The Data DeepDyve Collects and How It Is Used
When users sign up for the DeepDyve platform, we collect information such as email address, credit card info, and other optional contact information. This is used as unique login information for users, to send transactional emails about usage, and also to send occasional newsletters about features and other DeepDyve information. Users may choose to opt-out of receiving non-transactional emails at any time.
We also collect information about what users search for and read. We share reading data in an aggregated and anonymized fashion with our publisher partners so they know what content is being read, while search data is used internally for analytical purposes and to improve the product. We also use this information to provide recommendations and journal alerts to our users.
DeepDyve, the GDPR, and the CCPA
The GDPR (General Data Protection Regulation) is a European data protection law that went into effect in April of 2018, and it directs how EU citizens’ personal data should be collected, processed, and stored. The CCPA (California Consumer Privacy Act) is a state regulation similar to the GDPR that went into effect in 2020. As with the GDPR, it provides users with the ability to control what data is collected about them and to see the data and have it deleted upon request. If you’d noticed that every website you visit now has a notice about cookies on the bottom, that’s the CCPA.
DeepDyve is happy to let our users review their collected data as required by these laws, and we can also provide them an export of usage and other info and delete it upon request.
DeepDyve & SOC 2
SOC 2 is an auditing process that ensures all data handled within our own system or transferred to third party business providers (to handle payments, for example) are secure. DeepDyve is currently completing our SOC 2 compliance review, and we expect to have it done by July of 2022.