Because Scribo handles manuscript-related personal data inside a role-based product, GDPR responsibilities should be expressed in practical terms: who can access what, why that access exists, and how rights requests can be understood.
People using Scribo should be able to understand what personal data is involved, request access to relevant information, and raise correction or deletion questions where that is appropriate within the surrounding editorial and contractual context.
Different parts of the workflow may involve authors, publisher teams, and reviewers under different legal and operational relationships. Scribo’s role-based model exists in part to keep those access boundaries explicit rather than implied.
Privacy and GDPR requests should be evaluated with the full manuscript workflow in view, including the need to preserve legitimate editorial records. Use the public contact routes to begin that conversation from the right context.