Submissions

Privacy Statement

Privacy Statement

The TID Synergy Journal of Development (“the Journal”, “we”, “us”, or “our”) is committed to protecting the privacy, confidentiality, and security of personal data processed through the Journal website, editorial workflow, peer-review process, publication process, and related communications. This Privacy Statement is intended to support compliance with applicable data protection and privacy laws, including the Nigeria Data Protection Act, 2023 (NDPA), the UK GDPR and Data Protection Act 2018, and the EU General Data Protection Regulation (GDPR), and reflects standard good practice in scholarly publishing and peer review.

This statement explains what personal data we collect, why we collect it, how we use it, the legal bases on which we process it, how long we keep it, with whom we share it, how we protect it, and the rights available to authors, reviewers, editors, readers, and other users of the Journal platform. Transparency about purposes, sharing, and retention is a core requirement under modern data protection law.

1. Data Controller and Contact Details

For the purposes of applicable data protection law, the data controller for personal data processed through the Journal is:

Institute for Development Synergy (TIDS)
Publisher of the TID Synergy Journal of Development
Address: Suite B316 Zitel Plaza, Plot 227 Mafemi Crescent, Opp. Daily Trust, Jabi, Abuja, Nigeria
General Contact Email: [insert official journal or institutional email]
Journal Contact Email: [insert journal email]
Data Protection / Privacy Contact: [insert privacy email or officer details, if available]

If required by applicable law for specific processing activities or jurisdictions, we may appoint or identify a data protection contact, representative, or other responsible person and publish updated contact details here.

2. Scope of this Privacy Statement

This Privacy Statement applies to personal data processed when you:

• visit the Journal website;
• create an account on the Journal’s Open Journal Systems (OJS) platform;
• submit a manuscript or supplementary files;
• act as a reviewer, editor, author, reader, or journal staff member;
• subscribe to Journal notifications, announcements, or mailing lists;
• communicate with us by email, web form, or other official channels;
• participate in editorial, production, publication, indexing, metadata, archiving, or post-publication processes.

OJS requires users such as authors and reviewers to agree to the journal’s privacy statement as part of registration and workflow participation.

3. Categories of Personal Data We Collect

Depending on your role and how you interact with the Journal, we may collect and process the following categories of personal data:

Identity and contact data

• full name;
• title and professional designation;
• institutional affiliation;
• email address;
• postal address;
• telephone number, where voluntarily provided.

Account and profile data

• username and password hash;
• language preference;
• role within the Journal system;
• notification and subscription preferences;
• ORCID iD or similar scholarly identifier, where provided.

Submission and publication data

• authorship details;
• manuscript files and supplementary materials;
• author biographies;
• acknowledgments, funding statements, conflict of interest declarations, and contributor role information;
• correspondence relating to submission, revision, acceptance, rejection, publication, correction, or retraction.

Peer review and editorial data

• reviewer invitations, responses, reports, recommendations, and deadlines;
• editorial decisions and internal workflow notes;
• communications between editors, reviewers, and authors;
• records needed to preserve the confidentiality and integrity of peer review.

Peer-review confidentiality is a recognised ethical requirement in scholarly publishing, and confidential review systems should protect reviewer identity and manuscript confidentiality.

Technical and usage data

• IP address;
• browser type and version;
• device information;
• date/time logs;
• pages visited;
• system activity logs and security logs;
• cookies or similar technologies, where used by the site or hosting environment.

Billing or contractual data

• only where relevant, such as for invoices, waivers, service agreements, sponsorship administration, or publication-related transactions, if ever introduced.

We do not intentionally request or require special category or highly sensitive personal data unless this is strictly necessary and lawful, and unless appropriate safeguards are in place.

4. Sources of Personal Data

We may collect personal data:

• directly from you when you register, submit, review, edit, correspond, or update your profile;
• from co-authors or corresponding authors who provide author metadata;
• from editors or editorial staff managing workflow;
• from trusted publishing and research infrastructure services, where enabled, such as ORCID, Crossref, indexing services, archiving systems, or institutional systems;
• automatically from your use of the website through server logs and essential platform functions.

5. Purposes of Processing

We process personal data only where it is relevant to legitimate Journal, publishing, scholarly communication, administrative, legal, or security purposes. These purposes may include:

• creating and managing user accounts;
• receiving, screening, processing, and tracking submissions;
• administering peer review and editorial decision-making;
• corresponding with authors, reviewers, editors, and readers;
• publishing accepted articles and related metadata;
• attributing authorship and scholarly contribution;
• assigning identifiers and depositing or sharing publication metadata with scholarly infrastructure services;
• producing tables of contents, issues, archives, and journal announcements;
• maintaining research integrity, publication ethics, and audit trails;
• preventing abuse, fraud, spam, security incidents, and unauthorised access;
• complying with legal, regulatory, contractual, and ethical obligations;
• administering journal operations, analytics, hosting, backups, and records management;
• preserving the scholarly record, including corrections, withdrawals, expressions of concern, and retractions where necessary.

Crossref provides infrastructure for publication metadata and persistent scholarly records, including metadata such as licensing, funding, ORCID, and post-publication updates when deposited by publishers.

6. Legal Bases for Processing

Where applicable law requires a lawful basis, we rely on one or more of the following:

Consent
Where you voluntarily register, opt in, submit optional data, subscribe to alerts, or agree to specific uses.

Contract or steps at your request prior to contract
Where processing is necessary to provide the services you request, such as operating your account, receiving a submission, or managing reviewer participation.

Legal obligation
Where processing is necessary to comply with applicable law, lawful requests, tax/accounting rules, court orders, or regulatory obligations.

Legitimate interests
Where processing is necessary for the legitimate interests of the Journal or publisher, including editorial administration, peer review, publication, security, fraud prevention, platform management, preservation of the scholarly record, and communication with contributors and reviewers, provided such interests are not overridden by your rights and freedoms. The NDPA recognises lawful bases such as consent, legal obligation, and contract, and the GDPR/UK GDPR also require an identified lawful basis for processing.

Where we rely on consent, you may withdraw that consent at any time, although withdrawal will not affect processing already carried out lawfully before withdrawal.

7. Publication and Public Disclosure

Please note that scholarly publishing necessarily involves making some information public. If an article is accepted and published, the following categories of data may be made publicly available as part of the scholarly record:

• author names;
• affiliations;
• ORCID iDs, where supplied and enabled;
• article title, abstract, keywords, references, acknowledgments, funding statements, disclosures, and other publication metadata;
• author biographies, where required by Journal policy;
• the published article and associated files;
• licensing and citation information;
• post-publication notices, including corrections or retractions where required.

Publication metadata may also be deposited with or exposed to discovery, indexing, citation, archiving, and preservation services to support visibility, citation, access, and long-term scholarly recordkeeping. Crossref and ORCID are widely used components of that infrastructure.

Information that is part of the published scholarly record may need to remain available indefinitely in the interests of citation integrity, transparency, and preservation, even where some underlying account data is later deleted or minimised.

8. Confidentiality of Peer Review

The Journal operates a peer-review process and treats manuscripts under review, reviewer identities within confidential systems, reviewer reports, editorial deliberations, and unpublished submission materials as confidential, except where disclosure is required for legitimate editorial administration, publication ethics investigation, legal compliance, platform support, or where our published policies clearly provide otherwise.

Reviewers are expected to maintain the confidentiality of manuscripts and not disclose or use unpublished materials outside the review process. Confidential peer review is a core element of publication ethics guidance.

9. Cookies, Similar Technologies, and Technical Logs

The Journal website and hosting environment may use cookies or similar technologies that are strictly necessary for login sessions, language selection, security, fraud prevention, load balancing, and other essential platform functions. We may also use limited analytics, server logs, or security monitoring tools to maintain site performance and protect the platform.

Where non-essential cookies or tracking tools are used, we will seek consent where legally required and provide appropriate notice. Privacy notices should explain what is collected, why, for how long, and with whom it is shared.

If your OJS installation uses only essential cookies, say so clearly in your cookie banner or site notice.

10. Sharing of Personal Data

We do not sell personal data. We may share personal data only where necessary and proportionate with:

• the publisher, Journal staff, editors, editorial board members, and authorised administrators;
• reviewers and authors, only to the extent necessary within the Journal’s review model and workflow;
• hosting providers, email providers, backup providers, and IT support providers acting on our instructions;
• service providers supporting journal management, DOI registration, metadata deposit, indexing, archiving, or preservation;
• professional advisers, auditors, insurers, or legal counsel where necessary;
• public authorities, regulators, courts, or law-enforcement bodies where required by law or lawful process;
• successor or restructured entities, where legally permitted and subject to appropriate safeguards.

Where we use processors or service providers, we expect them to process personal data only on documented instructions, maintain confidentiality, and apply appropriate security measures.

11. International Transfers

Because scholarly publishing, manuscript management, cloud hosting, email delivery, DOI registration, indexing, archiving, and related services may involve organisations or infrastructure located in other countries, your personal data may be transferred internationally.

Where personal data is transferred across borders, we will take reasonable steps to ensure that such transfers are made in accordance with applicable law and subject to appropriate safeguards, which may include:

• adequacy decisions, where available;
• contractual safeguards;
• technical and organisational security measures;
• transfer risk assessments where required;
• limiting the amount of data transferred to what is necessary.

12. Data Retention

We retain personal data only for as long as necessary for the purposes described in this statement, including editorial workflow, publication, legal compliance, records management, security, dispute handling, and preservation of the scholarly record.

Because journal operations depend on long-lived editorial and publication records, some categories of data may be retained for extended periods. By way of example:

• account and contact data: for as long as your account remains active and for a reasonable period afterward for audit, security, and records purposes;
• submission and editorial records: for as long as necessary to manage the manuscript and maintain a reliable editorial history;
• peer-review records: for as long as reasonably necessary to support editorial accountability, ethics investigations, and recordkeeping;
• published article metadata and scholarly record data: potentially indefinitely;
• server, security, and technical logs: for a limited retention period appropriate to operational and security needs, unless longer retention is required for investigation or compliance.

Data protection rules require organisations to tell people about retention periods or the criteria used to determine them.

13. Security Measures

We implement reasonable technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. Such measures may include:

• access controls and role-based permissions;
• password protection and authentication controls;
• secure hosting and backups;
• software updates and patching;
• logging and monitoring;
• least-privilege administration;
• confidentiality obligations for staff and editors;
• controlled handling of manuscripts and reviewer data.

No online system can be guaranteed to be completely secure. Users should also protect their passwords, devices, and account credentials.

14. Your Data Protection Rights

Subject to applicable law and any relevant exemptions, you may have the right to:

• be informed about how your personal data is used;
• access your personal data;
• request correction or rectification of inaccurate or incomplete data;
• request deletion or erasure in certain circumstances;
• object to certain processing;
• request restriction of processing in certain circumstances;
• request portability of data, where applicable;
• withdraw consent where processing is based on consent;
• not be subject solely to automated decision-making in circumstances covered by law;
• complain to a competent supervisory authority.

The NDPC lists rights including the rights to be informed, access, rectification, objection, restriction, portability, erasure, complaint, and protection against solely automated decision-making, and the ICO similarly explains the right to be informed and related UK GDPR rights.

Please note that these rights are not absolute. For example, rights requests may be limited where retention is necessary for legal compliance, public interest archiving, freedom of expression, research integrity, establishment or defence of legal claims, or preservation of the scholarly record.

15. How to Exercise Your Rights

To make a privacy or data rights request, contact:

[insert privacy contact email]
[insert journal contact email]

Please describe your request clearly and provide enough information for us to verify your identity and locate the relevant records. We may request additional information where reasonably necessary to confirm identity or authority.

Under UK GDPR guidance, rights requests generally should be answered without undue delay and within one month, subject to lawful extension where applicable.

16. Complaints

If you are dissatisfied with how we handle your personal data or your rights request, you may complain to the relevant supervisory authority in your jurisdiction. Depending on your location and the circumstances, this may include the Nigeria Data Protection Commission (NDPC), the UK Information Commissioner’s Office (ICO), or a competent EU/EEA supervisory authority. The NDPC is Nigeria’s data protection authority, and the ICO is the UK authority responsible for data protection enforcement.

17. Children’s Data

The Journal is intended for researchers, academics, professionals, and adult users. It is not directed to children. We do not knowingly collect personal data from children except where this occurs lawfully and unintentionally through ordinary manuscript or communication processes.

18. Third-Party Links and External Services

The Journal website may contain links to third-party websites, databases, repositories, indexing services, publisher tools, ORCID, Crossref, social media platforms, or institutional pages. We are not responsible for the privacy practices of third-party services. Users should review the privacy notices of those services separately.

19. Changes to this Privacy Statement

We may update this Privacy Statement from time to time to reflect changes in law, regulation, platform features, publishing practice, or Journal operations. The current version will be posted on the Journal website with an updated effective date. Where required by law, we will provide additional notice of material changes.

Effective Date: [insert date]
Last Updated: [insert date]