number (if application successful)
EDITORIAL BOARD MEMBERS
Name
Email Address
Publisher Membership Applications
APPLICANT, SENIOR ETHICS PERSON, PUBLISHER STAFF MEMBERS and EDITOR-IN-CHIEF
Name
Address
Telephone number
Email Address
Membership number (if application successful)
We use these details to process an application correctly and fairly as is our obligation to you. These details are also used to contact individuals to provide references for the applicant.
If an application is successful, a unique membership number is created and a user account in which the journal contact's email address and name are stored. We will use that email address to contact you from time to time for the following reasons:
- to send you your automated welcome email, which details how to login to the website,set a password and explain the benefits available to members.
- to update you on matters concerning the COPE principles of publication ethics (outlined here: https://publicationethics.org/core-practices) which you agree to apply when you become a COPE member.
- to update you on policy matters such as updates to this privacy policy.
- for billing purposes and to ask you about an update to the information we hold on the journal(s), your organisation or individual members of staff associated with the organisation.
- to inform you of any major changes that will affect how you carry out your group management tasks in your User account.
- to send you the latest copy of the COPE Digest* and notices of membership benefits such as COPE Forum and COPE seminars
*see section 1.c below.
We never discuss the details of your account or applications with anyone apart from you or confirmed representatives from your organisation.
You may access, review and edit the details that we hold about you by logging into your COPE account: https://publicationethics.org/user.
1.b. Journal and publisher member records
A member journal’s entry on the COPE website displays the following personal data:
Name (of the Editor-in-Chief)
COPE, or an approved member of the publisher, may also add other publisher staff related to the journal. The personal data which can be added is:
Name
Email Address
A member publisher’s entry is always linked to the “manager” of the publisher. The 'Manager' is the Editor-in-Chief/Editor/primary contact for a journal or publisher. S/he can edit details and manage ‘User’ access. The 'User' will have access to the member only part of the COPE website but will have not editing rights. The personal data included here is:
Name
The Manager can add or remove people from the publisher group.
1.c. COPE News, Digest and events newsletters
When membership is accepted into COPE, or if someone signs up to receive COPE News via the website, we collect the following personal data:
Email Address
This information is collected in one email list in Mailchimp and is used to send you the monthly COPE Digest email, news and details about events. We occasionally use this list to update members on constitutional matters as well. We never share the contents of this email list with anyone outside of the immediate organisation.
1.d Contact Us
When you contact us via our Contact form, we collect the following personal data:
Email Address
The form sends an email directly to our email clients and the email address is not stored anywhere on the site. All COPE staff use a dedicated Google Workspace for their COPE work and the email client is Gmail. Gmail automatically saves email addresses that we send emails to. Our use of Gmail and the protection of your personal data within it is governed by Google's Privacy Policy (https://policies.google.com/privacy/update), Data Processing Amendment for G Suite (https://gsuite.google.com/terms/dpa_terms.html) and Data Processing and Security Terms for Google Cloud Platform (https://cloud.google.com/terms/data-processing-terms).
1.e Event Registrations
COPE holds events and a unique registration form for each one is produced. When you register for an event, we collect the following personal data:
Name
Email Address
Address
1.f Council, Trustees, COPE Team
When an individual becomes a council member, a trustee, or becomes employed to work in the COPE Team, we collect:
Name
Email Address
Address
Date of birth
1.g Complaints Procedures
When a coplaint is submitted to COPE, we collect:
PRESENTER
Name
Email Address
2) WHY WE NEED TO COLLECT PERSONAL DATA
2.a Journals and Publisher Membership Applications
We must collect personal data via the application forms as this enables us to fulfil our obligations to you: to carry out a fair review, process applications in a timely manner and in a way which allows us to meet our constitutional commitment. We will then use this personal data to contact you by email, post and telephone in relation to your membership.
2.b COPE Digest, News and event newsletters
We collect your email address when you sign up for via the web site so that we can send the newsletters to you.
2.c Contact Us
We collect your email address when you contact us so that we can reply to your query.
2.d Event Registrations
All users must register to attend one of our events. We use the information you provide to us for any of the following: invoicing, security, delegate lists, post-event feedback or materials.
2.g Complaints Procedure
We use the email address and name to make contact with the complainant
3) HOW WE STORE PERSONAL DATA.
3.a Journal and Publisher Membership Applications
The applications are held in a database within the back end of the COPE website. The back end of the web site is only accessible to the COPE Team, the COPE Chair(s), and our development partners, Deeson. We extract the personal information from the application forms into a separate and secure Microsoft Access database. This is only accessible by the COPE Team and members of the Membership Committee (https://publicationethics.org/about/subcommittees). Journal and publisher names, the name of the Editor-in-Chief of a journal and other journal details are searchable and displayed on our website. Personal contact details, such as email addresses and address, are never displayed publicly and are not searchable.
All individual users' details are stored in the back end of the COPE website and are only accessible by the individual, the COPE Team, the Cope Chair(s) and Deeson.
Passwords are encrypted and may not be read. They may be changed by individuals, the COPE Team or, rarely, Deeson.
3.b COPE Digest, News and events newsletters
The emails which we collect for our newsletters are stored in Mailchimp. Our use of Mailchimp and the security of your personal data is covered by Mailchimp's privacy policy https://mailchimp.com/legal/privacy/.
3.c Contact Us
The Contact Us form sends an email to an email client. The COPE Team use Gmail as their email client. When we answer your query or question, Gmail automatically saves your email address in the address book. We use 2 Factor Verification provided by Google for signing into Gmail.
3.d Event registrations
The personal data collected via event registration forms is stored as a table in the back end of the web site. This table is exportable/downloadable and we download the information into Excel so we can then process the registration effectively (see 2.d above). These Excel spreadsheets are stored in our Google workspace and on COPE laptops.
3.g Complaints Procedure
Personal data is stored in the back end of the website, submitted via an online form. Some data is held in an online form in our secure Google Drive.
4) HOW WE PROCESS PERSONAL DATA
4.a Journal and Publisher Membership Applications
The data provided in applications is exported automatically into the Microsoft Access database. This happens by a secure connection. Reviewing membership applications is our legitimate interest so that we can fulfil our obligations to you.
4.b COPE Digest
Upon signing up to Digest, your email address is added to our Mailchimp mailing list. The transfer happens via an API connecting the COPE website to Mailchimp.
5) WHO WE SHARE DATA WITH
COPE shares personal data with the third parties listed in the table in this spreadsheet. They are contracted directly to COPE, providing us with services such as accounting, billing, printing, micropayments etc. The spreadsheet includes details of the data they receive from us, the service they provide us and a link to their privacy policy.
COPE does not share personal data with any other organisation.
When you register for a COPE Event, we will occasionally share your details with a co-hosting or partner organisation or services because you have told us that you want to attend the event.
For our online newsletters, COPE uses Mailchimp. Details of this service are in Section 3.b above.
6) HOW LONG WE STORE PERSONAL DATA FOR AND WHEN WE DELETE DATA
6.a Journal and Publisher Membership Applications
We keep your personal data for as long as you or your organisation has a valid membership or as long as necessary to fulfil our obligations to you and protect our legal interests. This will never be longer than seven years from the end of your membership period.
6.b COPE Digest, News and event newsletters
We do not store email addresses for longer than 7 years.
6.c. Event Registration
Registration details for events are stored for as long as the event lasts and then for no more than 7 years thereafter.
7) HOW TO DELETE YOUR ACCOUNT AND REQUEST THAT PERSONAL DATA IS DELETED.
7.a How to delete your account
An individual may request at any time that COPE deletes all the user account from the COPE website. Do this by using our Contact Us form: https://publicationethics.org/contact-us If you want us to delete your account, name or email address but it is linked to a journal or a publisher membership then we will need to replace your details with those of another. In these cases it would be helpful if, when you contact us asking us to delete your account, you can provide the name and email address of a replacement. You must obtain that individual’s consent before sharing their personal data with us.
7.b How to request that all personal data is deleted
To request that COPE deletes all of the personal data that we hold about you, please send an email to the COPE Web Manager, Dom Mitchell: cope_webmanager@publicationethics.org.
8) SUBJECT ACCESS REQUEST (SAR)
8.a What is a subject access request (SAR)?
An SAR is the name given to the process by which a user can request to know details of the information that a site holds about him or her and how it is being used. A full explanation is given here: https://ico.org.uk/for-organisations/guide-to-data-protection/principle-... but in summary: 'an individual who makes a written request and pays a fee is entitled to be: told whether any personal data is being processed; given a description of the personal data, the reasons it is being processed, and whether it will be given to any other organisations or people; given a copy of the information comprising the data; and given details of the source of the data (where this is available)'. The recipient organisation of an SAR must respond, according to UK law, within 40 calendar days.
8.b How to submit a SAR to COPE
You may submit a SAR to COPE by contacting the COPE Web Manager, Dom Mitchell, directly: cope_webmanager@publicationethics.org. Any request in writing will be considered valid, whatever the format. The process that we follow when an SAR is submitted to us is published here.
The full details of the entire SAR process are publicly available and are published here.
9) WITHDRAWING CONSENT
You can withdraw your consent for us to store and process your personal data at any time by submitting an email to the COPE Web Manager. You may also request that we do not export your email address into Mailchimp.
10) HOW TO COMPLAIN
If you need to complain about how COPE has handled an SAR or your request to withdraw consent, or any other aspect related to the information detailed in this Privacy Information Notice, please send an email to the COPE Web Manager, Dom Mitchell: cope_webmanager@publicationethics.org.
11) OTHER INFORMATION WE COLLECT ON THIS SITE
11.a Google Analytics
Google Analytics (GA) Demographics and Interest Reporting, based on Display Advertising, has been implemented on the site. We use information collect by GA to understand our users better so that we can improve the experience. Visitors can opt-out of Google Analytics for Display Advertising and customise Google Display Network ads using the Ads Settings.
11.b IP Address
Each time you use the internet, an IP address is assigned to your computer via the internet service provider. This number may either be the same or different each time. Each time your computer requests information from our website, we log your IP address on our server. We may use this in order to gather information about the website traffic and usage.
Whether you are a registered user or not, our web server collects certain information such as (a) IP address; (b) host names (c) domain name (d) time and date information as requested (e) the browser version and platform when it is requested, (f) a record of which pages have been requested, but we do not identify any individual from this data.
In order to help us develop the website and our services, we may provide such information to third parties. The statistics however will not include any information that can be used to identify any individual.