Privacy Policy

1. Data Controller

NEXARA Publications ("we," "us," "our") is the data controller for personal data collected through this platform. We are committed to protecting the privacy and security of all users, authors, reviewers, and visitors.

2. Information We Collect

2.1 Information You Provide

• Author Information: Full name, email address, institutional affiliation, country, ORCID iD, designation/title, and co-author details.
• Manuscript Data: Submitted manuscripts, abstracts, keywords, cover letters, supplementary materials, and revision correspondence.
• Identity Verification Documents: Government-issued photo ID (passport, national ID, Aadhaar, driver's license) and institutional email for verification purposes (effective April 2026).
• Contact Form Submissions: Name, email address, subject, and message content.
• Paper Status Checks: Paper ID and email address used for tracking.

2.2 Information Collected Automatically

• Usage Data: IP address, browser type and version, operating system, referring URLs, pages visited, time spent, and access timestamps.
• Device Information: Screen resolution, device type, and language preferences.
• Cookies & Similar Technologies: Session cookies for functionality and analytics cookies for platform improvement (see Section 7).

3. How We Use Your Information

We process personal data for the following purposes:

• Manuscript Processing: Managing submissions, peer review, editorial decisions, and publication.
• Author Verification: Confirming identity and institutional affiliation to prevent fraudulent submissions.
• Communication: Sending editorial correspondence, review notifications, publication confirmations, and platform updates.
• Platform Improvement: Analyzing usage patterns to enhance user experience, performance, and content discovery.
• Legal Compliance: Fulfilling legal obligations, responding to lawful requests, and enforcing our terms.
• Research Integrity: Plagiarism screening, AI-content detection, and misconduct investigations.

4. Legal Basis for Processing

We process your personal data based on:

• Consent: When you submit a manuscript or provide your information voluntarily.
• Contractual Necessity: To fulfill our obligations in the author-publisher relationship.
• Legitimate Interest: Platform security, fraud prevention, and research integrity.
• Legal Obligation: Compliance with applicable data protection laws and regulations.

5. Data Sharing & Third Parties

We may share your personal data with:

• Peer Reviewers: Manuscripts are shared with expert reviewers. Author identity may be disclosed depending on the review model (single-blind or open review).
• Indexing Services: Published paper metadata (title, authors, abstract, DOI, keywords) may be shared with academic databases and indexing services for discoverability purposes.
• Plagiarism Detection Services: Manuscripts are submitted to iThenticate/Turnitin for originality screening.
• DOI Registration: Author and publication metadata is shared with Zenodo for DOI assignment. CrossRef registration is pending.
• Law Enforcement: When required by law, court order, or to investigate research misconduct.

We do not sell, rent, or trade personal data to third parties for marketing purposes.

6. Data Retention

• Published Papers: Author names, affiliations, and paper metadata are retained permanently as part of the scholarly record.
• Rejected Manuscripts: Retained for 12 months after the rejection decision, then permanently deleted.
• Identity Verification Documents: Encrypted at rest and deleted within 90 days of the publication decision.
• Review Correspondence: Retained for 5 years for research integrity and audit purposes.
• Contact Form Data: Retained for 24 months unless ongoing correspondence requires longer retention.
• Usage/Analytics Data: Retained for 26 months in anonymized/aggregated form.

7. Cookies & Tracking Technologies

NEXARA uses the following types of cookies:

We do not use advertising or marketing cookies. You may disable non-essential cookies through your browser settings without affecting core platform functionality.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data, subject to legal retention requirements and the scholarly record exception (published papers remain part of the permanent academic record).
• Right to Restrict Processing: Request limitation of processing in certain circumstances.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests.
• Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at privacy@nexara.org. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

• TLS/SSL encryption for all data in transit.
• AES-256 encryption for sensitive data at rest (identity verification documents).
• Role-based access controls limiting data access to authorized personnel only.
• Regular security audits and vulnerability assessments.
• Incident response procedures for data breach notification within 72 hours as required by applicable law.

10. International Data Transfers

Your data may be processed in jurisdictions outside your country of residence, including India. When transferring data internationally, we implement appropriate safeguards including standard contractual clauses, data processing agreements, and compliance with applicable cross-border data transfer regulations.

11. Children's Privacy

NEXARA is an academic publishing platform intended for researchers, scholars, and professionals. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that a minor has provided personal data, we will take steps to delete such information promptly.

12. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via a prominent notice on the platform and/or email notification to registered users. The "Last updated" date at the top reflects the most recent revision. Continued use of the platform after changes constitutes acceptance of the updated policy.

13. Contact & Complaints

For privacy-related inquiries, data subject requests, or complaints:

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection supervisory authority in your jurisdiction.