We collect the following data:
- The ID number the journal has given a submission
- The receiving journal for the submission
- The submission title
- The name of the corresponding author on the submission
- The answers to each question in a CREST_Triage report
- The name of the person completing the report
- The email address of the person completing the report
(6) and (7) we collect when you set up a user account. The reasons you need an account are so you can (a) save your progress mid-way through a triage assessment (very useful, otherwise a computer crash or whatever will set you back to square one), and (b) so you can access all your current and old reports to review at your leisure. We won't use your personal data to email you anything other than your triage reports.
We collect (1), (2), (3) and (4) to create an identification record for a submission which should be more-or-less unique. This means that a report about a submission can reliably be associated with a real-world manuscript, not just whatever functions as a submission in our database. While this information makes identifiable the person who is the corresponding author for a submission, we believe this is fair use of data under GDPR — researchers put titles and their names to submissions in order for them to be identifiable as their work.
We collect (5) because we need to send you the triage report you completed, so it has to be stored at least temporarily. The reason we store the data after you have saved your report is so (a) you can retrieve it later, and (b) the data can later be used to find out more about how useful the CREST_Triage tool is, where submitting authors might struggle with SR processes, how editors judge the acceptability of SR methods, and so forth. This data is physically secure in a data centre and encrypted in transit using standard SSL security (which is why you can see a little padlock in the URL bar of your browser). You can't use CREST_Triage unless you are happy with us storing your triage reports.
The data in the CREST_Triage database will be a valuable research resource. It will allow analysis of editorial handling and decision-making practices which has not previously been achievable, and will give insight into the challenges which submitting SR authors have in relation to meeting journal standards.
For example, we used the data from the beta version of CREST_Triage to plan a workshop at ISEE 2019. The workshop specifically targeted the development of researcher capacity in objective formulation, search strategies, risk of bias assessment, and certainty assessment.
When it comes to using the data for research, it may be necessary to share the data with third-party researchers. If we do share your data with other researchers, it will be in accordance with the relevant ethical standards. We keep the data safe and secure; research projects using the data are welcome but would need ethics clearance. (Any user can of course access their own data from the system.)
While we keep very little information about you worth stealing, it is possible that one day things go horribly wrong and we are victim to an attack which defeats our extremely high-level security protecting your password (a hashed and salted version of your password is stored that is almost unbreakable). Therefore, even though this is only a small, special-purpose site, please do not use a password which is the same for any other account you own.