General Data Protection Regulation Statement
On 25th May 2018, the General Data Protection Regulation (GDPR) came into force. It enforces new regulations on privacy for all individuals within the European Union and the European Economic Area. The GDPR is different to existing data protection laws because it affects any organisation (even outside of the EU) that holds data on EU/EEA citizens as well as giving individuals more rights over their own data.
GDPR says that personal data must be ‘processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures’. Personal data in this context includes information such as: name; postal and email addresses; career or employment details, including affiliations. It also includes any written comments or opinions about an identifiable individual. Personal data may be held in any format, be it print, electronic or other means of storage.
GDPR applies to data controllers and data processors. In the context of this web site, ScholarOne Manuscripts and the extranet, for submission and management of manuscript submissions, the journal is the Data Controller and the Data Processor. The publisher, Cambridge University Press, may also be a data controller in certain circumstances.
Information which may be collected
Personal data may be requested by us, or voluntarily forwarded by you through e-mail, hypertext links or contact forms present in the body of this website. This may include:
1) Members’ personal data (name and contact information)
2) Authors’ and reviewers’ personal data (name, contact information, affiliation, and research interests)
3) Editorial board members’ data (name, affiliation and contact information)
Author data in production
In order to publish accepted manuscripts, author data and manuscripts must be forwarded to the journal’s publisher, Cambridge University Press. These are stored in their internal journals production system. These data are held indefinitely in their secure systems.
These data are also shared with others, such as copyeditors and typesetters, as they form part of the contents of the published manuscript, and to allow for liaison with authors over any queries and to distribute proofs. The current contracts with all of their suppliers contain explicit terms for data protection and confidentiality. Data transfers to the typesetters are secure and the typesetters are under contract to store any data they receive from us securely. Author data are then held by the typesetters for 2 years to allow for any corrections or re-prints required. By submitting your manuscript, you consent to your author data being processed by Cambridge and any sub-processors used in the production workflow.
In order that we can monitor and improve this website, we may gather certain information about you when you use it, including details of your domain name and IP address, operating system, browser, version, and the web site that you visited prior to our site. We may do this by way of a “cookie”.
A cookie is an element of data that our website can send to your browser, which may then store it on your system.
Cookies improve the usability of the site by allowing your device to be recognised during your visit so that you do not have to repeatedly provide the same information. Cookies also allow the site to recall information you have previously provided, such as your username and password.
Most web browsers automatically accept cookies. You do not have to accept cookies, and you should read the information that came with your browser software to see how you can set up your browser to notify you when you receive a cookie.
However, any disablement of the cookies function may hinder some of the website functionality, for which we shall not be responsible.
For more information about cookies and how they work visit:
For more information about how to manage cookies visit:
We use Google Analytics cookies to track site visits.
Your use of this website and your submission of any personal data to us shall constitute your consent to allow us to process your personal data in accordance with the terms of this policy, specifically the Author Data in Production section detailed above.
If you have submitted your personal data, and later decide that you would like us to discontinue processing your personal data, you can choose to “opt-out”. To do so, please send an e-mail headed “opt-out” to [email protected] specifying the processing activities you would like us to refrain from. Upon receipt of a written opt-out, we shall discontinue processing your personal data as requested.
Please send any requests for any of the above, including access, erasure or rectification of data, in writing to the e-mail address above, marked for the attention of the data protection compliance officer. In some cases, statutory administration fees may apply.
In the event of a data breach, we will notify you without undue delay after we have been made aware of the data breach and ascertained what personal data have been affected.
There are a number of online resources about GDPR which you may find useful:
The ICO guide to GDPR: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
Cambridge University Press Privacy Notice: http://www.cambridge.org/about-us/legal-notices/privacy-notice/