GDPR Guidebook for PKP Users
PKP is happy to release a new guide, GDPR Guidebook for PKP Users. This guide provides advice for users of PKP applications on how to approach the EU General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018. It provides guidance on how to best configure OJS to be GDPR-compliant, and includes information on some of the policies that those using OJS with EU clients will want to consider. It is available here (PDF).
Anyone who interacts with EU citizens on the web must take the GDPR into account. If you are a publisher that accepts EU user registrations, EU reader subscriptions, or even EU-based web visits, this means you!
PKP’s approach to the GDPR is an ongoing engagement, and will include code changes within PKP applications, and revisions to this guide over time. Some information on near-term application changes are included at the end of this document but should not be considered exhaustive. Plans for code-specific changes can be viewed in our GitHub project.
PKP, as a software provider, has a responsibility to provide secure software and timely bug fixes, and we welcome this opportunity to strengthen privacy rights. Those that host the software, as well as those who utilize it to publish journals, books and other artifacts, should consider ways of addressing the rights and responsibilities involved in scholarly publishing.
This guide should not be considered a source of legal advice. It is not a substitute for consulting appropriate legal authorities in your jurisdiction. It is up to publishers to determine whether and in what ways the GDPR applies to their publications. For further information on PKP’s approach and to discuss aspects of this guide, you can contact us at <firstname.lastname@example.org>.
PKP would like to thank our development partners for their many significant contributions to this document, in particular:
- Dulip Withanage, Heidelberg University
- Antti-Jussi Nygård, journal.fi
- Svantje Lilienthal, Free University Berlin