Talabre Privacy Policy

Last Updated: May 1, 2025

At Talabre, affiliated with Editorial Talabre, we protect the privacy of our users (researchers, academics, students, communities, institutions) in compliance with international regulations such as the General Data Protection Regulation (GDPR), the Lei Geral de Proteção de Dados (LGPD), the Health Insurance Portability and Accountability Act (HIPAA), and security standards like ISO 27001, ISO 27002, ISO 27017, ISO 27018, and ISO 27005. This policy explains how we collect, use, protect, and share your data on www.talabre.com, ensuring ethical compliance with FAIR, DORA, CARE, Open Science, CC Licenses, COAR, ORCID, and Dublin Core.

What Data Do We Collect?

We collect the following data when you use our platform:

• Identification Data: Name, email address, ORCID iD (optional for Basic Certificate, mandatory for Standard, Advanced, Elite), and institutional affiliation (if applicable).
• Resource Metadata: Title, keywords, abstract, resource type (dataset, presentation, PDF), and license (e.g., CC BY), structured with Dublin Core and DataCite.
• Sensitive Data: Protected Health Information (PHI) or Personally Identifiable Information (PII) in datasets, only if uploaded, protected under HIPAA, GDPR, and LGPD.
• Usage Data: Technical information (anonymized IP, browser, device) and activity (pages visited, form interactions, reports via www.talabre.com/complaints), collected via cookies (see Cookie Policy).
• Report Data: Information provided in the reporting form (optional name and email, description, evidence), processed confidentially.

How Do We Use Your Data?

We use your data to:

• Provide Services: Manage the upload, storage, certification (Basic, Standard, Advanced, Elite), and publication of scientific resources, generating DOIs and linking to ORCID.
• Initial Advisory: Offer support from the drafting or design stage, aligned with FAIR, CARE, Open Science, and regulations.
• Regulatory Compliance: Validate resources for compliance with GDPR, LGPD, HIPAA, ISO 27001/27002/27017/27018/27005, using BAA/DPA agreements with covered entities and providers (e.g., AWS).
• Platform Improvement: Analyze anonymized data to optimize processes and certificates, generating internal feedback.
• Handle Reports: Process submissions via www.talabre.com/complaints to ensure security and ethics.
• Communications: Send notifications about certificates, updates, or report responses (with your consent).

We do not share data with third parties without your consent, except to comply with legal requirements or with contracted providers under BAA/DPA.

How Do We Protect Your Data?

We implement security measures aligned with ISO 27001/27002/27017/27018/27005:

• Encryption: AES-256 for data at rest, HTTPS/TLS for data in transit.
• Restricted Access: Multi-factor authentication and defined roles for authorized personnel only.
• Audits: Regular reviews of cloud servers (USA, EU, Brazil, Germany).
• Incident Response: Breach notifications within 72 hours (GDPR), 60 days (HIPAA), or a reasonable timeframe (LGPD), via support@talabre.com.
• Minimization: We use ORCID iDs to reduce PII in metadata.

Your Rights

Under GDPR (Art. 15-22), LGPD (Art. 18), and HIPAA (45 CFR § 164.524), you have the right to:

• Access, correct, or delete your data.
• Restrict processing or port your data.
• Object to processing or withdraw consent.
• File a report at www.talabre.com/complaints or with authorities (e.g., EDPB, ANPD, HHS OCR).

Contact support@talabre.com to exercise your rights; we will respond within 30 days.

Data Retention

• User Data: Retained while your account is active or as required by regulations (e.g., 6 years for HIPAA).
• Metadata and Resources: Kept to fulfill DOIs and certificates, deleted upon request or after legal periods.
• Report Data: Retained for 12 months or as required by law.

Changes to This Policy

We may update this policy to reflect legal or technical changes. The latest version will be available at www.talabre.com, with notifications via email (support@talabre.com).

Contact

For privacy-related questions, contact us:

• Email: support@talabre.com
• Phone: +56 9 3529 7200 (Monday to Friday, 9:00-17:00 CLT)
• Address: Editorial Talabre, Avenida Libertad 269, Viña del Mar, Chile
• Website: www.talabre.com