Privacy Policy

International Medical Journal of Health (IMJH)

ISSN: 2395-6291 | GDPR Compliant | CCPA Compliant | Your Privacy Matters

Last Updated: 15 January 2025

This Privacy Policy describes how IMJH collects, uses, discloses, and protects your personal information when you interact with our journal, submit manuscripts, serve as a reviewer, or visit our website. This policy is effective from 15 January 2025 and supersedes all previous versions.

View summary of changes →

7. International Data Transfers
8. Data Retention & Deletion
9. Data Security Measures
10. Your Privacy Rights
11. Cookies & Tracking Technologies
12. Children's Privacy
13. Changes to This Policy
14. Contact Us

1 Scope & Application

Who This Policy Applies To

This Privacy Policy applies to all users of IMJH services, including:

Authors & Contributors

Corresponding authors and co-authors
Individuals submitting manuscripts
Researchers publishing with IMJH
Grant applicants and funded researchers

Reviewers & Editors

Peer reviewers and guest reviewers
Editorial board members
Guest editors and section editors
Editorial staff and volunteers

Readers & Subscribers

Journal subscribers (individuals and institutions)
Email alert recipients
Website visitors and account holders
Conference and event attendees

Institutional Partners

University and research institution contacts
Library and subscription managers
Partner organization representatives
Sponsors and exhibitors

This policy does not apply to: Third-party websites or services linked from IMJH content. Please review the privacy policies of those services directly.

2 Information We Collect

Data Minimization Principle

IMJH collects only the information necessary to provide our services and fulfill our editorial and publishing obligations. We do not collect information indiscriminately.

Category	Data Collected	Purpose
Identity Information	Full name(s) of all authors ORCID iD (when provided) Professional titles and credentials Institutional affiliations Researcher identifiers (Scopus ID, Web of Science ResearcherID)	Authorship attribution, indexing, professional recognition
Contact Information	Email addresses (corresponding author and co-authors) Postal addresses (institutional and/or home) Telephone numbers (business and emergency) Fax numbers (where applicable)	Editorial correspondence, manuscript handling, urgent communications
Professional Information	Current employment and position Academic qualifications and degrees Research specialties and keywords Publication history Peer review history and expertise areas	Reviewer assignment, editorial board selection, expertise matching
Account Information	Username and password (encrypted) Account preferences and settings Login history and timestamps IP addresses Device and browser information	System authentication, security, personalization
Manuscript & Submission Data	Manuscript files and metadata Author contribution statements Conflict of interest disclosures Funding source declarations Ethical approval documentation	Peer review, publication, compliance with ethical standards
Financial Information	Billing addresses Invoice details and history Payment transaction records Fee waiver requests and documentation (We do NOT store credit card details)	Payment processing, financial records, fee waiver administration
Technical Information	IP address and geolocation (approximate) Browser type and version Operating system Referral source Pages visited and time spent	Website optimization, security monitoring, usage analytics
Communication Records	Email correspondence with editorial office Customer support inquiries Feedback and survey responses Complaint and appeal documentation	Service improvement, dispute resolution, quality assurance

Payment Processing Notice:

IMJH does not store, process, or have access to your complete credit card details. All payment transactions are processed by our PCI-DSS compliant payment partners. We only retain invoice records and transaction confirmations for accounting purposes.

3 How We Collect Information

Information You Provide Directly

Manuscript submission: Author details, affiliation, contact information
Account creation: Name, email, professional profile, expertise areas
Reviewer registration: Qualifications, specialties, publication history
Correspondence: Emails, forms, support inquiries
Survey responses: Feedback, satisfaction ratings, suggestions
Event registration: Contact details, professional information

Information Collected Automatically

Log data: IP address, browser type, pages visited, timestamps
Device information: Operating system, screen resolution, language
Cookies: Session cookies, preference cookies, analytics cookies
Usage patterns: Clickstream data, navigation paths, download activity
Referring websites: External sites that directed you to IMJH

Information from Third Parties

ORCID: Publication records, affiliations, researcher identifiers
Institutional databases: Affiliation verification, institutional email domains
Crossref: Citation data, funding information
Publons/Web of Science: Reviewer recognition (with consent)
Funding agencies: Grant information, award details (when provided)

Information Derived from Use

Reviewer performance: Quality scores, timeliness metrics
Expertise inference: Areas of expertise based on manuscript handling
Engagement metrics: Frequency of logins, feature usage
Citation impact: Article-level citation metrics

4 How We Use Your Information

Core Editorial Functions

Processing manuscript submissions and tracking status
Assigning and managing peer reviewers
Communicating editorial decisions
Publishing and disseminating accepted articles
Assigning DOIs and registering metadata with Crossref
Maintaining the scholarly record

Account & Profile Management

Creating and maintaining user accounts
Authenticating user identity and access rights
Managing reviewer profiles and expertise areas
Tracking editorial board memberships
Personalizing user experience and preferences

Analytics & Improvement

Monitoring journal performance and metrics
Analyzing usage patterns to improve website functionality
Evaluating reviewer performance and recognition
Conducting research on publishing trends (aggregate data only)
Identifying technical issues and optimizing performance

Compliance & Legal Obligations

Detecting and preventing fraudulent submissions
Investigating ethical misconduct allegations
Complying with legal and regulatory requirements
Responding to lawful requests from authorities
Maintaining audit trails for compliance purposes

Communications

Sending submission confirmations and status updates
Delivering reviewer invitations and reminders
Sharing table of contents and article alerts (opt-in)
Announcing special issues and calls for papers (opt-in)
Responding to inquiries and support requests

Financial Processing

Processing article processing charges (APC)
Managing fee waiver applications
Generating invoices and receipts
Maintaining financial records for audit compliance
Reporting to funding agencies (where required)

What We Do NOT Do:

IMJH does not sell, rent, or trade your personal information to third parties for marketing purposes. We do not use your data for automated decision-making that produces legal effects concerning you. We do not retain your information longer than necessary for the purposes stated in this policy.

5 Legal Basis for Processing (GDPR)

GDPR Compliance for EEA Residents

If you are located in the European Economic Area (EEA), Switzerland, or the United Kingdom, we process your personal information under the following legal bases as defined in the General Data Protection Regulation (GDPR).

Legal Basis (GDPR Article)	Description	Application at IMJH
Contract (Article 6(1)(b))	Processing necessary for the performance of a contract or to take steps at your request before entering a contract	Manuscript submission and peer review services; publication agreements; subscription services
Legal Obligation (Article 6(1)(c))	Processing necessary for compliance with a legal obligation	Tax and accounting records; legal reporting requirements; retention of publication records
Legitimate Interests (Article 6(1)(f))	Processing necessary for the legitimate interests of IMJH or third parties, provided your rights do not override those interests	Peer review quality assurance; reviewer recognition programs; journal improvement analytics; fraud prevention
Consent (Article 6(1)(a))	You have given clear consent for us to process your personal data for a specific purpose	Marketing communications; cookie preferences; optional data sharing with Publons/ORCID
Public Interest (Article 6(1)(e))	Processing necessary for the performance of a task carried out in the public interest	Preservation of the scholarly record; open access publishing; research dissemination

Sensitive Data (Article 9)

IMJH does not intentionally collect or process special categories of personal data (revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health data, or sexual orientation) except as voluntarily provided by authors in manuscript content. Any such data is processed solely for scholarly publication purposes and is publicly available upon publication.

6 Information Sharing & Disclosure

Service Providers

We share information with trusted third-party service providers who perform functions on our behalf:

ScholarOne Manuscripts: Submission and peer review platform
Crossref: DOI registration and metadata distribution
Amazon Web Services: Secure cloud hosting and storage
iThenticate/Turnitin: Plagiarism screening
Stripe/PayPal: Payment processing (PCI-DSS compliant)
Google Analytics: Website usage analytics (anonymized)

All service providers are bound by data processing agreements and are prohibited from using your data for any purpose other than providing services to IMJH.

Scholarly Infrastructure

We share publication metadata with scholarly databases to ensure discoverability and preservation:

PubMed Central / MEDLINE (pending indexing)
Scopus / Web of Science (pending indexing)
Google Scholar
Index Copernicus
CLOCKSS / Portico (digital preservation)

This sharing includes author names, affiliations, ORCID iDs, article metadata, and abstracts.

Legal & Regulatory Disclosures

Legal requirements: When required by law, subpoena, or court order
Fraud prevention: Investigating and preventing fraudulent submissions
Ethics investigations: Sharing information with institutions and COPE
Rights protection: Protecting the rights, property, or safety of IMJH, our users, or the public

With Your Consent

Publons/Web of Science: Sharing reviewer activity records (opt-in)
ORCID: Updating your ORCID record with publication data (opt-in)
Third-party collaborations: Specific research projects with your explicit consent

No Sale of Personal Information:

IMJH does not sell, rent, or trade your personal information to third parties for marketing or advertising purposes. We do not share personal information for third-party direct marketing.

7 International Data Transfers

Global Operations

IMJH operates globally, and your information may be transferred to and processed in countries outside your country of residence, including India, the United States, and the European Union.

Safeguards for International Transfers

Standard Contractual Clauses (SCCs)

For transfers from the EEA to countries without adequacy decisions, we use European Commission-approved SCCs to ensure adequate protection.

Adequacy Decisions

We transfer data to countries recognized by the European Commission as providing adequate data protection where applicable.

Binding Corporate Rules

Internal data transfer policies that ensure consistent protection across our global operations.

Derogations for Specific Situations

With your explicit consent or for the performance of a contract with you.

Primary Processing Locations

🇮🇳 India: Editorial office, administrative processing
🇺🇸 United States: Submission system (ScholarOne), cloud hosting (AWS)
🇪🇺 European Union: Data backups, EU user data (Frankfurt, Ireland)
🇬🇧 United Kingdom: Reviewer recognition (Publons)

Questions about international transfers? Contact our Data Protection Officer at info@imjhealth.org for more information about the safeguards we use.

8 Data Retention & Deletion

Retention Policy

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, and reporting requirements.

Data Category	Retention Period	Rationale
Published articles & author metadata	Permanent	Scholarly record, indexing, citation integrity
Rejected manuscripts	2 years after final decision	Appeals, ethical investigations, fraud prevention
Reviewer reports	5 years after publication/rejection	Editorial accountability, appeals, ethics investigations
Author correspondence	5 years after last contact	Continuity of service, dispute resolution
Reviewer activity logs	5 years after last review	Performance assessment, recognition programs
Account login data	Until account deletion + 1 year	Security, audit trails
Financial records	7 years (tax/legal requirements)	Tax law, accounting standards
Website analytics	14-38 months (depending on tool)	Usage analysis, platform improvement
Marketing communications data	Until opt-out + 1 year	Consent management, unsubscribe compliance
System logs	30 days	Security monitoring, troubleshooting

Secure Deletion:

When data reaches the end of its retention period, we securely delete or anonymize it using methods that prevent reconstruction: cryptographic erasure, secure overwriting (DoD 5220.22-M), or physical destruction of media.

9 Data Security Measures

Encryption

AES-256 at rest, TLS 1.3 in transit

Access Control

Multi-factor authentication, role-based permissions

Audit Logging

All access logged, reviewed quarterly

Secure Infrastructure

ISO 27001, SOC 2 Type II, 24/7 monitoring

Backup & Recovery

Daily encrypted backups, geographic redundancy

Staff Training

Annual privacy and security training

Security Certifications & Compliance

ISO 27001:2022 SOC 2 Type II PCI DSS Level 1 GDPR Compliant HIPAA (technical safeguards) CCPA Compliant

10 Your Privacy Rights

Your Rights Under GDPR, CCPA, and Other Laws

Depending on your jurisdiction, you may have the following rights regarding your personal information.

GDPR Rights (EEA, UK, Switzerland)

Right to be informed: Clear information about data processing
Right of access: Request copies of your personal data
Right to rectification: Correct inaccurate data
Right to erasure: Request deletion ('right to be forgotten')
Right to restrict processing: Limit how we use your data
Right to data portability: Receive data in usable format
Right to object: Object to processing based on legitimate interests
Rights related to automation: No solely automated decisions

CCPA Rights (California Residents)

Right to know: Categories and specific pieces of personal information collected
Right to delete: Request deletion of personal information
Right to opt-out: Opt-out of sale of personal information
Right to non-discrimination: No retaliation for exercising rights
Right to correction: Correct inaccurate personal information
Right to limit use: Limit use of sensitive personal information

Note: IMJH does not sell personal information.

Other Jurisdictions

India (DPDPA): Right to access, correction, erasure, grievance redressal
Brazil (LGPD): Confirmation, access, correction, anonymization, blocking, deletion
Australia: Access, correction, complaint handling
Canada (PIPEDA): Access, correction, consent withdrawal
Japan (APPI): Disclosure, correction, cessation of use

How to Exercise Your Rights

To exercise any of your privacy rights:

📧 Email:

info@imjhealth.org

info.imjh@gmail.com

📋 Subject Line:

"Data Subject Request: [Your Full Name]"

Required Information:

Full name and email associated with your account
Specific right(s) you wish to exercise
Any relevant manuscript or account identifiers

We will respond within 30 days (GDPR requirement).

Identity Verification:

To protect your privacy, we require verification of identity before processing data subject requests. Acceptable verification includes: official institutional email matching our records, government-issued ID, or secure electronic signature. Verification documents are used only for identity confirmation and deleted immediately after request processing.

11 Cookies & Tracking Technologies

Cookie Policy

IMJH uses cookies and similar tracking technologies to enhance user experience, analyze website traffic, and personalize content.

Cookie Type	Purpose	Duration	Opt-Out
Essential/Strictly Necessary	Authentication, session management, security, load balancing	Session / 1 year	Cannot be disabled
Functionality/Preferences	Remember login details, language preferences, display settings	1 year	Opt-out via browser settings
Analytics/Performance	Google Analytics, page views, referral sources, user behavior (aggregated)	14-26 months	Google Analytics Opt-out
Marketing	IMJH does NOT use marketing cookies or third-party advertising cookies	N/A	N/A

Manage Cookie Preferences

You can manage cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, disabling essential cookies may affect website functionality.

📱 Do Not Track (DNT):

IMJH honors Do Not Track signals from web browsers. When we detect a DNT signal, we do not load analytics cookies or tracking scripts.

12 Children's Privacy

COPPA Compliance

IMJH is a professional medical journal and does not knowingly collect personal information from children under the age of 13. Our services are directed to medical professionals, researchers, and academics.

If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately. We will take steps to remove such information and terminate the child's account.

13 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will notify you by:

Posting the updated policy on this page with a revised "Last Updated" date
Sending an email notification to registered users (for significant changes)
Displaying a prominent notice on our website

Current Version:

v2.4

Effective: 15 January 2025

14 Contact Us

Data Protection Officer

Dr. Anjali Sharma, PhD, CIPP/E

Certified Information Privacy Professional

📧 Primary Email:

info@imjhealth.org

📧 Secondary Email:

info.imjh@gmail.com

📋 Subject Line Protocol:

"PRIVACY: [Your Name] - [Topic]"

Postal Address

IMJH Privacy Office

Medical Publications Building

123 Health Sciences Drive

New Delhi, 110001

India

EU Representative

IMJH EU Data Representative

Attn: Data Protection

123 Avenue des Sciences

75014 Paris, France

Right to Lodge a Complaint

If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with your local data protection authority. Contact details for EU data protection authorities can be found at edpb.europa.eu.

Summary of Key Changes (January 2025)

✓ Expanded GDPR compliance - Updated legal bases, enhanced rights descriptions
✓ CCPA/CPRA updates - Added California privacy rights
✓ India DPDPA readiness - Compliance with India's Digital Personal Data Protection Act
✓ Enhanced security measures - ISO 27001 certification noted

✓ Cookie policy clarity - Detailed cookie table, DNT honoring
✓ Data retention schedule - Comprehensive retention periods
✓ International transfers - SCCs and adequacy safeguards
✓ DPO contact - Direct Data Protection Officer contact

This policy replaces the previous version dated 15 March 2023. By continuing to use IMJH services after 15 January 2025, you acknowledge this updated Privacy Policy.

Data Protection Officer

For privacy inquiries, data subject requests, or questions about this policy.

info@imjhealth.org info.imjh@gmail.com

24-hour acknowledgment | 30-day response

GDPR Compliant

IMJH fully complies with the General Data Protection Regulation (EU) 2016/679 and respects your privacy rights.

Privacy at a Glance

Data retention: 2-7 years

Encryption: AES-256 / TLS 1.3

Data selling: NEVER

Marketing cookies: None

GDPR rights: 8 rights

Your Privacy Rights

Right to access
Right to rectification
Right to erasure
Right to restrict processing
Right to data portability
Right to object

Exercise Your Rights

Cookie Preferences

IMJH uses essential cookies only. No marketing cookies are used.

DNT signals are honored.

Security Certifications

ISO 27001 SOC 2 PCI DSS GDPR CCPA DPDPA

CCPA Compliant

IMJH does not sell personal information. California residents have the right to request deletion and access.