Privacy Policy

1. Scope and Controller Information

This Privacy Policy applies to personal data processed through the AAFT Journal of Management website and related digital publishing services operated by or on behalf of Malhotra Publishing House.

Depending on the context, Malhotra Publishing House may act as the data controller or may determine processing jointly with editorial teams, journal administrators, platform providers, or service partners involved in publishing, communication, hosting, or infrastructure functions.

2. Categories of Personal Data We May Collect

We may collect personal data necessary for publishing operations, editorial administration, communication, user support, analytics, platform security, and compliance purposes.

This may include information such as your name, institutional affiliation, professional details, email address, phone number, and mailing information where provided. We may also collect account-related information, submission metadata, reviewer and editorial records, and communications exchanged with the journal.

In addition, technical data such as IP address, browser type, device information, usage logs, and timestamps may be collected to support platform functionality and security. Where applicable, newsletter preferences, consent records, and subscription data may also be maintained.

3. Sources of Personal Data

Personal data may be collected directly from users, through institutional affiliations, via submission and peer review workflows, through account registration, website usage, cookies (where permitted), or through trusted publishing and infrastructure partners.

4. Purposes of Processing

We process personal data only where necessary for legitimate publishing and operational purposes.

Key purposes include:

• Managing journal websites, articles, and archives
• Handling submissions, peer review, and editorial workflows
• Communicating with authors, reviewers, editors, and readers
• Maintaining publication records and metadata integrity
• Providing user support and responding to enquiries
• Improving website performance, accessibility, and usability
• Ensuring platform security and preventing misuse
• Sending relevant service or newsletter communications
• Meeting legal, regulatory, and contractual obligations

5. Legal Bases for Processing

Where applicable, processing is based on legal grounds such as contractual necessity, legitimate interests, compliance with legal obligations, protection of rights, or user consent.

Where consent is used as the basis, users may withdraw consent at any time without affecting prior lawful processing.

6. Cookies, Analytics, and Similar Technologies

The journal may use cookies, server logs, and analytics tools to maintain functionality, analyze usage, improve performance, and enhance user experience.

Where required by law, non-essential cookies are used only after obtaining user consent. Further details are available in the Cookie Policy.

7. How We Share Information

We do not sell personal data. Information may be shared only when necessary for journal operations and legal compliance.

This may include:

• Editorial teams and authorized personnel
• Hosting and technical service providers
• Indexing, DOI, and archiving services
• Legal authorities, regulators, or auditors when required
• Parties involved in lawful organizational restructuring

8. International Data Transfers

Due to the global nature of academic publishing, personal data may be processed or accessed across different jurisdictions. Appropriate safeguards are applied where required.

9. Data Retention

Personal data is retained only as long as necessary for the purposes outlined in this policy, including editorial workflows, publication integrity, legal compliance, and recordkeeping.

Publication-related data may be retained longer to preserve the scholarly record and ensure citation continuity.

10. Security Measures

We implement reasonable technical, organizational, and administrative safeguards to protect personal data from unauthorized access, misuse, or loss.

However, no digital system is completely secure, and users are responsible for safeguarding their account credentials.

11. Your Rights

Subject to applicable laws, users may have rights to:

• Access and review personal data
• Correct or update information
• Request deletion or restriction of processing
• Object to certain processing activities
• Request data portability
• Withdraw consent where applicable
• File complaints with relevant authorities

12. Marketing Communications and Newsletter Preferences

Users receiving newsletters or alerts may manage preferences or unsubscribe using available options.

However, essential communications related to editorial processes, security, or services may still be sent when necessary.

13. Children’s Privacy

The journal is intended for academic and professional audiences. We do not knowingly collect personal data from children unless permitted under applicable laws.

14. Third-Party Services and External Links

The website may contain links to external services or platforms. These third parties operate independently under their own policies, and we are not responsible for their practices.

15. Changes to This Policy

This Privacy Policy may be updated periodically to reflect changes in legal requirements, technology, or publishing practices. Updated versions will be published with a revised effective date.