JEPM is an online publishing platform based on an open source system developed by Public Knowledge Project, a nonprofit research organisation from Canada. The system which JEPM implement is:
Because of its open source nature, the abovementioned system was adapted for use in the University of East Sarajevo, Faculty of Technology Zvornik. The changes were mostly of aesthetic nature, but there is a number of background changes as well. The advantage of using an open source system is that visitors and registered users always know how the system works and how it saves their data. In this Statement, we will explain in detail the specifics of handling user data on the JEPM platform.
We use the information we collect, including Personal Data and Usage Data:
Our Information Sharing Practice
When we use the term "anonymous data," we are referring to data and information that does not permit you to be identified or identifiable, either alone or when combined with any other information available to a third-party. We may create anonymous data from the Personal Data we receive about you and other individuals whose Personal Data we collect. Anonymous data will include analytics information and information collected by us using cookies. We make Personal Data into anonymous data by excluding information (such as your name) that makes the data personally identifiable to you. We use this anonymous data to analyze usage patterns in order to make improvements to our JEPM. Unregistered visitors to the platform (hereafter visitors) leave on the platform a number of data. The data which JEPM collects from visitors is:
In order to track each consecutive visitor's visit, JEPM assigns a cookie and collects the abovementioned data on each consecutive visit. The gathered data mainly serves the purpose of making statistics for further development of the platform. For example, if we notice that most visitors have a screen resolution of 1920x1080 pixels, we might adjust the functionality and design of the platform to that screen resolution.
In order to be able to analyze usage and impact of our journal and the published articles, we collect and log access to the journal’s homepage, issues, articles, galleys and supplementary files. In the process, all data is anonymized. No personal information is logged. IP addresses are anonymized by being hashed (using SHA 256) in combination with a secure 64 characters long salt that is automatically randomly generated and overridden on a daily basis. Therefore IP addresses cannot be reconstructed.
The following information is collected next to the anonymized IP addresses:
The collected data is only used for evaluation purposes. No IP addresses are mapped to user IDs. It is technically impossible to trace a specific set of data to a specific IP address.
When someone visits our website (https://jepm.tfzv.ues.rs.ba) we make use of the Google Analytics service to collect standard information about visitors to the sites and their behavior (e.g. what pages they viewed). The data provided by Google Analytics is anonymized and in no way enables us to identify individual visitors, however, Google Analytics will place a cookie on your device to enable the service. For more information about how Google Analytics cookies work on websites visit.
Users Outside of the Bosnia and Herzegovina and Consent to Transfer
The JEPM are operated in the Bosnia and Herzegovina. If you are located in another jurisdiction, please be aware that information you provide to us will be transferred to, stored and processed in the Bosnia and Herzegovina. By using the JEPM or providing us with any information, you consent to this transfer, processing, and storage of your information in the Bosnia and Herzegovina, a jurisdiction in which the privacy laws are not as comprehensive as those in the country where you reside or are a citizen such as the European Union. To ensure that appropriate and suitable safeguards and technical measures are in place to protect your personal data, we make use of standard contractual clauses that have been approved by the European Commission, or we implement other similar measures required by laws around the world.
How We Respond to "Do Not Track" Signals
Internet browsers can be configured to send the "Do Not Track" signals to the online services that you visit. JEPM respects the Do-Not-Track procedure if the visitors has it enabled in their browser.
If you are a resident of the European Economic Area (EEA), you have the right to: (a) request access to your Personal Data and rectification of inaccurate Personal Data; (b) request erasure of your Personal Data; (c) request restrictions on the processing of your Personal Data; (d) object to processing your Personal Data; and/or (e) the right to data portability ("collectively, "Requests"). We can only process Requests from a user whose identity has been verified. To verify your identity, please provide your email address or [URL] when you make a request. For more information about how to get access to Personal Data and for exercising your rights, you can submit a request here by naming subject "I am an EU resident and would like to exercise my individual rights" option. You also have the right to lodge a complaint with a supervisory authority.
While we strive to protect your User Information, we cannot guarantee its security. You use the JEPM and provide us with information at your own initiative and risk. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you have with us has been compromised), please immediately notify us of the problem by contacting us using the details in the Contact Us section.
Collecting, Retaining, Modifying and Deleting Your Personal Data
Except for being an online site where one can browse the publishing production of the Journal of Engineering & Processing Management, JEPM also serves as a platform for most of the publishing procedures. As such, in JEPM it is possible to perform the procedures of article submission, article review, issue, volume editing, etc. In order to enable those procedures, JEPM allows user registration. A registered user can have one or more of the following roles:
For the roles of reader, reviewer and subscription manager, the abovementioned data is only visible to the journal managers and platform administrators. For the roles of author, editor, section editor and journal manager, because of the nature of their job, it is possible that all the data they provided will be displayed publically (with the exception of password).
Registered users can, at any moment, change their data (with the exception of username and e-mail address) and delete their non-mandatory data. In that context, registered users can anonymize the data which uniquely identifies them (e.g. name and surname) at any moment. However, we recommend that author, reviewer and editor data remain valid and up-to-date in order to allow the Journal of Engineering & Processing Management to continue providing publishing procedures undisturbedly and in order to keep the Journal of Engineering & Processing Management 's scientific production and credibility intact. Registered users can (in addition to having an insight into personal data collected about them) also delete their user account by sending a request for deletion to email@example.com (the request must be sent from the e-mail address the user used on registration).
As it is extremely important for scientific and research papers to be visible to the science and research community in the context of scientific publishing, such papers are commonly exported into a number of repositories, portals and databases (e.g, DOAJ, Crossref, etc.). Except for the papers themselves, the data about the author(s) is, of course, exported as well. JEPM will not be held accountable for data exported to abovementioned websites, even if they were originally made in JEPM. In some cases, like in the case of Crossref database, a change or pseudonymization of data can be possible, while in other cases the author of the paper will have to contact the websites in question themselves.
Since JEPM is an open-access platform, it is technically possible that any website or scientific paper aggregate or crawler "picks up" the author data.
Users registered as authors are therefore the ones most exposed in the context of providing their personal data. Nevertheless, it is our stance that it is in the author's interest for their papers to be read and cited and we, therefore, recommend to authors that they leave as much data as possible. Data like ORCID identifiers and affiliation significantly improve the overall impression of the paper and inform the reader about the author's previous experience in the paper's field of study.
When we were importing the scientific papers (journal issues published before JEPM launched) into the OJS system, we entered certain data about papers' authors. The entered data was always available publically, so the data in question was mostly names, surnames and affiliations of authors. E-mail addresses were never entered during the first import. Authors of abovementioned papers are therefore not registered users, but their data is visible on the platform nonetheless, so they can be considered non-registered authors (hereafter).
Non-registered authors have the same rights of insight and management of their own data (even though they haven't entered the data themselves). Since they are not able to login into the system and change their data by themselves, they can contact the platform administrator on firstname.lastname@example.org who will do it for them. This also applies to anonymization and pseudonymization of their data.
Platform administrators can also register the authors in the system and assign them their data so they can manage it themselves. If they already registered, platform administrators can assign the existing account to their data so the can manage it themselves.
Personal data entered into JEPM has no specific expiration date or the date when it's deleted, in accordance with the General Data Protection Regulation's Recital 65 and Article 17, Paragraph 3. In most cases, the University of East Sarajevo, Faculty of Technology will keep the data for as long as it can. The reason for that is to protect the consistency, credibility and validity of the University of East Sarajevo, Faculty of Technology 's scientific production. Detailed data about visitors (described in chapter Visitors) will be kept for 5 years. General and anonymous data about visitors, older than 5 years, will be kept (e.g. number of visits per month, device statistics, etc.) while the detailed data relating to cookies and specific visitors' page-paths will be deleted.
JEPM administrators keep the right of making changes (mostly corrections) to personal data, especially authors if we ascertain that the data is incorrect, outdated or similar. Administrators will change the incorrect personal data on JEPM if they determine that it is necessary to do so in order to keep the consistency, credibility and validity of the platform.
It is in the publishing nature, and the nature of all public academic and university institutions to ensure the storage of all content that the institution creates. In that regard, JEPM platform implements a number of steps in creating security backup copies. Visitors databases and registered users databases are backed up daily and weekly to University of East Sarajevo servers. All data backed up on the abovementioned servers is encrypted with a 2048-bit RSA (Rivest-Shamir-Adleman) keypair. The data is also periodically saved on a physical. The data backed up on those servers is also encrypted with the abovementioned method.
At court's request, the JEPM can provide all data relating to the court order, personal or otherwise, stored on the JEPM platform. In the case of a security breach resulting in a personal data breach on JEPM, the University of East Sarajevo, Faculty of Technology will without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority.
Sensitive Personal Data
Subject to the following paragraph, we ask that you not send us, and you not disclose, any sensitive personal data as this term is defined under applicable data protection and privacy laws (for example, social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the JEPM or otherwise to us.
Choice/Opt-Out From Communications
People who receive our newsletters
For delivering our email newsletters, we use MailChimp is an online marketing platform operated by The Rocket Science Group LLC, a company headquartered in the State of Georgia in the United States. As noted on their website above newsletters make use of a tracking cookie to track the way our newsletters are read. Every time you receive our email newsletter we will include a link to enable you to unsubscribe should you wish to stop receiving them. We honor such requests. This includes keeping a record of your request indefinitely so that we can respect your request in future. For more information about newsletter service please read https://mailchimp.com/legal/privacy/
The Services contain links to other websites that we do not control, and the Services contain videos, advertising and other content hosted and served by third parties. We are not responsible for the privacy practices of any third-party.
Version 1.0 (Last edited 03/09/2018)