GDPR Privacy Statement

Finance, Accounting and Business Analysis (FABA) is committed to protecting the privacy and personal data of authors, reviewers, editors, and readers in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable national data protection laws.

This statement applies to all personal data collected through the journal’s website and editorial management system (Open Journal Systems – OJS).

  1. Data Controller

The Data Controller responsible for personal data processing is:

[Publisher Name]
[Institution Address]
[Country]
Official contact email: [journal email]

  1. Categories of Personal Data Collected

The journal may collect and process:

• names;
• email addresses;
• institutional affiliations;
• ORCID identifiers;
• reviewer activity data;
• correspondence related to manuscript processing;
• technical usage data (IP address, system logs).

No sensitive personal data is intentionally collected unless voluntarily provided.

  1. Purpose of Data Processing

Personal data are processed exclusively for:

• manuscript submission and peer review management;
• editorial communication;
• publication of accepted articles;
• indexing and metadata registration (e.g., Crossref);
• compliance with ethical and legal requirements.

Data are not used for marketing purposes.

  1. Legal Basis for Processing

Processing is based on:

• consent provided at account registration;
• contractual necessity for manuscript processing;
• legitimate interest in scholarly publishing operations;
• legal obligations under academic publishing standards.

  1. Data Sharing

Personal data may be shared with:

• editorial board members;
• peer reviewers (as required by the review model);
• indexing services (e.g., Crossref);
• hosting service providers.

Data are not sold or transferred to third parties for commercial purposes.

  1. Data Retention

Personal data are retained:

• for as long as necessary to maintain the scholarly record;
• to ensure citation integrity and editorial traceability;
• in accordance with archival and preservation policies.

Users may request account deletion; however, published author metadata cannot be removed from the scholarly record.

  1. Data Security

The journal implements:

• secure hosting infrastructure;
• password-protected accounts;
• encrypted data transmission (HTTPS);
• regular system updates and backups.

  1. User Rights under GDPR

Individuals have the right to:

• access their personal data;
• request correction of inaccurate data;
• request restriction of processing;
• request data portability;
• lodge a complaint with a supervisory authority.

Requests should be directed to the official journal contact email.

  1. Cookies and Technical Data

The journal platform (OJS) may use cookies necessary for:

• session management;
• user authentication;
• platform functionality.

No profiling or tracking cookies are used for advertising.

  1. Changes to This Statement

The journal reserves the right to update this Privacy Statement. Updates will be published on this page with an indicated revision date.