arXiv Privacy Policy
The following privacy notice describes what information we collect from you when you visit arXiv.org and how we use this information. Please read this privacy notice carefully so that you understand our privacy practices.
Effective Date of Privacy Notice
The privacy notice was last revised on 2024-12-12.
Introduction
arXiv, a service of Cornell University, creates, hosts, and permanently preserves a free, open-access archive of scholarly articles in specific fields of research. Articles posted to arXiv are made publicly available for review and use by the academic community, and beyond. Articles hosted on arXiv are assigned Digital Object Identifiers (DOIs), are indexed in third-party search engines, and may be cited in other works. In addition, arXiv takes steps to ensure research integrity and originality of submitted content. Therefore, each version of a paper (including rejected papers) is considered a permanent part of the scientific record and may not be removed.
Consistent with arXiv’s purpose and mission, when you choose to submit an article to arXiv, you acknowledge and agree that it is worthy of archival preservation as described herein, has lasting value for research as well as for understanding current and historical trends, and that the article, including the names and affiliations of authors and co-authors, if provided, and the submitter’s email address will be permanently preserved online for the purpose of fulfilling arXiv’s legitimate interests in archiving, research, and statistical recordkeeping in the public interest. In doing so, we make reasonable efforts, taking into account the content and condition of the material, to avoid putting personal information online that may cause damage or distress to living individuals.
The following privacy notice describes the Personal Data we collect from you when you visit arXiv.org and how we use this information. For the purposes of this notice, Personal Data is defined as information relating to an identified or identifiable individual; an identifiable individual is one who can be identified, directly or indirectly, by use of any identifier or characteristic specific to that individual. Please read this privacy notice carefully so that you understand our privacy practices. For additional information concerning Cornell University’s privacy practices, please visit the University Privacy website. We reserve the right to change this policy at any time to reflect changes in the law, our data collection and use practices, the features of our services, or advances in technology. Please check this page periodically for changes. Your continued use of arXiv following the posting of changes to this policy will be deemed to mean you understand the applicability of those changes.
Types of Personal Data arXiv May Collect About You
When you use our site to access our online content, create a user account, upload material to our website, submit feedback or initiate a help request, contribute to our mission by donating to arXiv, participate in our webinars, or sign up to receive arXiv news or participate in other activities sponsored or hosted by arXiv, we collect personal information about you, as described below.
We may collect the following information based on how you engage with arXiv:
-
Browsing of the website by unregistered users – IP address, pathways navigated through the website, type of internet browser used. We do not make any attempt to identify you from the information collected.
-
Registered users – name, email address, ORCID, past email addresses, affiliation, country, additional contact information and/or online identifiers. We may also request a record of affiliation and publication record. Information associated with your user account can be viewed on your user dashboard. When registered users take actions such as initiating submissions or making ownership requests, arXiv will collect their IP address.
-
Users who submit articles – author names, author affiliations, submitter email address, and submitter IP address. Note: Users who submit articles or other content to arXiv must ensure that they have the right to distribute the work and that inclusion of the article in arXiv does not violate the rights of any person or entity, including privacy rights, or the submission may be removed.
-
Users who submit feedback or help requests – name, email address, and information pertaining to operating environment.
-
Donors – name, address, email address, institutional affiliation (if provided), and financial information to enable the processing of the donation. This information is processed in accordance with Cornell’s University Privacy Statement.
-
Email subscribers – arXiv maintains mailing lists for those who subscribe to notifications concerning papers posted on arXiv, information about arXiv (for example, our blog updates), and other such communication, for which we will collect your email address.
-
Participants in public events arXiv may host – contact information for those who sign up for forums, conferences, or webinars we host.
How arXiv May Use Your Personal Data
arXiv uses the Personal Data collected for the following purposes:
-
Scholarly paper and article submission, hosting, and archiving – In the content submission and moderation process we link user accounts, authorship, and submitted content to track and process submissions, as follows:
- Article metadata provided by submitter, including author list, author affiliation (if provided), and submitter name is displayed with the article posting, email announcement of articles, and bulk metadata access via API.
- Users who submit articles or other content to arXiv must ensure that they have the right to distribute the work and that inclusion of the article in arXiv does not violate the rights of any person or entity, including privacy rights, or the submission may be removed.
- The email address that was used to upload each submission is viewable by registered arXiv users to give users the ability to send feedback on papers to the submitter and to help users contact eligible arXiv endorsers in order to make their own submissions.
- For more information, see Submission Guidelines, Author Registration, arXiv Submittal Agreement, and arXiv Moderation.
-
Improving user experience on the arXiv website – When you select certain preferences, we may store information to remember your choices while using the site (see the "Collection of Cookies and Use of Other Technologies” section of this document).
-
Providing user support – Users have the option to provide name, email, and information about their current operating environment, and this information will be used in the process of providing user support.
-
Safety and security – We verify accounts and activity, monitor for suspicious or fraudulent activity and identify violations of service policies.
-
Sending email announcements – Users who subscribe to receive daily email announcements of arXiv papers provide arXiv with their email address and full name and indicate the archive whose listings they want to receive. For more information see Email subscriptions for new papers.
-
Fundraising – Should you decide to donate to arXiv through the Donate page, you will be directed to Cornell University’s giving website and the information you provide will be used to process your donation in accordance with Cornell’s Information Use at Cornell statement.
-
Providing member institution information – For users who visit arXiv from the IP address range of an arXiv member institution, you will see the institution acknowledged on the arXiv.org website. arXiv member institutions also receive anonymous statistics on usage from within their IP address range.
-
Conducting research in the public interest – Certain information we gather, including your IP address, information about your browser, the date and time of your visit, the referer field (if present), your personal preferences, and the pages on our website that you accessed, may be used for secondary research purposes, including to allow and facilitate individuals to perform research in the public interest, and activities related to such research. For example, we count the overall visits per hour and per day and display this information on our usage stats page. When using information for research purposes, we will put in place reasonable physical, technical, and administrative safeguards designed to prevent unauthorized disclosure of your information.
-
Testing – We collect a variety of types of information for user testing purposes such as: your name, email, country, primary research field, and your opinions on various aspects of the website. This information helps us improve the functionality of arXiv for more people and across geographic areas.
Collection of Cookies and Use of Other Technologies
arXiv may gather information to track user trends and site usage with the goal of improving our website users’ experience and optimizing our website. We also use the information to administer the website and prevent abuse.
Cookies – Like most other website operators, we may collect Personal Data via cookies and similar technologies. Cookies are small text files stored on your computer and accessible only to the websites that create them. They are stored locally by the browser you are using. If you switch browsers, or use a different computer, your cookies will not follow you.
arXiv uses cookies to save preferences you may have chosen for your use of arXiv. This includes, but is not limited to:
-
That you have dismissed a banner we have shown you.
-
The Labs integrations you want to see on each abstract page.
-
Whether you want MathJax to be used when rendering article abstracts.
-
Search preferences, such as the sort order of the results.
Cookies are also used when you log in to your arXiv account, in order to store your user identification and session authentication information.
We do not use cookies to track your use of arXiv. Our website may use cookies to keep you logged into secure areas of the website and/or to keep track of your preferences as you interact with certain services. It is not necessary to use/permit cookies to read articles on arXiv.org; if you do not wish to permit cookies, you can modify the settings in your web browser, but you will not be able to login or set preferences.
For more information about cookies on arXiv, see: https://arxiv.org/cookies.
Social media – If you share our content through social media, those social networks will record that you have done so and may set a cookie for this purpose. If you wish to opt-out of any of these social interactions, please refer to the specific social media platform for instructions on how to do so.
External websites – From time to time, we will link to external websites that we neither own nor control. Cornell University is not responsible for the content, privacy practices, or web accessibility needs on these websites.
Contributions to the arXiv website, including article submissions and metadata, may contain links as well. We are not responsible for the content, privacy practices, or web accessibility needs on these websites.
How We Share and Disclose Personal Data
Information we gather may be shared with service providers we use to support the infrastructure, submission, moderation, and archival requirements of arXiv, and, subject to appropriate safeguards, with researchers conducting research in the public interest. However, we will not sell this data to third parties.
Service providers – Provide the following services which require the sharing of Personal Data:
-
Server, database, and web hosting infrastructure
-
Customer relationship management
-
Customer support and feedback
-
Text analysis of submissions
-
Email communications
-
Donation processing
Moderators – As part of the article submission and moderation process, arXiv moderators can view the author list, submitter name, submitter email, and, if the submitter was endorsed by another user, moderators can view the name of the endorser.
Trusted Partners – We share anonymized data with trusted partners (for example, NASA Astrophysics Data System) for use in search and discovery tools.
Researchers – In such cases, your information will be handled and processed only by persons who are responsible for the necessary activities for the research study, which may include Cornell, its employees, and its Office of Sponsored Programs & Research Development; research collaborators; funding agencies; and sponsors, as well as external researchers unaffiliated with Cornell.
Legal and contract enforcement – We may disclose your personal information to legal or government regulatory authorities as required by applicable law. We may also disclose your Personal Data to third parties in connection with claims, disputes, or litigation, or when we believe, in good faith, that such release is reasonably necessary to:
-
Comply with applicable law;
-
Enforce or apply the terms of any of our user agreements;
-
Protect the rights, property, or safety and security of Cornell University, arXiv, our users, or others; or
-
Enforce our legal rights or contractual commitments that you have made.
Public – Users with registered arXiv accounts can view the email address that was used to upload each submission to arXiv. Please see the email protection page for more information.
The metadata for arXiv articles is freely accessible and available to any third-party use under a Creative Commons CC0 1.0 Universal Public Domain Dedication.
How We Protect and Store Your Personal Data
No method of transmitting over the internet or storing electronic data is 100% secure, but arXiv follows standard practices to protect against the loss, misuse, or alteration of the information that is under our control.
Choices You May Have
Fundraising emails – Donors to arXiv may receive future fundraising emails from Cornell University. Those emails contain a link at the bottom of the email to unsubscribe.
Membership emails – arXiv members will receive annual update emails and direct correspondence relating to membership. Those emails contain a link at the bottom of the email to unsubscribe.
Opt in and event emails – Users who opt in to receive general information about arXiv or who register for arXiv events will receive emails from arXiv updating them on our activities. Those emails contain a link at the bottom of the email to unsubscribe.
Additional Privacy Disclosures for Individuals Located Outside of the United States
These supplemental disclosures (“Disclosures”) provide additional information concerning arXiv’s collection and use of data about individuals located in a Relevant Country (as defined below). These Disclosures apply to In-Scope Processing by any means, including hard copy and electronic means.
For purposes of these Disclosures,
-
“Relevant Law” means any non-U.S. jurisdiction’s Personal Data protection law that applies to the processing of Personal Data by arXiv.
-
“Relevant Country” means a country which has enacted a Relevant Law.
-
“In-scope Processing” means the collection, use, handling, processing, or sharing of Personal Data by arXiv when those activities are within the scope of any Relevant Law.
Where the words “we,” “us,” or “our” are used in these Disclosures, they shall refer to arXiv.
Please note that these Disclosures apply only to In-scope Processing, and that, depending on the situation, some of arXiv’s activities described above may, in the given case, not constitute In-scope Processing as that term is used in these Disclosures.
Please carefully read and understand these Disclosures before using our services and contact us using the details at the bottom of these Disclosures if you have any questions or concerns about the manner in which your Personal Data is processed.
Legal Bases for Processing
The bases arXiv relies on for processing your Personal Data are set forth below. Please note that we may process your Personal Data for more than one legal basis, depending on the specific purpose for which we are using each element of data.
-
Legitimate interest – We have a legitimate interest in processing Personal Data contained in article submissions, and of site visitors and submitters, to carry out our archiving, research and educational mission, vision, and values; provide you with core archival, research and educational services in the public interest, including the dissemination of, and open access to, scholarly articles in specific fields of research; implement our policies and procedures; and meet our community’s expectations. We also have legitimate interests in processing your Personal Data for providing access to our site, testing and improving site functionality and user experiences on our site, providing user support, and maintaining safety and security on our site.
-
Contract – We need your Personal Data to provide you with our services and respond to your inquiries.
-
Legal – We may have a legal obligation to handle your Personal Data when necessary to comply with applicable law, or to enforce legal rights or contractual commitments you have made, or terms of use to which you have agreed.
-
Public interest – We may handle your Personal Data when necessary to protect the rights, property, or safety and security of Cornell University, arXiv, our users, or others.
-
Your consent, in limited circumstances where other bases are not recognized. Generally, we do not rely on consent as a legal basis for processing your Personal Data, unless it is specifically required by your jurisdiction, such as for sending fundraising, marketing, or other optional communications or for collecting special category or sensitive information on an optional basis for research purposes. When we process your Personal Data on the basis of consent, you are able to remove your consent at any time. You can do this by contacting: [privacy@arxiv.org].
We will retain your Personal Data for as long as needed to meet these objectives and to ensure compliance with our legal obligations.
Location of Processing and International Data Transfers
Cornell University is located in the United States and is subject to U.S. and New York law, which may not provide the same level of protection as the laws in your jurisdiction. If you use arXiv, you understand and agree that you will be transmitting your Personal Data to personnel in the United States and your data generally will be hosted on U.S. servers, and might be transmitted to or accessed from the United States or other jurisdictions outside of the Relevant Country when necessary for business or other valid purposes, and you consent to the transfer of such data to the U.S. for processing by us in accordance with this Privacy Policy.
Rights You May Have and How to Exercise Them
Upon your reasonable and good faith request, we will provide you with information about whether we hold any of your Personal Data as part of our In-scope Processing, to the extent required and in accordance with Relevant Law. In certain cases, you may also have a right under Relevant Law, with respect to your Personal Data collected and used in our In-scope Processing, to:
-
obtain a copy of your Personal Data in an easily accessible format;
-
request that we correct or update any of your Personal Data that is inaccurate;
-
restrict or limit the ways in which we use your Personal Data;
-
object to the processing of your Personal Data;
-
request the deletion of your Personal Data; and
-
request that we transmit your Personal Data to another party.
If you wish to exercise your rights or have other questions or concerns related to your rights under Relevant Law, please fill out a data privacy Request Form. To avoid taking action regarding your Personal Data at the direction of someone other than you, we may ask you for information verifying your identity.
If our In-scope Processing as to your Personal Data is solely based on your consent, in certain cases you may also have the right under a Relevant Law to withdraw your consent to our processing. If you withdraw your consent to the use or sharing of your Personal Data for the purposes set out in these Disclosures, or otherwise limit our use of your Personal Data or request its deletion, we may no longer be able to provide you some or all of the related services.
Please note that, in certain cases, we may continue to process your Personal Data after you have withdrawn consent or requested that we delete your Personal Data, if we have a legal basis to do so. For example, we may retain certain data if we need to do so to comply with an independent legal obligation, if we still need the data for the lawful purposes for which we obtained the data, or if it is necessary to do so to pursue our legitimate interest in conducting research in the public interest, subject to appropriate privacy safeguards.
If you have any complaints regarding our privacy practices, please contact us at Contact Us | University Privacy (cornell.edu). If you are not satisfied with our response, you also may be able to make a complaint to your national data protection authority, supervisory authority, or other legal authority to the extent such authority has jurisdiction over the processing at issue.
Contacts
For questions about arXiv privacy policies or technical support, please contact arXiv User Support.
If you have general questions about Cornell University privacy practices, please visit https://privacy.cornell.edu or use the Contact Us form.