Last updated: 6 May 2022
· 22 July 2021
Fidelior™, a trading name of Fidelior Netherlands BV., provides a worldwide SaaS digital service that can help address the growing problem of predatory journals and questionable publishing practices. Fidelior Netherlands BV. cares about the security and privacy of personal data that is entrusted to Us.
· “Account” means a unique account created for You to access the Services or parts of the Services.
· “Applicable Data Protection Law” means all worldwide data protection and privacy laws and regulations in any relevant jurisdiction applicable to the collection, use, processing, and disclosure of Your Personal Data, including, where applicable, the EU General Data Protection Regulation (GDPR).
· “We“, “Us” or “Our” means the company set out below:
o Fidelior Netherlands BV.
o For the purpose of EU and UK data protection laws, We are the data controller.
· “Do Not Track” (DNT) is a concept that has been promoted by US regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing Internet users to control the tracking of their online activities across websites.
· “Facebook Fan Page” means the public profile of “Fidelior” on the Facebook social network, accessible from https://www.facebook.com/Fidelior-100928322207242.
· “LinkedIn Company Page” means the public profile of “Fidelior” on the LinkedIn social network, accessible from https://www.linkedin.com/company/23562479/admin/.
· “Personal Data” or personally identifiable information, means any information about an individual from which that individual can be identified. It does not include anonymous data.
For the purposes of GDPR, Personal Data means any information relating to You such as a name, an identification number, location data, online identifier or one or more factors specific to Your physical, physiological, genetic, mental, economic, cultural or social identity.
For the purposes of the CCPA, Personal Data means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with You.
· “Services” means the services made available to You by Us via Websites.
· “Third-party Social Media Service” refers to any website or any social network website through which a User can log in or create an Account to use the Services.
· “Twitter Fan Page” is a public profile named Fidelior specially created by Us on the Twitter social network, accessible from https://twitter.com/fidelior.
· “Websites” means the websites operated by Us at www.fidelior.net, www.fidelior.com, www.fidelior.eu, www.fidelior.in, www.fidelior.us, www.fidelior.asia, www.fidelior.org, www.fidelior.net, www.fidelior.com, www.fidelior.cn, www.fidelior.co.za, www.fidelior.ru, and www.fidelior.uk.
· “You” means the individual accessing or using the Services or Websites is accessing or using the Services or Website, as applicable.
3. Legal Basis for Processing
We will only use Your Personal Data when the law allows Us to do so. Most commonly We will use Your Personal Data in the following circumstances:
· To fulfil Our contractual obligations to You.
· Where it is necessary for Our legitimate interests (or those of a third party) and Your interests and fundamental rights do not override those interests.
· To comply with a legal obligation.
To the extent We process Your Personal Data for any other purposes, We ask for Your consent in advance or require that Our partners obtain such consent.
4. Personal Data We May Collect from You
4.1. Types of Data Collected
We may collect and process Personal Data about You when you use the Websites and Services. We collect, use, store and transfer different kinds of Personal Data about You which We have grouped as follows:
· Identity Data: includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender, ID card or passport and bank statement.
· Contact Data: includes billing address, delivery address, email address and telephone numbers.
· Financial Data: includes bank account and payment card details.
· Transaction Data: includes details about payments to and from You and other details of products and services You have purchased from Us.
· Technical Data: includes internet protocol (IP) address, Your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices You use to access the Websites or Services.
· Profile Data: includes Your username and password, purchases or orders made by You, Your interests, preferences, feedback and survey responses.
· Usage Data: includes information about how You use the Websites and Services, including the full Uniform Resource Locators (URL) clickstream to, through and from the Websites and Services (including date and time); products You viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call Our customer service number and other diagnostic data on how You interacted with Our Website. When You access the Services by or through a mobile device.
· Marketing and Communications Data: includes Your preferences in receiving marketing from Us and our third parties and Your communication preferences.
· Special Category Data: We do not collect, store or use any special category data about You. Special category data includes details about Your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about Your health, and genetic and biometric data.
We do not collect information about criminal convictions and offences.
4.2. If You Fail to Provide Personal Data
Where We need to collect Personal Data by law, or under the terms of a contract We have with You, and You fail to provide that data when requested, We may not be able to perform the contract We have or are trying to enter into with You (for example, to provide You with goods or services). In this case, We may have to cancel a product or service You have with Us but We will notify You if this is the case at the time.
4.3. How Personal Data Is Collected
We use different methods to collect data from and about You including via:
· Direct Interactions: You may give us your Identity, Contact and Financial Data when You fill in forms or correspond with Us by post, phone, email or otherwise. This includes Personal Data You provide when You register to use the Websites, Services or to receive Our newsletter, subscribe to use the Services, create an account to use the Websites or Services, request marketing to be sent to You, search for a product or place an order on the Websites, participate in discussion boards or other social media functions on the Websites, enter a competition, promotion or survey, attend a conference or webinar, give us feedback or contact us and when you report a problem with the Websites or Services.
· Purchases: If You make purchases via the Websites or within the Services, or register for an event or webinar, We may require you to provide Your Identity, Contact, Financial and Transaction Data.
· Community: If You register for an online community that we provide, we may ask You to provide Us with Your Identity, Contact, Profile and Technical Data.
We may also receive Technical Data about You if You visit other websites using Our cookies.
4.4. Personal Data We Collect from Other Sources
We also collect Personal Data about You from publicly available sources. We may combine this information with Personal Data provided by You. This helps Us update, expand, and analyse Our records, identify new customers, and create more tailored advertising to provide services that may be of interest to You. We also use this for the purposes of targeted advertising, delivering relevant email content, event promotion and profiling, determining eligibility and verifying Contact Data. The Personal Data we collect includes:
Identity and Contact Data: from publicly available sources such asCompanies House.
Identity, Contact and Profile Data: that is published about You on Your social media profiles on LinkedIn, Facebook, and Twitter.
4.5. Our Social Media Pages
Facebook Fan Page – As the operator of the Facebook Fan Page https://www.facebook.com/Fidelior-100928322207242, We share Your Personal Data with the operator of the social network Facebook.
We have entered into agreements with Facebook that define the terms for use of the Facebook Fan Page, among other things. These terms are mostly based on the Facebook Terms of Service: https://www.facebook.com/terms.php
LinkedIn Company Page – As the operator of the LinkedIn Company Page https://www.linkedin.com/company/23562479/admin/, We share Your Personal Data with the operator of the social network LinkedIn.
We have entered into agreements with LinkedIn that define the terms for use of the LinkedIn Company Page, among other things. These terms are mostly based on the:
· Commonly Viewed Agreements, Guidelines, Policies, Terms and Conditions https://www.linkedin.com/help/linkedin/answer/4448/commonly-viewed-agreements-guidelines-policies-terms-and-conditions?lang=en
· LinkedIn User Agreement: https://www.linkedin.com/legal/user-agreement.
Twitter Fan Page – As the operator of the Twitter Fan Page https://twitter.com/fidelior We share Your Personal Data with the operator of the social network Facebook.
We have entered into agreements with Twitter that define the terms for use of the Twitter Fan Page, among other things. These terms are mostly based on the Twitter Terms of Service: https://twitter.com/en/tos.
5. Uses Made of Your Personal Data
We have set out in the table below details of all the ways We plan to use Your Personal Data and which of the legal bases We rely on to do so. We have also identified what Our legitimate interests are where appropriate. Note that We may process Your Personal Data for more than one lawful basis depending on the specific purpose for which We are using Your Personal Data.
|Purpose/Activity||Type of data||Lawful basis for processing|
|To register You as a new customer or user||(a) Identity (b) Contact||Performance of a contract with You|
|To process and deliver Your order including: (a) Manage payments, fees and charges (b) Collect and recover money owed to Us||(a) Identity (b) Contact (c) Financial (d) Transaction (e) Marketing and Communications||(a) Performance of a contract with You (b) Necessary for Our legitimate interests (to recover debts due to Us)|
|To enable You to partake in a prize draw, competition or complete a survey||(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications||(a) Performance of a contract with You (b) Necessary for Our legitimate interests (to study how customers or users use Our Services, to develop them and grow Our business)|
|To administer and protect Our business and Websites (including troubleshooting, monitoring, data analysis, testing, system maintenance, support, updates, reporting and hosting of data)||(a) Identity (b) Contact (c) Technical||(a) Necessary for Our legitimate interests (for running Our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) (b) Necessary to comply with a legal obligation|
|To deliver relevant Websites and Services content and advertisements to You and measure or understand the effectiveness of the advertising We serve to You||(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical||Necessary for Our legitimate interests (to study how customers and users use Our Services, to develop them, grow Our business and inform Our marketing strategy)|
|To use data analytics to improve Our Websites and Services, marketing, customer and user relationships and experiences||(a) Technical (b) Usage||Necessary for Our legitimate interests (to define types of customers and users for Our Services, to keep Our Websites updated and relevant, to develop Our business and to inform Our marketing strategy)|
|To make suggestions and recommendations to You about goods or services that may be of interest to You||(a) Identity (b) Contact (c) Technical (d) Usage (e) Profile (f) Marketing and Communications||Necessary for Our legitimate interests (to develop Our Services and grow our business)|
We will not sell or rent Your Personal Data to anyone. We will only use Your Personal Data for the purposes for which We collected it unless We reasonably consider that We need to use it for another reason and that reason is compatible with the original purpose. If You wish to obtain an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact Us (https://fidelior.com/contact-us/).
Please note that We may process Your Personal Data without Your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We may share Your Personal Data with service providers, business partners, suppliers and sub-contractors for the performance of any contract We enter into with them or You to provide services such as IT and system administration services, email communications, hosting services, backup services, credit card processing, research, development, marketing and customer support as set out in more detail below:
- Web hosting (cloud) provider and datacentre – A datacentre is a dedicated space within a building, or a group of buildings used to house computer systems and associated components, such as telecommunications and storage systems. We use a third-party hosting (cloud) providerand datacentre that maintains ISO 27001 certifications, to host Our application and data. We will only use third-party data centres that maintain the aforementioned certifications and/or attestations, or that have other substantially similar or equivalent certifications and/or attestations.
Hetzner – We use Hetzner as Our hosting (cloud) provider and datacentre. See https://www.hetzner.com/legal/privacy-policy for GDPR and cloud provider requirements.
- Email Service Providers – We may use Your Personal Data to contact You with marketing and event-related communications, e.g., newsletters, marketing or promotional materials, invitations to participate in events and surveys, and other information that may be of interest to You, provided that We do so in accordance with Applicable Data Protection Law, including any consent requirements.
For example, when You submit Your contact information to Us or when We collect Your business contact details through Our participation at trade shows or other events, We may use the information to follow up with You regarding an event, send you information that You have requested on Our products and services and, with Your permission, include You on Our marketing information campaigns.
You may opt out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send or by contacting Us. We use service providers to send such emails.
Sendinblue – Sendinblue is an email marketing sending service, this holds our audience segmentation and opt-out for marketing related processes. Please see GDPR Policy: https://www.sendinblue.com/gdpr/.
- Analytics and search engine Service Providers – Who assist Us in the improvement and optimisation of the Websites and Services.
Google Analytics – Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of Our Websites and Services. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy.
Zotero – Zotero is an open-source project committed to providing a research tool. Zotero’s philosophy is that what you put into Zotero is Yours, and one of their founding principles is to make sure You remain in control of Your data and can share it how You like — or choose not to share it at all. Zotero isan independent, non-profit organization and has no financial interest in Your private information.
- Professional Advisors – Who act as service providers to Us about the Websites or Services – including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services.
- Authorities – Tax authorities, regulators and other authorities who require reporting of processing activities in certain circumstances.
If You wish to not have this information used by certain companies to serve you targeted ads, You may opt out by clicking here: http://preferences.truste.com/ (or if located in the European Union, by clicking here: http://www.youronlinechoices.eu/). Please note this does not opt You out of being served advertisements. You will continue to receive generic ads.
- Usage and Performance Service Providers
Invisible reCAPTCHA – We use an invisible captcha service named reCAPTCHA. reCAPTCHA is operated by Google.
The reCAPTCHA service may collect information from You and Your device for security purposes.
- Credit reference agencies: To assess Your credit score where this is a condition of Us entering into a contract with You.
- For business transfers: We may share or transfer Your Personal Data in connection with, or during negotiations of, any merger, sale of Our assets, financing, or acquisition of all or a portion of Our business to another company.
- With business partners: We may share Your Personal Data with Our business partners to offer You certain products, services or promotions.
Scholarly Horizons (www.scholarlyhorizons.com).
- With other Users: when You share Personal Data or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If You interact with other users or register through a Third-Party Social Media Service, Your contacts on the Third-Party Social Media Service may see Your Contact Data, Identity Data and description of Your activity. Similarly, other users will be able to view descriptions of Your activity, communicate with You and view Your public profile.
- Customer Testimonials: We post customer testimonials and comments on the Websites, which may contain Personal Data, for purposes of marketing Our products and services. If You would like Your testimonial or comments altered or removed from the Websites, please contact Us at https://fidelior.com/contact-us/.
- Public Forums: We offer publicly accessible message boards, blogs, and community forums for You to share Your ideas and enhance the Services and Websites. Please keep in mind that if You directly disclose any information through Our public message boards, blogs, or forums, this information may be collected and used by others. We will correct or delete any Personal Data you have posted on the Websites if You so request in accordance with your rights under Applicable Data Protection Law.
- With Your Consent: We may disclose Your Personal Data for any other purpose with Your consent.
We may share Your Personal Data with the following third parties:
- Aggregated Data: We may share Aggregated Data in the normal course of operating Our business; for example, with other Website or Services users, Our customers or publicly to show trends or benchmark the general use of the Websites and Services.
We have put in place appropriate security measures to prevent Your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. For example, all information You provide to us is stored on our secure servers. Any credit card information or payment transactions will be encrypted using SSL technology. Where We have given You (or where You have chosen) a password that enables You to access certain parts of the Websites or Services, You are responsible for keeping this password confidential. We ask You not to share any password with anyone. In addition, We limit access to Your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process Your Personal Data on Our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with Personal Data breaches and will notify You and any applicable regulator of a breach where we are legally required to do so.
Unfortunately, the transmission of information via the Internet is not completely secure. Although We will endeavour to protect Your Personal Data, we cannot guarantee the security of Your Personal Data transmitted to the Websites or the Services. Any transmission is at Your own risk. Once We have received Your Personal Data, We will use strict procedures and security features to try to prevent unauthorised access.
We are a global business. Personal Data may be processed and/or stored in any country where We have operations, our staff are located or where we engage services providers engaged in among other things, the fulfilment of your order, the processing of payment details, the provision of our Services or the provision of support services. This will involve a transfer of Your Personal Data to countries outside of Your country of residence, where data protection rules are different from those of Your country of residence.
When transferring data across borders, We take measures to comply with Applicable Data Protection Laws related to such transfer. Officials (such as law enforcement or security authorities) in those other countries may be entitled to access Your Personal Data. Processing of Your Personal Data will involve a transfer of data to countries outside the European Economic Area (“EEA“), Switzerland or the UK.
The Websites and Services are accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Websites or Services from outside the EEA, Switzerland or the UK. This means that where You chose to post Your Personal Data on the Websites or within the Services, it could be accessed from anywhere around the world and therefore a transfer of Your Personal Data outside of the EEA, Switzerland or the UK may be deemed to have occurred.
We have no control over and accept no responsibility or liability for the content, privacy policies or practices of any third-party sites or services. Please check these policies before you submit any personal data to these websites
Any information that You post to areas of the Websites or Services that are viewable by others (for example, to a blog, forum or chat room) will not be treated as proprietary, private, or confidential. We have no obligation to monitor such posts to the Websites or Services or to exercise any editorial control over such posts; however, We reserve the right to review such posts and to remove any material that, in Our judgment, is not appropriate. Posting, transmitting, promoting, using, distributing or storing content that could subject Us to any legal liability, whether in tort or otherwise, or that is in violation of any applicable law or regulation, or otherwise contrary to commonly accepted community standards, is prohibited, including without limitation information and material protected by copyright, trademark, trade secret, nondisclosure or confidentiality agreements, or other intellectual property rights.
To determine the appropriate retention period for Personal Data, We consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of Your Personal Data, the purposes for which We process Your Personal Data and whether We can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. This will be for as long as We provide access to the Websites or Services to You, Your Account with Us remains open for any period set out in any relevant contract You have with Us. After You have closed your Account or ceased using the Services for at least 24 months, We usually delete Personal Data.
We will retain some anonymised information after Your Account has been closed and We may use this for research or statistical purposes, in which case We may use this information indefinitely without further notice to You.
Please note: After You have closed Your account or deleted information from Your Account, any information You have shared with others will remain visible. We do not control data that other users may have copied from the Websites or Services. Your profile may continue to be displayed in the services of others (e.g. search engine results) until they refresh their cache.
We take the protection of Personal Data very seriously. As an individual, you have specific rights depending on Your geographic location or residency and are subject to Applicable Data Protection Law in Your location regarding the collection, use, disclosure of Personal Data, and the explicit right to exercise these rights.
For example, these data protection laws provide You with rights in the following jurisdictions:
- The General Data Protection Regulation (EU GDPR), for persons located in an EU Member State;
The UK GDPR, the UK version of the EU GDPR for persons located in the UK;
- The California Consumer Privacy Act (CCPA), a data privacy model for California;
- The General Personal Data Protection Law (Lei Geral de Proteção de Dados Pessoais), Brazil’s version of the GDPR;
- The Protection of Personal Information Act (POPIA), South Africa’s version of the GDPR.
- The Personal Data Protection Act (PDPA), Thailand’s version based on the GDPR.
- The Privacy Act 1988 (as amended) – Australia’s data protection law.
- The Personal Data Protection Bill (PDPB), Indonesia’s version of the GDPR.
Data Access Requests
You have the right under EU and/or UK data protection law, free of charge, to request:
- Access to Your Personal Data.
- Rectification or deletion of Your Personal Data.
- A restriction on the processing of Your Personal Data.
- Object to the processing of Your Personal Data.
- A transfer of Your Personal Data (data portability) in a structured, machine-readable and commonly used format.
- Withdraw Your consent to Us processing Your Personal Data, at any time.
You will not have to pay a fee to access Your Personal Data (or to exercise any of the other rights). However, We may charge a reasonable fee if Your request is unfounded, repetitive or excessive. Alternatively, We could refuse to comply with Your request in these circumstances.
We may need to request specific information from You to help us confirm Your identity and ensure Your right to access Your Personal Data (or to exercise any of Your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact You to ask You for further information concerning Your request to speed up Our response.
- Marketing: We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
- Promotional Offers from Us: We will send You marketing emails if You “opt in” to receive marketing emails when registering on the Websites or for the Services, or if You have enquired about, or purchased any of Our goods or services from Us and You have not opted out of receiving such marketing.
- Third-Party Marketing: We will get Your express opt-in consent before We share Your Personal Data with any third party for marketing purposes.
- Opt out: Please note that, if You change your mind about being sent marketing emails You can “opt out” at any time by clicking the “unsubscribe” link at the bottom of any marketing email. Once You “opt out”, You will no longer receive any marketing emails from Us. We will continue to communicate with You regarding Your service billing and support via email and where We send push notifications from time to time to update You about any Services or Website updates, events and promotions We may be running. If You no longer wish to receive these communications, please disable these in the settings on Your device.
We will not disclose Social Security numbers, driver’s license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medical identification numbers, account passwords, or security questions and answers in any data access request. In that case, We can inform You that We have this information generally, but We may not provide the specific numbers, passwords etc. to You for security and legal reasons. Please note that You may only submit two access requests within a 12-month period.
Lodging a Complaint
If you would like to exercise any of Your rights, please contact us at:
European Union (EU) – Our lead supervisory authority for all EU complaints is the Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland.
United Kingdom (UK) – The Information Commissioner’s Office at, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England, (https://ico.org.uk/global/contact-us/email/).
Brazil – The Brazilian Data Protection Authority via https://www.gov.br/anpd/pt-br.
Mexico – The National Institute of Transparency for Access to Information and Personal Data Protection (Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales) (INAI) via https://home.inai.org.mx/ and the Ministry of Economy (Secretaría de Economía) via https://www.gob.mx/se.
South Africa – Submit Form 1 of the POPIA Regulations to the responsible Information Regulator via https://www.justice.gov.za/inforeg/contact.html.
Thailand – Lodge a complaint relating to Personal Data protection to the expert committee(s).
Our Websites and Services are not intended for and shall not be used by anyone under the age of 16. We do not knowingly collect personally identifiable information from anyone under the age of 16. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 16 without verification of parental consent, We will take steps to remove that information from Our servers.
If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.