The British Journal of Surgical Science (BJSS) is committed to protecting the personal data of authors, reviewers, editors, and website users in accordance with the General Data Protection Regulation (GDPR) (EU 2016/679).

This policy explains what data we collect, why we collect it, how we use it, and how your rights are protected.
 
1. Data Controller

The data controller is: British Journal of Surgical Science (BJSS), BJOSScience@gmail.com

The data controller is responsible for deciding how and why personal data is processed.
 
2. Personal Data We Collect

• Authors
  • Name, affiliation, and contact details
  • Email address
  • ORCID iD (optional)
  • Manuscript submissions and related files
  • Ethical approvals or declarations
  • Correspondence records
• Reviewers
  • Name, affiliation, email address
  • Areas of expertise
  • Peer review history
  • Reviewer comments and decisions
• Editors
  • Name, contact details
  • Editorial decisions and communication
  • Processing history within the system
• Website Users
  • IP address
  • Browser type and technical metadata
  • Cookies required for login and session management
  • Website usage statistics (anonymized)

BJSS does not collect unnecessary or sensitive personal data unless required for editorial or legal reasons.
 
3. Legal Basis for Data Processing

BJSS processes personal data under the following GDPR legal bases:

• Article 6(1)(b) — processing necessary for a publishing contract (manuscript submission and review)
• Article 6(1)(c) — compliance with legal obligations
• Article 6(1)(f) — legitimate interests, such as maintaining academic integrity
• Article 6(1)(a) — consent (e.g., optional profile data or ORCID)

 4. How We Use Personal Data

Personal data is used solely for scholarly publishing purposes:

• Manuscript submission management
• Peer review coordination
• Editorial communication
• Ensuring academic integrity and detecting misconduct
• Indexing and dissemination of published articles
• System security and performance analysis

We do not sell or commercially share personal information.
 
5. Data Sharing

BJSS shares personal data only when necessary:

• With editors and reviewers assigned to a manuscript
• With indexing and abstracting services (names, affiliations, ORCID in published articles)
• With third-party services used by the journal platform (e.g., OJS hosting providers)
• With legal authorities if required

We do not share private contact details publicly unless explicitly approved by the author.
 
6. Data Storage and Protection

• Personal data is stored on secure servers with restricted access
• Passwords and sensitive data are encrypted
• Regular backups and security checks are performed
• Access is limited to authorized editorial staff only

Data is retained only for the period necessary for academic record keeping, editorial functions, or legal compliance.
 
7. Your GDPR Rights

All users have the following rights:

• Right of access – request a copy of your data
• Right to rectification – correct inaccurate data
• Right to erasure (right to be forgotten)
• Right to restriction of processing
• Right to data portability
• Right to object to certain processing
• Right to withdraw consent at any time

Requests may be sent to: BJOSScience@gmail.com

BJSS will respond within 30 days as required by GDPR.
 
8. Cookies and Tracking

BJSS uses cookies only for functional purposes, such as login sessions and website stability.

We do not use advertising or third-party tracking cookies.

Users may disable cookies through their browser, but some site features may not function.
 
9. Data Breach Policy

If a data breach occurs, BJSS will:

• Assess the severity
• Notify affected individuals when required
• Notify relevant GDPR authorities within 72 hours if the breach poses a significant risk 

10. Updates to the Policy

This policy may be updated periodically to comply with GDPR or changes in journal operations.

All updates will be posted on the journal website.