19 May 2012 - 27 Jan 2022
This privacy statement describes how ITHAKA collects and uses the personal information you provide on our websites: www.ithaka.org
, and www.portico.org
The Information ITHAKA Collects
The personal information that ITHAKA collects will depend on how you are using ITHAKA Websites.
- To enable your access to the JSTOR and Portico services through your library or institution, we may collect information concerning the institution’s internet protocol address, your username and password, or other authentication methods, such as Shibboleth.
- To facilitate your order through the Publisher Sales Service (a service through the JSTOR archive that facilitates the purchase of articles from publishers), JPASS, the Journals Hosting Program, and Individual Access, as well as your purchase of ITHAKA and its services’ brand merchandise, we may collect your name, postal address, email address and transactional information. We collect but do not store your credit card details through a third party service provider.
- In connection with your creation of a MyJSTOR and/or a JSTOR Global Plants MyPLANTS (“MyPlants”) account, we collect your name, email address, username, and password, as well as other information you may provide.
- We also may collect certain non-personally identifiable information, such as the type of browser you are using (e.g., Firefox, Internet Explorer), the type of operating system you are using (e.g., Windows or Mac), and the domain name of your Internet service provider.
- We may collect personally identifiable information through correspondence you send to us through optional surveys we may post on ITHAKA Websites, and in connection with statements you may post on any ITHAKA-related page on social networking sites.
However, unless you provide us or organizations with which we conduct business with personally identifiable information, you remain anonymous to us other than by association with an internet protocol address or other authentication mechanism.
ITHAKA does not knowingly collect personally identifiable information from anyone under the age of 16. If it is discovered that we have collected PII from someone under 16 we promptly will delete that information.
Data Integrity; Use of the Information
We use the personal information collected in ways that are compatible with the purposes for which it was intended to be used: to enable your use of ITHAKA Websites and ITHAKA’s services; to facilitate JPASS and the Publisher Sales Service; to create your MYJSTOR and/or a MyPlants account; to facilitate your purchase of ITHAKA-branded merchandise; to respond to your inquiries; for system administration, customer support, and troubleshooting purposes; for new product announcements and product updates; for service announcements; for sending newsletters; to improve the design of ITHAKA Websites; to enable us to enforce our JSTOR Terms and Conditions of Use and the Portico Terms and Conditions of Use; and in aggregate form, to track and analyze site usage. Further, in connection with postings you may make that are available to the general public on any ITHAKA-related page on social networking sites, including but not limited to statements made on the JSTOR page on Facebook and on Twitter, we may use your name, statement, comment, and affiliation in conference presentations, ITHAKA’s (including JSTOR’s and Portico’s’) newsletters, and marketing and announcement materials. ITHAKA will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current. If you wish to opt out of our use of your personally identifiable information see the “Your Consent; Opting out” section below.
or in the European Union http://www.youronlinechoices.eu/
Other Tracking Technologies and Automated-Decision Making Practices
As with most web sites, ITHAKA gathers certain information automatically and stores it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We link this automatically collected data to other information we collect about you.
Through this policy, we will notify individuals of any automated-decision making practices we may engage in regarding PII, including the logic involved and the significance of the decision as well as the consequences for you. We also will ensure that you may opt out of such automated-decision making practices.
Onward Transfer of Information
ITHAKA may work with other organizations that provide specific services for us, such as credit card processing. We will provide only the personal information necessary for the third party to provide these services for us. These organizations may not use personal information except for the purpose of providing these services.
ITHAKA does not sell or share personal information about or the purchasing history of individual users, except as set forth above and in the following circumstances:
- In certain situations, ITHAKA may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. If required to do so by law or if we believe in good faith that such action is necessary to comply with the law or a legal proceeding such as to comply to a subpoena, bankruptcy proceedings or similar legal process; to protect against violations of our Terms and Conditions of Use; or to protect and defend our rights and property or the rights and property of rights holders whose content is made available through ITHAKA Websites; with service providers with whom we have entered into agreements to assist us with our business operations;
- If ITHAKA is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information;
In addition, ITHAKA shares general usage data in aggregated form so that no personal information is identifiable to participating institutions, content providers, researchers, and the general public. ITHAKA will provide you all of your retained personal information provided at registration (where applicable) on request.
Your Consent; Opting Out
By using ITHAKA Websites, you consent to the collection and use, in accordance with this policy, of the information you provide to us. We will remove you and your personally identifiable information from our records or refrain from using your personally identifiable information in connection with certain services on request if you contact us with your request at firstname.lastname@example.org
. Please note that this may prevent you from accessing ITHAKA’s services, including JSTOR, MyJSTOR, and the Publisher Sales Service.
You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or you can contact us at email@example.com
We protect your personal information from unauthorized access and disclosure through the use of passwords, physical security measures, managerial measures, and (in connection with credit card information for order sales through JPASS, the Publisher Sales Service, Journals Hosting Program, Individual Access, and for purchase of ITHAKA and its services’ brand merchandise) encryption through our third party service providers. We nonetheless recognize that third parties may obtain access to information through unlawful actions, and thus do not promise that your information always will remain private, despite our efforts and the importance we place on maintaining your privacy. In addition, we do not claim any responsibility for information collected by or from websites linking to or from ITHAKA Websites.
In the event that we discover or are notified of a security breach where personal information is at risk, we will notify you electronically if we have your email address. If you do not wish to be notified via email in the event of a breach, please contact us at firstname.lastname@example.org
Access, Erasure, and Correction
Upon request ITHAKA will provide you with information about whether we hold any of your personal information. If you would like to review, delete or update your information, you may contact us using the contact information below. We will permit you to correct, amend, or delete information that is demonstrated to be inaccurate. We will respond to your request within a reasonable timeframe. Please note, because of the way we maintain certain services, after you delete or amend your information, residual copies may take a period of time before they are deleted from our active servers and may remain in our backup systems.
You will need to provide sufficient identifying information, such as your name and email address and possible additional identifying information as a security precaution.
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at email@example.com
. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We display personal testimonials of satisfied customers on our website in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at firstname.lastname@example.org
Enforcement and Dispute Resolution
If you have an unresolved privacy or data concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request
. In addition, European Union data subjects may seek an administrative or judicial remedy or to lodge a complaint with a supervisory authority, in particular in the member state of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the GDPR. Information on how to file such a complaint is available here http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
As a not-for-profit organization, we are not subject to the jurisdiction of the United States Federal Trade Commission, which oversees the implementation of the Privacy Shield Principles; however, we agree to adhere to the Privacy Shield Principles in recognition of their importance in ensuring the protection of user information.
Or by mail at
℅ Olga Susuni
2 Rector Street, 18th Floor
New York, New York 10006
Last updated on August 14, 2018