Data protection policy

pursuant to Art. 13 GDPR, as of: September 2025

Project/occasion: Open Journal Systems (OJS) e-journal editorial system

OJS is open-source software that implements global best practices for the creation, operation, management and publication of open access journals, thereby contributing to the global discoverability of published research results. In cooperation with its technical partners, the ULB Münster is responsible for hosting the software (provision, operation and maintenance) and supports publishers in setting up and operating their journals on the OJS platform.

1. Name and address of the responsible controller

The responsible controller as defined in the EU General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection-related provisions is:

University of Münster,
represented by its Rector, Prof. Dr Johannes Wessels,
Schlossplatz 2, 48149 Münster
Tel.: + 49 251 83-0
Email: mailbox@uni-muenster.de

If you have any questions regarding the content of the project, please contact a specialist directly:
Dr Stephanie Klötgen
University and State Library of Münster
Krummer Timpen 3, 48143 Münster
Email: stephanie.kloetgen@uni-muenster.de

2. Contact details of the data protection officer

Contact of the data protection officer of the responsible controller:

Data Protection Office
Schlossplatz 2, 48149 Münster, Germany
Tel.: + 49 251 83-22446
Email: datenschutz@uni-muenster.de

3. Data processing within the framework of the ‘Open Journal Systems (OJS)’ project

Please refer to the University of Münster's privacy policy for the general regulations.

a) Scope and purpose of data processing

OJS is an open-source software used for the creation, operation, administration and publication of open access journals. The ULB Münster and its technical partners operate the platform and host the journals, for which the publishers are responsible.

For users/readers of articles and content from OJS journals without registration

Each time Open Journal Systems is accessed, the system automatically collects data and information from the computer system of the accessing computer. The following user data is collected:

- IP address
- Date and time of access
- Information about the browser type and version used
- Internet service provider
- Operating system
- Websites from which the user's system accesses our website
- Websites accessed by the user's system via our website

The data is stored in our system's log files and is not stored together with other personal data of the user.

Registration as an author, reader or reviewer

On our website, we offer users the opportunity to register as authors, readers or reviewers by providing personal data. The data is entered into an input mask, transmitted to us and stored. Registration does not serve to conclude a contract with the user. User registration is required in order to provide certain content and services on our website, such as notifications about new publications. The following data is collected during the registration process:

Profile:
- First and last name
- Institution
- Country

Login:
- Email address
- User name
- Password/repeat password

User account of registered authors or reviewers

Your user data enables editorial communication between authors, editors and reviewers. Please note that further data is stored and processed during the editorial process. This data includes, for example:

- Submitted documents
- Events (event log)
- Decisions (e.g. reviewer recommendations)
- Emails (log)

The legal basis for processing your data for the purposes stated in this privacy policy is your express consent (Art. 6(1)(a) GDPR). You may revoke this consent at any time. Your subsequent revocation does not affect the lawfulness of the data processing that has taken place on the basis of your consent up to that point.

The information you enter will not be automatically deleted if you do not confirm your registration. To completely delete your account, please contact the publishers.

Authors may be asked to provide the names and email addresses of their co-authors. By providing this data, you declare that you have obtained the consent of your co-authors for data processing. Co-authors do not have their own user accounts. The names of authors and co-authors, as well as their institutional affiliations, are displayed on the website together with their published articles. Email addresses are not published on the website. However, contact details may be included in the downloadable article, provided the author has given their consent. The above-mentioned rights regarding personal data also apply to the co-author(s).

Option to revoke and delete registration

As a user, you have the option to cancel your registration at any time. You can have the data stored about you changed at any time. To have your account deleted or your data changed, please contact the publishers.

Personal information provided when submitting contributions

Personal information submitted together with contributions:

- First and last names
- Institutional affiliation
- Biographical information
- Email and website address

This data will be published together with the contribution if it is published.

b) Legal basis for the processing of personal data

The legal basis for the collection and processing of the above-mentioned personal data of the data subject is consent in accordance with Art. 6 (1) (a) GDPR.

c) Recipients of your personal data

The above-mentioned personal data will be transmitted to the publishers of the journal as well as to the ULB Münster and its technical partners as operators of the platform.

Metadata of published articles, including the names of authors, will be shared with third parties for the purpose of DOI registration and indexing of published content in scientific databases such as DOAJ, DNB and others. Apart from this, personal data will not be shared, nor will it be used for purposes other than those specified above.

d) Usage statistics

For the purpose of analysing the usage and reach of the journal and the articles published, we document and store accesses to the journal's main page, issues, articles, galley proofs and additional files. The information collected is used solely for statistical evaluation of content usage. IP addresses are not assigned to user IDs.

The information is used for editorial purposes by the editorial team and the publishers. It is not passed on to third parties unless we are legally obliged or entitled to do so (e.g. in connection with criminal prosecution, suspected plagiarism or other copyright infringements).

e) Duration of storage of personal data 

Data is stored for the purposes specified in this privacy policy. It is deleted when its storage is no longer necessary for the above-mentioned purposes (Art. 17(1)(a) GDPR).

4. Your rights as an affected person

You have the right to obtain information about your personal data processed by the University of Münster (Art. 15 GDPR), the right of correction of your personal data (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), a right to the restriction of processing (Art. 18 GDPR) and a right to object to processing (Art. 21 GDPR).

You also have the right to lodge a complaint with a supervisory authority, e.g. the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, PO Box 20 04 44, 40102 Düsseldorf, tel.: +49 211 38424-0, email: poststelle@ldi.nrw.de.