Data protection

Current version: 7 May 2018

Copernicus GmbH, the legal entity of Copernicus Meetings and Copernicus Publications, is dedicated to protecting your personal information and will make every reasonable effort to handle collected information appropriately. All information collected will be handled with care in accordance with our standards for integrity and objectivity and respect for your privacy. Copernicus endeavours to comply with the laws and regulations that apply to the gathering and use of personal information, including the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the EU General Data Protection Regulation (GDPR).

The following paragraphs inform you about how we collect, store, and reuse your personal data and about other data-protection issues you face when visiting websites and services provided by Copernicus. In case of any question please do not hesitate to contact us at data.protection@copernicus.org or our data-protection officer Dr. Ralf Schadowski at schadowski@addag.de.

A. The usage of cookies on Copernicus websites

Copernicus provides the following websites as static HTML pages: www.copernicus.org, publications.copernicus.org, meetings.copernicus.org, www.copernicus-gesellschaft.org, all conference websites, and all journal websites. Even when browsing through the online libraries of the journals published by Copernicus, these pages are static. All these static websites do not use cookies and therefore do not collect any personal information from you. Discussion pages of interactive journals, online programmes of conferences, and iFrames used on static pages to allow you to log into our online system Copernicus Office (e.g. manuscript tracking, submit your manuscript, or conference registration) create so-called cookies on your PC. Such cookies are session cookies, contain only a randomly-created session ID, and are automatically deleted after your visit, at least when you close your browser window.

If you used the login to our online system Copernicus Office while browsing on our websites, the user administration of Copernicus Office creates a cookie on your device including a randomly-created ID and an expiration time. As long as this time has not expired or you explicitly log out, you remain logged in to our system. After the expiration time set in the cookie, you are automatically logged out from Copernicus Office and the session cookie is deleted from your device. The session cookie will also be automatically deleted if you close all browser windows.

Cookies do not harm your computer and do not contain viruses. Cookies are small text files that are stored on your computer and stored by your browser. You can set your browser so that you are informed about the setting of cookies and that you allow the setting of cookies only in individual cases, that the acceptance of cookies for certain cases or generally is excluded, and you can activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of our websites.

B. Server log files

When browsing through Copernicus websites, our servers automatically collect and store information in so-called server log files, which your browser automatically sends to us. This is common practice for most of the websites provided worldwide. These server log files include

  • browser type and version,
  • operating system,
  • referrer URL,
  • host name of the accessing device,
  • time stamp of the server request,
  • IP address.

A merge of this data with other data sources will not be done. Exception: when accessing journal articles in form of their HTML, PDF, or XML files, we read your IP address from the server log files to identify your origin (country). This country information is used once to count the overall accesses per journal article file (HTML, PDF, or XML files) per country. This information is shown in the metrics tab of the journal articles in the section "Viewed (geographical distribution)". However, after contributing to this overall sum per country and journal article file, your IP address will not be stored anywhere except in the server log files as mentioned above.

C. Personal data in Copernicus Office and data protection agreement

Preamble

  • This data protection agreement is made between Copernicus GmbH, in the following Copernicus, and the user of the online system Copernicus Office.
  • The term "user" includes not only natural persons who independently create a user account in the Copernicus Office, but also natural persons for whom user accounts are created by third parties as part of the Copernicus projects.
  • The term projects covers all conferences organized by Copernicus, all journals that Copernicus is responsible for producing and publishing, as well as all the services that Copernicus performs for the members of organizations.
  • The term organization includes scientific societies, universities, research institutes, science funders, and other entities that provide a platform or forum for scientists to exchange and disseminate knowledge.
  • Projects are either carried out by Copernicus on behalf of and for the account of organizations, or organizations grant Copernicus the licence to perform meetings or journals belonging to the organizations on their own behalf and for their own account. Both cases regulate the collection, storage, and maintenance of personal data in form of commissioned data processing.

Why do I need a user account at Copernicus?

Almost all processes in the Copernicus Office require the identification of a user by logging in with user ID and password. The following list provides examples of user roles requiring a user account:

  • Submit an abstract as contact author to a conference organized by Copernicus.
  • Apply for support to attend a conference.
  • Organization of a session as convener at a conference.
  • Organization of the scientific programme of a conference as member of the programme committee.
  • Selection of participants who will receive support for attending a conference as member of the selection committee.
  • Nominate reviewers for posters and PICO award programmes, coordinate reviewers, and submit evaluations for these awards.
  • Registration for a conference and/or its side events by paying a registration fee as participant.
  • Booking a booth at a conference as exhibitor.
  • Submitting a manuscript as contact author or co-author to a journal that Copernicus publishes.
  • Reviewing manuscripts as editor of a journal.
  • Coordinating the editors of a journal as chief editor.
  • Reviewing manuscripts as reviewer of a journal.
  • Acquisition of printed journals as a subscriber.
  • Acquisition of memberships in a member organization.

Which personal data is collected and stored by Copernicus?

If a user actively creates a user account the following data is required:

  • Salute
  • First and last name
  • Type of affiliation or private
  • Affiliation
  • Country
  • Email address

This data can be accompanied by the following optional data:

  • Title
  • Scientific initials
  • Date of birth
  • Department of affiliation
  • Street, number, ZIP code, and city
  • Further email addresses
  • Phone, mobile, and fax number
  • Personal URL
  • ORCID including the connection of your ORCID account with your Copernicus Office user account (initiated by you)

What is data of my scientific profile?

Especially when registering for conferences or obtaining memberships in organizations, profile data is requested optionally in the forms, e.g. on specialization, interest in working on projects of organizations, and other data. If a user optionally completes it, the user can view, change, and delete this profile data at any time at: https://administrator.copernicus.org/profile/

Is the transmission of my personal data secured?

All applications of the Copernicus Office that contain forms for entering, changing, or deleting personal data are encrypted using SSL-encryption (https).

Where can I check my personal data stored by Copernicus?

All personal data can be viewed, modified, or deleted by the user at any time at: https://administrator.copernicus.org/personal_data/

Can I delete my personal data stored by Copernicus?

The "Personal Data" section lists all personal data. Users can view and change all data at any time. A user may delete all data except the basic data to identify you as scientist including first and second names, type and name of affiliation, country of affiliation, and email address. If a user also wants to delete this data, the entire user account must be deleted.

Why am I able to include more than one email address in my user account?

When authors submit abstracts for a conference or manuscripts for review in a journal, contact authors enter their co-authors by name and email. The reason for this is that every co-author needs to know that a manuscript has been submitted in his name. Furthermore, each co-author has the right to see the status of his abstract or manuscript in the review and production process. Upon submission, the contact author may use an email address that differs from the one the co-author has used in the past in the Copernicus Office. To avoid that any further email address leads to the creation of a new user account, all users have the possibility to include several email addresses so that the input of an email address of a co-author by the contact author has a higher chance to be assigned to an existing user account actually used by this colleague. Users mark themselves which email address should be the main address. In most processes when dealing with abstracts and manuscripts, the Copernicus Office sends automatic emails. Such emails are sent to the main address.

How is my password stored and where can I change it?

Passwords are always requested on forms that are SSL-encrypted (https) for the transfer to be secured. In the database of the Copernicus Office, the passwords are then stored in encrypted form, so that nobody, not even Copernicus' employees, can read the passwords. Each user can change the password at any time via his Personal Data section at: https://administrator.copernicus.org/personal_data/

Does Copernicus also store payment details?

If a user wants or has to make a payment online through a Copernicus web form, in the last step of a purchase process, credit card details are entered in a way that they are only transferred to the PCI-DSS certified partner iPayment and not cached by any Copernicus system. Although Copernicus can view and reverse these debits via iPayment, Copernicus does not have direct access to the credit card details. Copernicus only stores the time a user with the payment method credit card has paid an invoice, the invoice number, as well as the transaction number of iPayment, so that negative booking operations become possible. If a customer pays by bank transfer, Copernicus also only stores the time a user has paid an invoice and the invoice number. Bank account data is not stored anywhere in the Copernicus system.

Can others see my personal data?

Copernicus' employees can only view and personalize the personal data of a Copernicus Office user if they work in customer service. Confidentiality obligations as part of the employment contract and declarations of obligation to the §5 BDSG prevent employees from using this information other than for the purpose of customer service.

To the general public, personal data of Copernicus Office users is only shown when holding specific positions in conferences organized or journals published by Copernicus. Journal editors are automatically displayed on the website of the editorial board of the journals and session conveners of conferences are shown in the online programme of the respective conference for the purpose of contacting them. Hereby, users are only shown to the public with name, affiliation, and country by default. The visibility of any further personal data is controlled by the user and the visibility must be autonomously and explicitly allowed.

D. Third-party websites

While browsing on websites provided by Copernicus, you might be linked to third-party websites. Since we cannot control what information such websites ask for or how the vendor of such websites may use or disclose any information you may provide to them, we strongly recommend that you exercise caution before providing them with your personal information.

E. Data-protection officer

The data-protection officer of Copernicus according to §4g,f BDSG is Dr. Ralf Schadowski, certified according to DIN ES ISO/IEC 17024.

Dr. Ralf Schadowski
ADDAG GmbH & Co. KG
Krefelder Strasse 121
D-52070 Aachen
Germany
Phone: +49-241-446880