Privacy Statement

Data privacy policy for the Open Access journal “Aethiopica: International Journal of Ethiopian and Eritrean Studies” published with the journal hosting service of the Hamburg State and University Library (SUB) carried out on behalf of Universität Hamburg. The Universität Hamburg publishes articles using the technical platform of Open Source Software, Open Journal Systems (OJS). In the following you will find information about personal data processed in the context of the publication of Aethiopica: International Journal of Ethiopian and Eritrean Studies.

1. Contact details of the controller

a. The controller processing my data is

Universität Hamburg
represented by the President of Universität Hamburg
Mittelweg 177
20148 Hamburg, Germany
E-Mail: praesident@uni-hamburg.de

b. Department responsible

Hiob Ludolf Centre for Ethiopian and Eritrean Studies
Universität Hamburg
Asien-Afrika-Institut
Alsterterrasse 1
20354 Hamburg, Germany
E-Mail: aethiopica.aai@uni-hamburg.de

 

2. Contact details of the data protection officer

Data protection officer of Universität Hamburg
Mittelweg 177
20148 Hamburg
E-mail: datenschutz@uni-hamburg.de

 

3. Purposes and legal basis

a. Visiting the website without registration

Every time you visit our website for information purposes, i.E. if you do not register or otherwise share information with us, we only collect the following information (log files):

  • IP address from which our website is accessed
  • information about the type of browser and the version used
  • date and time of access
  • technical data on the transmission (protocols, status code, data volumes)
  • internet service provider of the user
  • operating system of the user
  • websites from which the user's system accesses the journal website

We collect the data for technical purposes in order to display our website and ensure stability and security. The legal basis for the data processing is Art. 6 (1) lit. e General Data Protection Regulation (GDPR), § 4 Hamburg Data Protection Act(Hamburgisches Datenschutzgesetz = HmDSG), §§ 3 and 4 HmbHG. The log files are stored for 28 days, afterwards the data is anonymized and stored for one year for evaluation of error logs, which log erroneous page views, and internal statistics applications.

b. Registration and Publication

The collection of the authors' personal data is based on Art. 6 (1) lit. b GDPR, as this is necessary for the conclusion and performance of the underlying author contract.

The registration of authors is essential for the publication contract with the journal, as it provides the editors with the required contact data and allows authors to upload their articles. Users assign themselves a user name and password during registration. These data are used to log in to the password-protected user area. This is to ensure that the individual user can be identified and that no one else can access the user’s account.

The data provided during registration are used exclusively as follows: Conclusion and performance of the publication contract; contacting; permission of rights for access to the password-protected user area of the journal, allocation of the author to her/his article, journal-internal documentation.

The following kinds of personal data and information will be processed:

  • address data:
  • contact and office address: affiliation/city + country
  • communication data: e-mail address (business)
  • identification data: name prefix, first name, last name, name suffix
  • authentification data: user ID, password, ORCID iD (voluntary) ,
  • verification during registration: IP address, successful/unsuccessful logins and logouts with date, information regarding the processing/configuration of the tools on the part of the customer (anonymized), password, user name,
  • upload: editing persons, editing status, name of the article, date of publication
  • article and metadata (information in the article files (PDF): name, institute affiliation and e-mail address of authors, title, date of submission, acceptance and publication of article, ORCID iD.

Authors can upload their articles via their user account in OJS and track the processing status of the article in the system.

The following kinds of personal data and information will be processed: The articles, name prefix, first name, last name, name suffix, city, country, affiliation, the e-mail address, the date of submission, acceptance and publication, ORCID ID will be published online.

In addition to publishing an online version of Aethiopica: International Journal of Ethiopian and Eritrean Studies (with the articles uploaded), Universität Hamburg also publishes a print version. For this purpose, the following data are processed: address data, contact address: city, country, office address: affiliation, country, communication data: e-mail address (business), identification data: name prefix, first name, last name, name suffix. The publication is carried out by the publisher Otto Harrassowitz GmbH & Co. KG (Kreuzberger Ring 7c-d, 65205 Wiesbaden, Germany/EU).

The legal basis for the data processing in the context of registration and publication (digital and online) is Art. 6 (1) lit. b GDPR, the processing of personal data is necessary for the performance of pre-contractual measures and for the performance of the contract with the author. The purpose of the contract is the proper execution of the publication.

The ORCID ID (Open Researcher and Contribution ID) is a globally unique identifier that allows unique assignment to the publication. ORCID is an international, interdisciplinary, and publisher-independent non-profit organization based in Delaware, USA. During the registration process, authors have the opportunity to link their name to their ORCID ID if available. For this, authors can use a link during the registration process or will be asked via E-Mail.  The link will only be established after the authors have logged in with their ORCID credentials in a pop-up window. It therefore requires the author's own active and voluntary action. Further information about the functionality and benefits of the ORCID ID: https://journals.sub.uni-hamburg.de/aethiopica/orcid.

The author's name is linked to his / her ORCID ID for the purpose of being able to use the advantages of ORCID, such as visibility and findability. The linking takes place exclusively with the author’s consent and on the legal basis of Art. 6 (1) lit. a GDPR. The link remains in place until consent is revoked.

If authors do not have an ORCID ID, they have the option of using a link on our website that directly leads to the registration page of ORCID: https://support.orcid.org/hc/en-us/articles/360006897454-Register-your-ORCID-iD. The responsibility for the data entered there and data processing lies solely with ORCID and is beyond our control. Therefore, we refer to ORCID's own privacy policy: https://orcid.org/footer/privacy-policy

The personal data for the registration will be deleted when the user requests the deletion of his /her user account. This is done by sending an email from the user’s registered email address with the user name of the account to be deleted to: aethiopica.aai@uni-hamburg.de.

When the account is deleted, the published article files, metadata and links to ORCID iD are not deleted automatically. The processing and storage of the metadata and the data in the articles is carried out as long as it is necessary for the fulfillment of the contract. The Link to ORCID ID will be deleted, when the consent is revoked.

 

4. Recipients/categories of recipients

The personal data will be transmitted to the following recipients: managing editor of Aethiopica: International Journal of Ethiopian and Eritrean Studies, SUB, Rechenzentrum Universität Hamburg.

The journal is hosted by the SUB. Thus, the SUB has access to the user’s registration and article submission data. The SUB processes this data exclusively for the purposes and on behalf of the Universität Hamburg and only to the extent necessary to fulfill the technical service of hosting the journal. The SUB provides further information on data protection of websites operated by the SUB in its data policy: https://www.sub.uni-hamburg.de/datenschutzerklaerung.html

Metadata is transmitted to the registration agency Crossref (Crossref, PO BOX 719, Lynnfield, MA 01940, United States of America) for a unique assignment of permanent publication identifiers (DOI). Crossref is registered in the USA. Due to the absence of an adequacy decision and appropriate safeguards, a transfer of personal data to the USA may have disproportionate interferences by U.S. authorities and a lack of legal protection for affected EU citizens as a consequence.

The articles, name prefix, first name, last name, name suffix, city, country, affiliation, the e-mail address and the ORCID-ID will be published online. This information is accessible worldwide and a general suppression of it cannot be guaranteed, since other websites and third parties can copy the websites of Aethiopica: International Journal of Ethiopian and Eritrean Studies, article and personal data and provide older screenshots.

 

5. Matomo

We use Matomo, a tracking service provided by the Rechenzentrum (Computer Center) of the University of Hamburg, to collect key figures about the use of the journal and the content provided.

We have configured the Matomo software for use on the pages operated by the SUB in such a way that the data collected does not enable direct or indirect identification of a natural person:

  • The IP address is anonymized. This is done by the Regional Computer Center of the University of Hamburg (RRZ).
  • The use of cookies has been disabled in the tracking code.
  • The functions "visit log and visitor profile" have been deactivated by us in the settings.

The legal basis for the data processing is Art.6 Abs. (1) lit. e, (3) GDPR, § 4 HmbDSG, § 6 (2) Nr. 1 HmbHG.

 

6. Your rights

You have the following rights:

  • the right of access to personal data concerning you that is processed by us (Art. 15 GDPR)
  • the right to rectification of any incorrect or incomplete personal information (Art. 16 GDPR)
  • the “right to be forgotten”: erasure of stored personal data insofar as the relevant data are not necessary for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or the purposes of establishing, exercising, or defending a legal claim (Art. 17 GDPR)
  • the right to restriction of processing personal data (Art. 18 GDPR)
  • the right to data portability (Art. 20 GDPR)
  • the right to object to the processing of your data conducted in our legitimate interest, public interest, or for profiling purposes unless we can demonstrate compelling grounds for processing said data that outweighs your interests, rights, and freedoms or where the processing of said data is required for the establishment, exercise, or defense of a legal claim (Art. GDPR);
  • the right to withdraw your consent to the collection, processing, and use of your personal data at any time with future effect (Art. 7 (3) GDPR)—this means that the data processing related to that consent will no longer be carried out. This does not affect any previous processing of personal data.
  • the right to lodge a complaint with a supervisory authority (e.g. Hamburg Commissioner for Data Protection and Freedom of Information) where you believe the processing of personal data related to you is in breach of the GDPR (Art. 77 GDPR)

You may exercise your rights by contacting aethiopica.aai@uni-hamburg.de

Hamburg, August 2023