PSI Top Co Ltd, and its affiliates, PSI IPV Ltd, PSI DDB Ltd, PSI Sub Fraud Ltd and PSI IP Intrusion Service Ltd (collectively “PSI” or “we”) are independent companies established for the purpose of facilitating cooperation between and across publishing companies, subscription agents and libraries to enable seamless and streamlined data analysis for the benefit of the industry as a whole. PSI is committed to maintaining the confidence and trust of both individuals and organisations with respect to the data we collect. Please read this Privacy Policy to understand our practices about how we collect, use and share the information we hold.

Topics:

• Information we collect
• Use of your information
• How we secure personal information
• Your choices and access to the information
• Changes to our privacy policy
• Contact

Information we collect

We collect information (some of which is personal data) in the following ways: directly through user input or completion of questionnaires, indirectly through sharing data with our publishing customers, independently through research including of publicly accessible information on places such as Google and Lexis, and automatically through technologies such as cookies and web beacons.

Information collected from you

The type of information we collect from you may include:

• Contact details (name, email address, postal address, telephone number, fax number)
• Place of work (name, address, institution type)
• Job title and/or function
• Company principals
• Company references
• Background check information (such as legal cases and news articles)
• Registered IP addresses

Information shared through publishing customers

The type of information our publishing customers share with us may include:

• Contact details (name, email address, postal address, telephone number, fax number)
• Place of work (name, address, institution type)
• Job title and/or function
• Registered IP addresses
• Journal titles purchased and/or subject areas of interest
• Partial credit card information
• Aggregate activity data (web logs or page tag data)
• Metadata (author name, publication information)

Information collected independently

The type of information we collect independently may include:

• Contact details (name, email address, postal address, telephone number, fax number)
• Username
• Background check information (such as legal cases and news articles)

Information collected automatically

The information we collect automatically through cookies, web beacons and other technologies is non-personal information that does not reveal your specific identity or directly relate to an identifiable individual. This may include:

• IP address used to connect your computer to the internet
• Web-server log files
• Computer, device and connection information, such as browser type and version, operating system and other technical identifiers
• URL click stream data, including date and time stamp, referring and exit URLs, search terms used and pages visited

Use of your information

The various affiliated companies may use the data we collect to:

• Provide services to you, such as fulfilling any contractual obligations
• Respond to your requests, enquiries, comments or concerns
• Provide technical support to keep services working, safe and secure
• Enhance, evaluate and improve our services and promotional campaigns and to develop new services
• Notify you about changes or updates to our services
• Market our products and services to you (unless you opt out of this communication by contacting us)
• Facilitate PSI’s legitimate interests and compliance with legal obligations
• Share information with our publisher customers and institutions (libraries) so they can provide the products and services you require, ensure their terms and conditions of use are adhered to, fulfil their legal obligations and fulfil their legitimate interests

Legal basis for processing

Our legal basis for processing this data will be one of the following:

• You have given consent for use either to us or to the publisher (data controller) from whom we received the information
• Use is necessary in order to fulfil our or a publisher’s (data controller’s) contract with you or for your benefit or to take steps at your request prior to entering into this contract
• Use is necessary for the purposes of a legitimate interest, such as:
  • A publisher’s interest in verifying IP addresses for content access, facilitating future compliance with legal obligations,or detecting and preventing fraud
  • A publisher’s or institution’s (library’s) interest in knowing publication usage statistics
  • PSI and its affiliates’ interests: in pursuing commercial and marketing aims; in establishment, exercise or defence of legal claims; in operational management, internal administration, and network and information security; and in prevention of fraud and other unlawful activities
• Use is necessary to fulfil our legal obligations or a publisher’s (data controller’s) legal obligations (such as due diligence obligations under the UK Bribery Act 2010, the FCPA, or the OECD Anti-Bribery Convention)

Disclosure of your information

We may share your personal information with:

• Relevant agents, representatives, joint venturers, and entities for which we are acting as an agent;
• Applicable suppliers and service providers including, but not limited to, credit card processors, customer support, email service providers, website serviceproviders, mailing houses and shipping agents, mail service and sales or marketing platforms and IT providers;
• Publishers or institutions (libraries) for whom we are providing a service to enable them to fulfil a contract with you, satisfy their legitimate interests, or comply with their legal obligations;
• Entities with which we jointly process information for publishers or institutions (libraries) for the above purposes; and
• All of our affiliates, trading names and divisions within the PSI group of companies worldwide.

Outside of our group of affiliates, we will not share your personal information with any third parties for marketing purposes.

We also reserve the right to disclose your personal information if we are required to do so by law, or in the good faith belief that disclosure of the information is reasonably necessary to comply with legal process, to respond to claims, or to protect or advance our rights, property, safety, or well-being of our company, our employees, customers, or the public.

Cross-Border Transfer of Information

Your personal data may be transferred to other countries for processing, but it will not be transferred, stored, or processed outside the European Economic Area (EEA) without adequate protections.We ensure that adequate safeguards are in place for all transfers of personal data outside the EEA that do not have an “adequacy decision” from the European Commission.

Timely Processing

Personal data should not be kept longer than necessary for the purpose. This means that data should be destroyed or erased from our systems when it is no longer required. We will only retain your personal data for the period necessary to fulfil the purpose for which it was collected, as laid out above. For guidance on how long particular data islikely to be kept before being destroyed, please contact our Data Protection Officer (see below).

How we secure personal information

PSI has taken steps to ensure that all personal data we hold is protected against loss, theft, misuse and unauthorised access or disclosure. We employ appropriate administrative, physical and technical security measures, including limiting access to the information through electronic security systems and passwords, training employees on data protection and our data protectionpolicies, obliging employees and third parties we engage to process data to respect confidentiality, and storing data on secure servers. Furthermore, we have undergone “stress” testing to ensure our systems are adequately safeguarded against unauthorised access.

Your choices and access to the information

If you would like access to the information we hold about you and how it is used, please contact us by written request, including proof of your identity, or by email using the contact information below.

You have the right to request that we take reasonable measures to restrict, correct or delete any information that you contest is inaccurate.

You also have the right to have information erased when it is no longer necessary for our purposes. Where information has been unlawfully processed, you have a right to its restriction or erasure. You also have the right to object to certain types of processing on grounds relating to your particular situation and the right to data portability of certain information.

If our processing is based on your consent, you have the right to withdraw your consent and have the data erased by contacting us using the information below.

In the case of the IP Registry and IP Intrusion, registered users have access to their own account information and are able to make corrections upon login at any time. The accuracy of this information is solely the responsibility of the user.

If you are receiving marketing communications from PSI, you will be able to update preferences by using the “opt-out” or “unsubscribe” mechanism provided within the communications that you receive from us or by contacting us.

You also have the right to lodge a complaint with a supervisory authority, such as the Information Commissioner’s Office (ICO).

Changes to our Privacy Policy

We may change this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

Contact

If you have any comments, questions or requests regarding this Privacy Policy or our processing of your information, please contact:

PSI Data Protection Officer
PSI Top Co Ltd
c/o Jameson’s House
6 Compton Way
Witney
OX28 3AB

Email: [email protected]