DOCiD Privacy and Data Protection Policy

Effective Date: [February 1^st, 2024]

1. Introduction
The Africa PID Alliance (APA) is committed to safeguarding the privacy and data protection of individuals and entities engaging with the Digital Object Identifier Container (APA-DOCiD) ecosystem. This Privacy and Data Protection Policy outlines the information practices for the APA-DOCiD ecosystem, including the PID Generator (CORDRA), Digital Object Repository Manager (INVENIO), and DOCiD API Middleware.

2. Data Collection and Usage
2.1 PID Generator (CORDRA)
The PID Generator collects information for the generation and resolution of Persistent Identifiers (PIDs) for digital objects. Information includes object types, indigenous knowledge examples, and configurable settings. This data is used exclusively for the purpose of managing digital objects within the APA-DOCiD ecosystem.

2.2 Digital Object Repository Manager (INVENIO)
The Digital Object Repository Manager collects and updates information related to objects with persistent identifiers (DOIs). This includes object details, DOIs, and customizable search capabilities. The data is utilized for effective object management within the Digital Object Repository, aligning with the APA-DOCiD objectives.

2.3 DOCiD API Middleware
The Middleware API facilitates communication between the PID Generator and Digital Object Repository, utilizing the provided sample code. Information passed through the API includes instructions for PID generation and resolution, ensuring seamless integration between the two systems.

3. Information Security Measures
To ensure the confidentiality and integrity of the collected data, APA-DOCiD employs industry-standard security measures. This includes secure communication protocols, access controls, encryption, and regular security audits. The APA-DOCiD ecosystem is designed to prioritize the protection of user data.

4. Data Storage and Hosting
The Digital Object Repository and PID Generator adhere to specific hosting specifications to ensure optimal performance. These specifications include cloud servers, CPU, RAM, storage, load balancers, and backup storage. The APA-DOCiD ecosystem is initially hosted on servers with 8GB of memory, a 4-core CPU, and a storage capacity of 60GB, meeting the desired server specifications.

5. User Rights and Control
Users engaging with the APA-DOCiD ecosystem have the right to access, modify, and delete their data. The PID Generator and Digital Object Repository provide user-friendly interfaces for managing data related to digital objects, including PID generation and object repository operations.

6. Updates and Amendments
This Privacy and Data Protection Policy may be updated periodically to reflect changes in legal requirements or the APA-DOCiD ecosystem. Users are encouraged to review this policy regularly. Substantial changes will be communicated through appropriate channels.

7. Compliance with Regulations
APA-DOCiD complies with relevant data protection regulations, including but not limited to the General Data Protection Regulation (GDPR) and local data protection laws.
8. Support and Contact Information
For technical support and inquiries related to privacy and data protection, users can contact APA-DOCiD at [info@africapidalliance.org].

By engaging with the APA-DOCiD ecosystem, users acknowledge and agree to the terms outlined in this Privacy and Data Protection Policy.