Privacy Statement

This Privacy Statement sets out how the Journal of Computers, Mechanical and Management, published by AAN Publishing, collects, uses, retains, and shares personal data of authors, reviewers, editors, and registered readers. The journal is committed to protecting the privacy of its users and to handling personal data lawfully, transparently, and only for purposes that are necessary to operate the journal.

This statement is informed by the principles of data minimisation, purpose limitation, and storage limitation that underpin internationally recognised data-protection frameworks, and by the guidance of the Public Knowledge Project (PKP) for journals operating on Open Journal Systems.

1. Who we are

The data controller for personal data collected through the journal's website is AAN Publishing, the journal's publisher. The journal's editorial operations are conducted by the editorial team led by the Editor-in-Chief. Both the publisher and the editorial team are bound by this Privacy Statement.

For data-protection inquiries, write to:

2. What personal data we collect

The journal collects personal data only where necessary to operate the editorial workflow. The categories of data collected are:

  • Account data: name, email address, affiliation, country, ORCID identifier (where supplied), and a password (stored as a one-way hash and not visible to the journal).
  • Profile data: reviewing interests, biographical statement, and any additional fields the user chooses to complete in their journal profile.
  • Submission data: manuscript files, cover letters, declarations, and correspondence associated with a submission.
  • Review data: review reports, review history, and reviewing performance metadata.
  • Editorial data: decision letters, editorial correspondence, and workflow records.
  • Server-side technical data: IP addresses, browser identifiers, and access timestamps, captured by the web server in the standard course of operating an online platform.

The journal does not collect special-category personal data (such as data concerning health, ethnicity, political opinions, or religious beliefs) and does not request such data through any form on the journal site. Where any such data is incidentally provided in a manuscript (for example, in a study on a clinical population), it is handled as confidential research material under the journal's Publication Ethics and editorial-confidentiality protocols, not as the user's own personal data.

3. Why we collect it

Personal data is processed for the following purposes only:

  • Operating the editorial workflow (receiving submissions, assigning editors, inviting reviewers, communicating decisions, producing the published version of record);
  • Communicating with users about their submissions, reviews, accounts, or registered interests;
  • Sending notifications of new issues and major announcements to users who have registered to receive them;
  • Maintaining the integrity of the editorial record (publication history, retracted articles, corrections, expressions of concern);
  • Meeting the journal's obligations to indexing services, preservation archives, and registries;
  • Complying with applicable law and responding to legitimate requests from regulatory or legal authorities.

The journal does not use personal data for marketing, advertising, profiling, or sale to third parties. The journal does not sell mailing lists.

4. How we share it

Personal data is shared only where necessary to operate the journal and only with parties that handle the data under their own confidentiality obligations:

  • Within the editorial team: author, reviewer, and submission data are accessible to editors involved in the handling of a specific manuscript. Reviewer identities are concealed from authors during peer review under the journal's Peer Review Policy.
  • With reviewers: manuscripts and associated metadata are shared with reviewers invited to assess them. Reviewers are bound by the journal's confidentiality obligations as described on the Reviewer Guidelines page.
  • With Crossref: article metadata, including author names and ORCID identifiers, is deposited with Crossref to register Digital Object Identifiers and to enable persistent linking. Crossref's privacy practices are at crossref.org.
  • With ORCID: where users authenticate via ORCID, the journal exchanges authentication tokens with ORCID. ORCID's privacy practices are at info.orcid.org.
  • With preservation archives: published articles and their metadata are deposited with preservation services for long-term access, as described on the Archiving and Preservation page.
  • With indexing services: article metadata is harvested by indexing services (Scopus, Google Scholar, ROAD, and others) through the journal's OAI-PMH endpoint, the journal site, and Crossref.

The journal does not transfer personal data to any other third party except where required by law.

5. Cookies and tracking

The journal site uses session cookies to maintain authenticated sessions and to remember user preferences within a session. The site does not use third-party tracking cookies, advertising cookies, or behavioural-profiling cookies. Server logs retain access information for operational and security purposes only.

6. How long we keep it

Personal data is retained for as long as it is needed for the purpose for which it was collected. Specifically:

  • Account data: retained for the lifetime of the account, plus a reasonable period after closure for audit purposes.
  • Submission and review data: retained as part of the editorial record for the lifetime of the journal, in keeping with indexing and audit requirements. Reviewer identities are not disclosed in the editorial record beyond what the journal's review policy provides.
  • Published article data (including author names and affiliations): retained in perpetuity as part of the scholarly record.
  • Server-side technical data: retained for a short rolling period (typically up to 12 months) for operational and security purposes, then purged.

7. Your rights

Users have the right to:

  • Access the personal data the journal holds about them;
  • Correct inaccurate or incomplete data;
  • Request deletion of their account, subject to the journal's obligation to retain the editorial record of any submissions they have made;
  • Withdraw consent to receive announcement notifications at any time, by updating the relevant preference in their journal profile or by writing to the editorial office;
  • Receive an export of the personal data they have provided, in a machine-readable format.

To exercise any of these rights, write to journalmanager@jcmm.co.in. The journal aims to respond to such requests within 30 days. Note that account closure does not retract or remove published articles; published articles remain part of the scholarly record under the licensing terms in force at the time of publication.

8. Security

The journal site operates over HTTPS with current security practices for an Open Journal Systems installation. Passwords are stored as one-way hashes. Access to personal data within the editorial workflow is limited to users with the relevant editorial role for a specific submission. The journal cannot guarantee absolute security of any internet-based service, but applies reasonable measures to protect data in transit and at rest.

9. International transfers

The journal's hosting infrastructure and editorial operations are based in different countries (the publisher in Malaysia, the editorial team in India, hosted infrastructure in regions selected by the publisher). By using the journal site, users acknowledge that their personal data may be transferred to and processed in any of these jurisdictions, in accordance with this Privacy Statement.

10. Children

The journal's services are intended for use by researchers, students, and scholarly readers. The journal does not knowingly collect personal data from children. Where the journal becomes aware that data of a child has been provided without appropriate consent, the data is deleted.

11. Changes to this Privacy Statement

This Privacy Statement is effective from 25 April 2026. Material revisions are dated, and the previous version is preserved for audit purposes. Where revisions affect users' rights or the way data is handled, registered users are notified through the journal's notification system.

12. Contact

For any inquiry related to privacy or personal data, write to journalmanager@jcmm.co.in. The Editor-in-Chief at editor@jcmm.co.in is the alternative contact for inquiries about editorial-process data.