The Global Medical Insights Journal (GMI Journal) is committed to safeguarding the privacy and data protection rights of its authors, reviewers, editors, readers, and website visitors. This Privacy Statement outlines how we collect, use, disclose, and store personal data collected through our website and submission system, hosted on the Open Journal Systems (OJS) platform.

We process all personal data in accordance with the applicable data protection laws, including the General Data Protection Regulation (EU GDPR 2016/679), U.S. data privacy laws, and other relevant legislation.

Scope of This Policy

This Privacy Statement applies to:

  • All visitors and registered users of the GMI Journal website.

  • All individuals submitting manuscripts or peer-review feedback through the OJS platform.

  • Editorial board members, authors, reviewers, and readers.

  • Any party accessing, downloading, or interacting with published journal content.

Information We Collect

We may collect and process the following categories of personal data:

a. User-Provided Information

Collected at the time of registration or submission:

  • Full Name

  • Username and Password (encrypted)

  • Email Address

  • Institutional Affiliation

  • Country

  • ORCID iD

  • Phone Number (optional)

  • Mailing Address (optional)

  • Biographical Statement and Academic Interests

b. Author and Manuscript Metadata

  • Title and abstract of the manuscript

  • Author names and affiliations

  • Keywords

  • Submission history, editorial decisions, and peer-review comments

c. Reviewer Data

  • Name and contact details

  • Review assignments and history

  • Submitted review comments and recommendations

d. Automatically Collected Data

When visiting the journal website:

  • IP address

  • Browser type and version

  • Device type and operating system

  • Pages viewed, time spent, referral URLs

  • Cookies and other tracking data

How We Use Your Information

Your data is used for the following lawful and legitimate purposes:

  • To manage and publish scholarly content

  • To facilitate peer review and editorial processes

  • To register and authenticate users

  • To maintain communication between authors, editors, and reviewers

  • To assign Digital Object Identifiers (DOIs) and share metadata with indexing services

  • To analyze usage and improve website functionality and performance

  • To comply with legal and regulatory obligations

Legal Basis for Processing

We rely on one or more of the following legal bases for processing your personal data:

  • Performance of a contract: e.g., processing submissions and publishing articles.

  • Legitimate interests: e.g., managing editorial workflow, improving journal functionality.

  • Consent: e.g., for marketing communications or newsletter subscriptions.

  • Legal obligation: e.g., compliance with tax, reporting, or journal archiving requirements.

Disclosure of Personal Data

We do not sell or rent personal data to third parties. However, we may disclose personal data in the following situations:

  • To editors, reviewers, and technical staff for editorial management.

  • To indexing and archiving services (e.g., Crossref, DOAJ, Scopus) for metadata dissemination.

  • To web hosting providers such as Hostinger, for secure storage and backup.

  • When legally required to do so by courts, government agencies, or law enforcement.

All third-party service providers are bound by confidentiality and data processing agreements.

Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this statement. Data may be retained for:

  • Publication record keeping (permanently, in line with scholarly publishing norms)

  • Editorial and peer review tracking (minimum 5 years)

  • Legal and regulatory compliance

  • Backup and restoration purposes

You may request deletion of your account and data, but published articles and related metadata are part of the permanent scholarly record and cannot be removed.

Data Security

We employ a range of security measures to protect personal data, including:

  • HTTPS encryption (SSL)

  • Role-based access controls

  • Secure password hashing and user authentication

  • Regular server updates and security patches

  • Daily backups hosted by Hostinger

  • Data minimization and retention policy

Despite these efforts, no system is 100% secure. We encourage users to take precautions such as using strong passwords and logging out after each session.

International Data Transfers

Your personal data may be stored or processed in countries other than your own, including the United States or the European Union. We ensure appropriate safeguards, such as standard contractual clauses, to protect your data during such transfers.

Your Data Protection Rights

Under applicable laws, particularly the GDPR, you have the following rights:

  • Right to access your personal data

  • Right to rectification of inaccurate or incomplete data

  • Right to erasure (in certain circumstances)

  • Right to restrict processing

  • Right to object to processing

  • Right to data portability

  • Right to withdraw consent (where applicable)

  • Right to lodge a complaint with a supervisory authority

To exercise any of these rights, please contact us using the details below.

Cookies Policy

We use cookies and similar tracking technologies to:

  • Maintain user sessions

  • Analyze site traffic and performance

  • Remember login credentials (if you select “remember me”)

You may control cookies through your browser settings. Disabling cookies may impact some features of the website.