Privacy Policy

How we collect, use, and protect your information on MedicalWhitePapers. Last updated: August 26, 2025

Jump to Your Rights Terms of Service

1. Who we are (Controller)

MedicalWhitePapers (“we”, “us”) provides a curated library of medical white papers. We act as a data controller for account, payments and site analytics. For support, email privacy@medicalwhitepapers.org or use our Contact page.

2. Data we collect

  • Account & submissions: name, email, role, institution, specialty, country, white paper metadata, uploaded files (PDF).
  • Transactions: payment status and references (processed by third parties; we don’t store full card data).
  • Site activity: page views, clicks, referrers, device & approximate location (via IP).
  • Communications: messages you send via forms or email.

3. How we use data

  • Operate the site, publish submissions, and provide support.
  • Process payments for paid uploads.
  • Improve quality and detect abuse or spam.
  • Send important notices (policy updates, receipts). Marketing emails only with consent; you can opt out any time.

5. Cookies & analytics

We use essential cookies for authentication and basic functionality. With your consent, we may use analytics to measure usage and improve features.

You can change preferences anytime:
CategoryExamplesPurpose
Necessarysession, csrf_tokenKeep you logged in; protect forms.
Analytics (optional)page_view, eventsUnderstand usage and performance.
Functional (optional)remember_prefsSave UI preferences.
Marketing (optional)campaign_idMeasure sponsored content performance.

We respect your browser’s “Do Not Track” where practical.

6. Payments

Paid submissions are processed by third-party providers (e.g., Stripe/PayPal). We receive confirmation and partial details (e.g., last 4 digits, transaction ID) but not full card numbers.

7. Sharing & processors

We share data with vendors who help us operate the service. They process data under our instructions.

ProcessorPurposeDataRetention
Payment processorPaymentsContact, transactionPer legal requirements
Cloud hostingInfrastructureAll stored dataWhile hosted with us
Analytics provider (optional)Usage metricsEvents, device, IP6–24 months
Email serviceTransactional emailsName, emailWhile account active

8. Retention

  • Account & submissions: while your account is active, then for a reasonable period for audit/legal.
  • Messages & support: typically 24 months.
  • Analytics: typically 6–24 months (if enabled).
  • We may anonymize or aggregate data for long-term statistics.

9. Security

  • Transport encryption (HTTPS), access controls, and audit logs.
  • Least-privilege access for staff; regular updates and backups.
  • Report a security issue: security@medicalwhitepapers.org.

10. International transfers

Your data may be processed in countries other than yours. Where required, we use appropriate safeguards (e.g., standard contractual clauses).

11. Children

The service is not directed to children under 16. If you believe a child provided data, contact us to remove it.

12. Your rights

  • Access and portability (copy/export).
  • Rectification (correct your data).
  • Deletion (subject to legal limits).
  • Restriction or objection to certain processing.
  • Withdraw consent (where processing is based on consent).
  • Complain to your local supervisory authority.

To exercise rights, use the Data Request form below or email privacy@medicalwhitepapers.org.

13. Changes to this policy

We may update this policy to reflect changes in our practices. We’ll update the “Last updated” date and, where appropriate, provide additional notice.

14. Contact

Data protection contact / DPO: privacy@medicalwhitepapers.org. You can also use our Contact page.

15. Data Request (DSAR)

Use this form to request access/export, rectification, deletion, or to object to processing. We may ask for verification to protect your account.

Need help?