Legal

1. Who we are

TJH Media Publishing is a United States–based company and is the data controller for personal information collected through our platform. Even though we are not established in the European Union or the United Kingdom, the GDPR and the UK GDPR apply to our processing because we offer services to individuals located in those territories. Our contact email is [email protected].

We have not appointed an EU or UK representative under Article 27 of the GDPR or UK GDPR, nor a Data Protection Officer. If our processing activities later require either of these appointments, this page will be updated with their contact details. In the meantime, all data-protection inquiries should be directed to the email above.

2. The personal data we process

For the full list, see Section 2 of our Privacy Policy. In summary, we process:

• Account information (name, email, password hashed).
• Manuscripts and creative material that you submit.
• Editorial and support communications with our team.
• Payment confirmations from our payment processor (we do not retain card numbers).
• Usage analytics and device information.

3. Lawful bases for processing

We rely on the following lawful bases under Article 6 of the GDPR:

• Performance of a contract — to deliver the services you have purchased or signed up for.
• Legitimate interests — to operate, secure, and improve our platform, in a manner that does not override your rights and freedoms.
• Consent — for any optional processing such as marketing communications. You can withdraw consent at any time.
• Legal obligation — to comply with tax, accounting, anti-fraud, and similar regulatory requirements.

We do not engage in any solely automated decision-making with legal or similarly significant effect on you (the AI-assisted outputs we produce are advisory in nature and do not, by themselves, make legal or contractual decisions affecting you).

4. Your rights as a data subject

You have the following rights, subject to the limitations in applicable law:

• Right of access. You can ask us for a copy of the personal data we hold about you.
• Right to rectification. You can ask us to correct inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”). You can ask us to delete data we no longer need to process.
• Right to restriction of processing. You can ask us to limit how we use your data while a question is being investigated.
• Right to data portability. You can ask for a portable copy of data you provided to us.
• Right to object. You can object to processing based on legitimate interests, and to direct marketing.
• Right to withdraw consent. Where we rely on consent, you can withdraw it at any time without affecting earlier processing.
• Right to lodge a complaint. You can complain to a supervisory authority — see Section 8.

5. How to exercise your rights

Email [email protected] with your request and enough information for us to identify you (typically the email address linked to your account, plus a brief description of what you are asking for). We will respond within thirty days. In complex cases we may extend by up to two further months and will explain why.

We may need to verify your identity before disclosing personal data, particularly for access or deletion requests. There is no charge for a request, unless it is manifestly unfounded or excessive, in which case we may either charge a reasonable fee or refuse the request.

6. International transfers

TJH Media Publishing is based in the United States, and personal data we collect from individuals in the United Kingdom or the European Economic Area is transferred to and processed in the United States. Where personal data is transferred internationally, we rely on appropriate safeguards under applicable law, such as the EU Standard Contractual Clauses, the UK International Data Transfer Agreement and Addendum, or transfer to a country recognized as offering an adequate level of data protection. Our key service providers operate under their own UK/EU transfer mechanisms, which we make available on request.

7. Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal obligations, to resolve disputes, and to enforce our agreements. See Section 7 of our Privacy Policy for the typical retention periods.

8. Supervisory authorities

If you are in the United Kingdom, you can complain to the Information Commissioner's Office (ICO) at ico.org.uk.

If you are in the European Economic Area, you can complain to your national data-protection authority. A list is maintained by the European Data Protection Board at edpb.europa.eu.

We would, however, appreciate the chance to address your concerns first — please contact us at [email protected].

9. Special categories of data

We do not deliberately collect special category data (such as health, race, religion, sexual orientation, or biometric data). If you choose to share such information in a manuscript, we will treat it with the same care we treat the rest of your work, but we ask that you avoid sharing special category data unless it is essential to the work being submitted.

10. Security

We implement technical and organizational measures to protect personal data, including encryption in transit, encrypted storage, scoped access controls, and regular security reviews. No system can be perfectly secure, but we treat the work entrusted to us with appropriate care.

11. Children

Our services are not directed to children under sixteen. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Changes to this statement

Material changes to this GDPR Statement will be reflected by an updated “Last reviewed” date and, where appropriate, communicated by email or in-product notification.