Privacy Statement

At Heighten Science Publication Incorporation (HSPI), we understand that safeguarding your personal information is fundamental to building trust and fostering an open, collaborative research environment. We are committed to full compliance with major international data protection frameworks—such as the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Personal Data Protection Act (PDPA)—as well as best practices outlined by ISO 27001 and the Open Access Scholarly Publishers Association (OASPA). Our privacy policy is designed to be transparent and easy to navigate, clearly explaining how we collect, process, store, and protect data for authors, reviewers, editors, and readers alike.

  1. Data Collection
    HSPI gathers personal and professional information at several touchpoints: account registration, manuscript submission, newsletter sign-ups, and during the peer review cycle. Typical data fields include names, institutional affiliations, email addresses, ORCID iDs, and, where applicable, demographic details for diversity reporting. Additionally, we may collect metadata—such as IP addresses, browser type, and device identifiers—via server logs and cookies to monitor platform performance and detect misuse. All collected data is retained only as long as necessary to fulfill the purposes described below, or to comply with legal and audit requirements.
  2. Use of Information
    The data you provide enables us to deliver seamless manuscript tracking, facilitate reviewer invitations and correspondence, issue publication alerts, and offer personalized user support. Your ORCID iD ensures accurate author attribution and streamlines interoperability with indexing services like CrossRef and PubMed. We never monetize your personal data: it is not sold, rented, or shared for marketing purposes. Any exchange of information with third-party vendors—such as cloud hosting providers, analytics platforms, or payment processors—is strictly limited to what is essential for platform functionality and governed by formal Data Processing Agreements (DPAs).
  3. Data Security and Access Controls
    HSPI employs a multi-layered security architecture to guard against unauthorized access, alteration, or destruction of personal data. Measures include:
  • Encryption: SSL/TLS for data in transit and AES-256 at rest
  • Access Management: Role-based permissions with least-privilege principles
  • Monitoring & Auditing: Continuous intrusion detection, log reviews, and quarterly security audits
  • Disaster Recovery: Regular backups and tested restore procedures
    Only designated staff—such as our Data Protection Officer and editorial operations team—have access to personally identifiable information, and all personnel undergo mandatory privacy and security training.
  1. Cookies & Analytics
    To optimize user experience, our website employs a combination of essential, performance, functional, and targeting cookies. Essential cookies enable core features (e.g., login persistence), while performance cookies (e.g., Matomo or Google Analytics) collect anonymized usage data to help us understand traffic trends and improve site navigation. Functional cookies remember user preferences (such as language settings), and targeting cookies support optional features like personalized content suggestions. You can manage or disable non-essential cookies at any time through your browser settings or via our on-site cookie banner.
  2. Third-Party Links & Services
    HSPI’s platform may include hyperlinks to external resources—such as journal archives, indexing databases, or funder portals—for your convenience. These third-party sites operate under their own privacy and security regimes; HSPI is not responsible for their practices or content. We encourage you to review the privacy statements of any external sites you visit.
  3. Consent, Rights & Policy Updates
    By using HSPI services—submitting a manuscript, registering an account, or browsing published content—you consent to the terms outlined in this privacy statement. You retain the right to:
  • Access your personal data
  • Rectify inaccuracies
  • Erase data where no longer necessary
  • Restrict or object to certain processing activities
  • Withdraw consent at any time (without affecting the lawfulness of prior processing)

We regularly review and, if needed, update this policy to reflect changes in legal requirements or our services. Any revisions will be posted on our website with a clear “Last Updated” date and, where substantive, communicated via email to registered users.

For questions, requests, or to exercise your data subject rights, please contact our Data Protection Officer at info@heighpubs.us.