Privacy Policy
Effective date: January 1, 2025 · Applies to MedSoc International
1. Introduction
MedSoc International ("we", "our", or "us") is committed to protecting your personal information. This Privacy Policy explains what data we collect when you use our digital library platform, how we use it, and the rights you have over it.
2. Information We Collect
- Account data — name, institutional email address, and role when you register.
- Usage data — titles viewed, search queries, reading progress, and session duration, used for COUNTER-compliant reporting and collection development.
- Device data — IP address, browser type, and operating system for security and access-control purposes.
- Cookies — session cookies for authentication; analytics cookies (opt-in) for platform improvement.
3. How We Use Your Information
- To authenticate you and enforce license entitlements.
- To generate anonymised usage statistics shared with your institution and publishers.
- To send transactional emails (password reset, access expiry notices).
- To detect and prevent unauthorised access or bulk downloading.
- To improve search relevance and recommendation quality.
4. Data Sharing
We do not sell your personal information. We may share data with:
- Your institution's library administrators (aggregated usage reports only).
- Publishers and society presses, in anonymised form, for COUNTER 5 compliance.
- Service providers (cloud hosting, email delivery) under strict data-processing agreements.
- Law enforcement, when required by applicable law.
5. Data Retention
Account data is retained for the duration of your institutional subscription plus 12 months. Usage logs are aggregated after 90 days and individual records are deleted. You may request early deletion by contacting us at the address below.
6. Your Rights
Depending on your jurisdiction you may have the right to access, correct, delete, or port your personal data, and to object to or restrict certain processing. To exercise these rights, email privacy@zentrovia.ac. We will respond within 30 days.
7. Cookies
Strictly necessary cookies are set automatically to maintain your session. Analytics cookies (Google Analytics 4) are set only if you accept them via the cookie banner. You can withdraw consent at any time through your browser settings.
8. Security
We use TLS 1.3 for all data in transit and AES-256 encryption for data at rest. Authentication tokens are short-lived and stored in httpOnly cookies. We conduct annual penetration tests and publish a responsible-disclosure policy.
9. Changes to This Policy
We may update this policy to reflect changes in law or our practices. We will notify registered users by email at least 30 days before material changes take effect.
10. Contact
For privacy enquiries or to exercise your rights, contact our Data Protection Officer:
MedSoc International — Data Protection Officerprivacy@zentrovia.ac