Simon Fraser University Library acts as the organizational and administrative agency for PKP Publishing Services. Consequently, PKP Publishing Services complies with all relevant SFU policies associated with data privacy, including compliance with the British Columbia Freedom of Information and Protection of Privacy Act (FIPPA).
Eu General Data Protection Regulation (GDPR): For PKP Publishing Services Clients who need information on complying with the EU GDPR, see PKP’s GDPR Guidebook for PKP Users.
PKP Services has taken the necessary steps to address its regulatory requirements (such as those imposed by the General Data Protection Regulation (EU 2016/679), Article 28 where Customer data includes the personal data of residents of the European Union). PKP Services is committed to:
- Only providing the Services documented and agreed to under this agreement, and any other Supplemental Services agreed to in writing by the parties;
- Ensuring all PKP Services personnel, Data Service Providers/Data Subcontractors commit to respecting confidentiality through written agreements;
- Implementing appropriate technical and organizational security safeguards to protect Customer data from accidental loss, theft, destruction or damage in respect of its own internal systems and processes used to provide the Services;
- Requiring that its Data Service Providers/Data Subcontractors implement appropriate technical and organizational security safeguards to protect Customer data;
- Insofar as possible, assisting the Customer in meeting any legal obligations to respond to a request of an individual who is exercising their rights when personal data of the individual is under the Customer’s control;
- Inform the Customer of a security incident if known to PKP Services that may affect Customer data within 24 hours of discovery of the incident, if the incident could result in a data breach that may pose a real risk of harm to individuals; and
- Remove and permanently delete any data stored on its systems or servers upon termination of this Agreement, with the exception of residual copies of Customer data that may temporarily remain in back-ups of PKP Services’s servers. Where the Customer requests a copy of such data prior to termination, and where the Services provided permit recovery of such data, PKP Services will use reasonable efforts to provide the Customer with a copy of such data, subject to the Customer’s payment of any reasonable fees quoted by PKP Services in association with the Customer’s request.