top of page

Privacy Policy

  • Effective date: 27 September 2025

  • EditPi (“we”, “us”, “our”) provides professional editing and related services to authors, researchers, and organizations worldwide. We take privacy seriously and handle all personal data lawfully, fairly, and transparently.

  • 1) Who We Are (Controller Details)

  • Entity: [EditPi

  • Email: orders@editpi.com

  • Phone (optional): +91-7796480843
    For the purposes of the DPDP Act (India) and, where applicable, GDPR (EU/UK), EditPi is the data controller of your personal data collected via our website, email, forms, and during service delivery.

  • 2) What We Collect

  • We only collect data necessary to provide and improve our services.

  • A. Identification & Contact Data
    Name, affiliation, job title, email, phone, country, billing address.

  • B. Project & Content Data
    Manuscripts, figures/tables, references, cover letters, reviewer comments, grant/publisher forms, style guides, and any instructions you provide. These may incidentally include personal data about third parties (e.g., author names, acknowledgments) that you lawfully share with us.

  • C. Transaction & Billing Data
    Invoices, payment status, partial card or UPI references (processed by payment gateways), GST/VAT numbers.

  • D. Communications & Support
    Emails, messages, meeting notes, feedback, and revision requests.

  • E. Website & Device Data
    IP address, device/browser type, general location, pages viewed, session data, cookies/analytics events (see §10).

  • Special/Sensitive Data
    We do not require sensitive personal data (e.g., health, biometric, or official identifiers) for editing. Please avoid sharing it unless strictly necessary and lawful. If unavoidable, you must ensure you have a valid legal basis and appropriate notices/consents before supplying it.

  • 3) Why We Use Your Data (Purposes & Legal Bases)

  • We process personal data to:

  • Provide services & fulfill contracts (quotes, scheduling, editing, delivery, invoicing).

  • Communicate (queries, status updates, revision support).

  • Operate our business (accounting, taxation, fraud prevention, information security, quality assurance).

  • Improve services & website (analytics, troubleshooting, training staff).

  • Comply with laws (record-keeping, responding to lawful requests).

  • Marketing (light-touch, B2B) with your consent or legitimate interests; you can opt out anytime.

  • Legal bases (where relevant): performance of a contract, consent, legitimate interests, and legal obligation.

  • 4) How We Handle Your Manuscripts & Files

  • Used only to perform the requested services and quality assurance.

  • Access is limited to assigned editors/staff under confidentiality obligations.

  • We do not claim any rights over your manuscript content.

  • Unless you ask us to retain longer (e.g., for future rounds), working copies are typically stored for up to 12 months post-delivery for QA and client support, then securely deleted or archived per §8.

  • 5) Optional Use of AI/Automation Tools

  • By default, EditPi does not use generative AI tools on client manuscripts without your explicit, written opt-in.
    If you opt in:

  • We use tools that do not train on your content and apply strict access controls.

  • Any AI usage is assistive (suggestions), with a human editor responsible for all final decisions.

  • You may withdraw consent at any time; we’ll stop using AI tools for your project.

  • 6) Sharing Your Data (Processors & Recipients)

  • We do not sell your personal data. We share data only with:

  • Payment processors/gateways (e.g., Razorpay/Stripe/PayPal) to collect payments.

  • Cloud storage, email, and project tools (e.g., reputable hosting/email providers) to deliver services.

  • Accounting/tax advisors and auditors for compliance.

  • Analytics providers (see §10).

  • Law enforcement/regulators if legally required, or to protect rights, safety, or prevent fraud.

  • All vendors act under written data processing agreements and are required to implement appropriate security. A current list of key sub-processors is available on request.

  • 7) International Data Transfers

  • We are India-based but work globally. When data is transferred outside your jurisdiction, we use appropriate safeguards (e.g., contractual clauses, vendor certifications). By using our services, you acknowledge such transfers as necessary to deliver the service.

  • 8) How Long We Keep Data

  • Project files/manuscripts: up to 12 months from final delivery, unless you request a different period.

  • Client account/communication records: typically 2 years after last interaction.

  • Invoices & financial records: up to 8 years (or as required by tax law).
    We may anonymize or aggregate data for analytics and keep it longer without identifying you.

  • 9) Security

  • We use administrative, technical, and physical safeguards appropriate to the risk, including: access controls, least-privilege accounts, encrypted transit (HTTPS/TLS), reputable cloud providers, malware protection, and staff confidentiality commitments. No system is 100% secure; we continually improve controls and will notify you of material breaches as required by law.

  • 10) Cookies & Analytics

  • We use minimal cookies/analytics to run and improve our site (e.g., session management, basic usage stats).

  • You can control cookies via your browser settings.

  • If we use third-party analytics (e.g., Google Analytics or a privacy-centric alternative), we configure it to minimize personal data. Details are available on request.

  • We do not use invasive tracking (e.g., session replay) without explicit notice/consent.

  • 11) Your Rights

  • Depending on your jurisdiction, you may have rights to:

  • Access the personal data we hold about you.

  • Correct inaccurate or incomplete data.

  • Delete/erase data (subject to legal/contractual limits).

  • Restrict or object to certain processing.

  • Data portability (structured, commonly used, machine-readable format).

  • Withdraw consent where processing relies on consent.

  • Complain to a supervisory authority/regulator.

  • How to exercise: Email [support@editpi.org] with your request. We will verify your identity and respond within applicable timelines.

  • India (DPDP Act): You may escalate complaints to the Data Protection Board of India if unresolved.
    EU/UK: You may contact your local data protection authority.

  • 12) Children’s Data

  • Our services and website are not directed to children under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us for prompt deletion.

  • 13) Third-Party Links

  • Our website may link to external sites we do not control. Their privacy practices apply when you visit them.

  • 14) Marketing Preferences

  • We may send service updates or relevant, low-frequency emails (e.g., style resources, policy changes). You can unsubscribe at any time via the link in the email or by contacting us.

  • 15) Changes to This Policy

  • We may update this policy to reflect legal, technical, or business developments. We will post the new version with an updated effective date. Material changes may be notified by email or website notice.

bottom of page