It’s been nearly one year since the General Data Protection Regulation (GDPR) took effect on May 25th, 2018. GDPR is a legal initiative that sets strict guidelines for the collection and processing of personal information of European Union citizens.
The regulation applies to all entities interacting with EU citizen and resident data, and Aries Systems’ solutions are no exception. Under GDPR, publishers, societies, or journals are considered Data Controllers, or units that determine the purposes, conditions, and means of processing personal data. When publishers outsource data services, entities like Aries Systems are identified as a Data Processor under GDPR, which is the entity that processes personal data on behalf of the Data Controller. Aries’ development follows best practices with regard to data protection and privacy.
Aries has implemented multiple software updates to both Editorial Manager and ProduXion Manager to ensure GDPR compliance. As a mandatory registration setting, users can affirmatively provide consent to storage of their data after reviewing the Privacy and Data Use Policies from the publisher and Aries. Users also have the “right to be forgotten” or request that their personal information be removed or anonymized by journal offices simply by clicking a link that is included in the footer of all Editorial Manager email correspondence. In addition, users can access their personal information easily at any time within the EM system. Under GDPR rules, Aries Client Services is obliged to notify publishers in the event of a detected data breach. For more details, view the Aries GDPR FAQ guide or browse this in-depth presentation on Aries GDPR compliance.
Aries is committed to GDPR compliance. Contact your Aries Account Coordinator or the Aries Data Privacy Officer here if you have any questions.