Data Safety

Effective Date : 20 July 2025
Last Updated : 19 February 2026

At PeerSubmit, data security and confidentiality are core to our platform. We implement industry-standard technical and organizational safeguards to protect personal data, submission content, and event-related information processed through our Services.

1. Hosting Infrastructure

PeerSubmit is hosted on secure cloud infrastructure provided by Amazon Web Services (AWS).

  • Primary hosting region: United States (US region)
  • High-availability cloud architecture
  • Scalable infrastructure with redundancy
  • Network-level security controls

2. Data Encryption

  • Encryption in transit using SSL/TLS (HTTPS)
  • Encryption at rest using industry-standard encryption mechanisms
  • Secure storage of authentication credentials

3. Access Controls

  • Role-Based Access Control (RBAC)
  • Segregated access levels for authors, reviewers, chairs, and administrators
  • Secure authentication mechanisms
  • Monitoring and logging of administrative actions

4. Application Security

  • Input validation and sanitization
  • Protection against common web vulnerabilities
  • Secure API endpoints
  • Regular platform updates and security improvements

5. Backup & Disaster Recovery

  • Regular automated backups
  • Secure backup storage
  • Disaster recovery procedures in place to restore service availability

6. Data Confidentiality

We implement measures to preserve the confidentiality of conference submissions and peer reviews, including support for double-blind review workflows.

Access to personal data is restricted to authorized personnel who require such access to provide Services.

7. Subprocessors

PeerSubmit may engage trusted third-party service providers to support infrastructure and payment processing, including:

  • Amazon Web Services (cloud hosting)
  • Stripe or PayPal (payment processing)

These providers operate under their own security and compliance frameworks.

8. Data Retention & Deletion

Personal data is retained for the duration of the active conference license and as required for operational or legal purposes.

Event organizers may request export and deletion of event-related data upon completion of the conference.

9. Security Incident Response

In the event of a data security incident affecting personal data, PeerSubmit will take prompt corrective action and notify the affected client without undue delay.

10. Continuous Improvement

We continuously evaluate and improve our security practices to align with evolving industry standards and regulatory expectations.