The Best Standard For Data Protection
Privacy Policy & Legal Compliance
Privacy and legal compliance are top priorities at PlagScan. We only collect data for the purpose of providing PlagScan’s services to you and limit the data collection strictly to the purpose of the provided service.
We treat your documents with absolute confidentiality and will never grant access to others without your permission. You remain in full control of your personal data1 at all times and decide when and if you share or delete your data and documents. Furthermore, you can rest assured that no hidden copies of your documents are retained.
Simply put: Your uploaded PlagScan documents will never be shared with unauthorized third parties2, no matter if you are an educational, business or individual user.
How PlagScan Complies with the Principles of GDPR
The General Data Protection Regulation (GDPR) applies to all organizations that treat the personal data of European citizens, regardless of the organization’s location. The GDPR strengthens an individual’s privacy rights and regulates organizations’ practices for personal data protection by applying privacy to services, software, systems, and processes. 3
Upon registration, we collect personal data (name, email, organization type, etc.) to create an individual account and to provide you with the best possible customer service. All customer data is entirely processed in Germany and always serves a specific purpose, which we inform you about. You can update, modify or remove personal data in your PlagScan account at any time.
We process data in a “lawfully, fairly, and in a transparent manner.”
We are always upfront about the reasons we collect your data for and are transparent about how long we store, use or share it. We always ask for your consent4 prior to submitting your data and clarify why we need it or what it will be used for.
We only collect data for “specified, explicit and legitimate purposes.”
We limit the collection of data to specific purposes and never ask you to submit data that is not necessary for the use of our service. We always explain why the data is needed for the usage of our service and give legitimate reasons for the necessity of data submission.
As we serve a global community of educational, business and individual users, we regularly verify our data processing practices to comply with the highest security standards. We also comply with the GDPR’s restriction of data processing that limits the processing of stored data if not necessary for the initial service provided by us.
Our data processing is “limited to what is necessary” for the purpose.
We only collect the minimum amount of data needed for the reason we are collecting it for and only use this data for its intended purpose. Therefore, we limit the collected data to its processing needs, which adhere to the performance needs of the terms of service – no additional data will ever be collected by PlagScan. Once we complete the processing need, we also terminate the storage of the data to minimize all data storage – not keeping it longer than necessary.
Our data is “processed in a manner that ensures appropriate security.”
We treat all data with absolute integrity and confidentiality. Our encrypted connection (256-bit SSL) ensures best security practices and transmits all data in a protected environment via HTTPS protocol. As a website, PlagScan.com is based on a CMS. However, to ensure your security, the log-in customer area is developed in classic HTML, ruling out any code gaps or security loopholes to protect our system.
Your data is fully protected and never given to third parties or used for targeted advertising. Data sharing with third parties only occur, if you give explicit consent to the action and if these parties have agreed to PlagScan’s data security policies. You will always remain to be the only person authorized to permit document access permission to others.
You are required to use a password to access and manage your personal data within PlagScan. We ask you to treat your password confidential and never share it with anyone you don’t trust. We cannot guarantee your data’s security from unauthorized third parties if your password has been shared.
If you delete a document for any reason, (for instance, because you have finished working on your plagiarism report) it will be completely removed from our servers.
Depending on the user type (individual, educational institution, business) PlagScan selects a default setting that either deletes documents after a certain period of time or, if your organization chooses to do so, archives documents for future collusion checks. In either case, users can change the default settings to a preferred deletion regulation. Only the administrator of the account can determine the policies for available user choices and default settings.
We never claim ownership rights for any customer data. Whoever submits documents to PlagScan, lawfully retains the copyright of their content. Upon your consent, we store a copy of submitted documents in our Plagiarism Prevention Pool (PPP) to compare them with future submissions only until the user keeps the document in their account. As soon as a document is deleted, it is also removed from the PPP. If you participate in this internal database archive to provide your documents as an anonymous source of comparisons for others, you maintain the full copyright or license.
Note: Even as part of the PPP your text, as in full-text, can still only be viewed if you explicitly allow it. If not granted permission, PlagScan only displays snippets of three words around the matched text.
Technology Made in Germany
PlagScan’s headquarters are located in Germany, where we also host our servers and perform our core software development. As a German-based company, we comply 100% with the Bundesdatenschutzgesetz BDSG (Federal German Data Protection Act) and strive to safeguard copyright.
In particular, we have implemented the data security concept and added a separate data processing agreement following the guidelines of BDSG.
Further Questions or Concerns?
Please do not hesitate to contact our team if you have questions or concerns regarding our privacy and data security policy. We are happy to clarify all data security matters to you, whether you are a student, educator or any other type of user.
If you are an organizational user, you can also find more information regarding data security in our subscription terms here. For more information on our overall terms of service, click here.
Definitions
According to https://gdpr-info.eu/art-4-gdpr/
[1] Personal data refers to “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”
[2] A third party is defined as „a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.”
[3] The term ‘processing’ refers to “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.”
[4] Consent is “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.”