We are committed to safeguarding your privacy. If you feel we need to change something please contact us with your feedback.

One of our guiding principles is to use open source tools and technologies. That extends to how we communicate with you and we endeavor to use systems we think we can trust not to misuse our—or your—data.

Browsing this website

We are trying to strike a balance between understanding what content people appreciate most (and least) on our site, and ensuring your information remains as private as possible. We therefore decided to use Matomo which is an open source analytics program that respects user privacy. We look at page views, referrers, geographies, exit pages, and try to discern patterns in what content most used. Matomo does not hold onto your data.

Subscribing to our updates

If you sign up for news and updates, the information you provide will be stored in our email service called Act-On. We will email you once a month with a newsletter containing recent blog posts and product and service information. You won’t be added to other mailing lists unless you ask. If you later decide you do not want to receive these communications, we put opt-out links on all our emails. If you just want alerts of new blogs, please use RSS.

Joining as a member

If you sign up to become a member of Crossref, we add you as an ‘inactive’ account in our Customer Relationship Management (CRM) system, SugarCRM. Once your account is approved, and when you’ve signed your contract and paid your first year’s membership fee, we set your account to ‘active’. When you sign up we ask for a Primary contact (previously “business” contact) plus contacts for: billing, voting, technical, and metadata quality. The billing contact receives the invoices for annual membership fees and quarterly Content Registration fees. The voting contact receives the annual board election notices and votes on behalf of the member organization. The Primary contact agrees to the terms and receives regular service and product information. The technical contact may be your chosen agent to deposit metadata with us. And the metadata quality contact is the one we send reports to about metadata errors and would be the one to fix them.

Over time we might ask to be in touch with additional people at your organization, such as editors, product managers, production staff, and other interested colleagues. We will ask upfront for your consent and it is always possible to opt-out later if you change your mind.

Depending on the type of account, you may receive a series of on-boarding emails that provide information about how to get started with your participation in Crossref. We will also email you with significant news as and when things change, services are improved, or new services are introduced. We may also invite you to participate in research or surveys.

Using our metadata services

We offer both members and non-members a range of services to access metadata. In some cases, the provided metadata may include data (or metadata derived from data) that originated from sources other than our members (“third-party sources”). We will take steps to inform all users of our metadata retrieval services about any third-party sources for the metadata. If the third-party source requires it, we will also provide their privacy policies or usage restrictions. We respect the terms and conditions, including the privacy policies, of the third-party sources and we expect the users of our metadata services to do so as well.

If you identify yourself in API queries (our ‘Polite’ or ‘Plus’ API pools), we will not under any circumstances store or use your email for any other purpose than technical troubleshooting and only if absolutely necessary. You may choose to use our ‘Public’ API which won’t identify you at all. More information can be found in the etiquette section of our REST API documentation.

Asking for support

If you ask for support and raise a ticket with our support team, the information to send will be stored in our ticketing system, Zendesk. We don’t use your contact information for anything other than resolving your support ticket, and any logins or private details provided during a support conversation are secure.

Comments on our blog and community forum

Conversations among the Crossref community can be made on our discussion forum at which uses Discourse. Discourse is an open source platform that asks people for minimal information such as your name, alias (name you wish to display), and your email address. We may use your email address to answer your questions and feedback, but we do not store it in our email database so you won’t receive newsletters and other emails unless you specifically sign up. Discourse is the tool enabled for blog comments too.


Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. Like many sites, we use “cookies” to collect basic information in order to allow us to serve you better and improve your experience while visiting our website. Cookies are not used to retain personal data. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

Email privacy

We categorically do not under any circumstances—however persuasive—sell or rent email addresses with parties outside of Crossref. On rare occasions—and only where it prevents you from using a service you’ve signed up for—we may need to provide a contact email address to a supplier or partner in order for you to receive important information or technical support.

Retaining your information

We will keep your information as long as it is necessary to fulfill the purpose for which you gave us the information. We may delete your personal information if the information is incomplete or inaccurate. We may also keep personal information where it is necessary to comply with legal obligations, resolve disputes, and comply with or enforce agreements. While there is not a specific length of time for which we may keep your information, we keep it only as long as we have a permissible purpose for processing it.

Our website may contain links to some other sites. We can’t be responsible for the privacy policies and content of these other sites, nor whether they’ve maintained the links persistently. If you tell us that some links might be questionable, we will look into removing the link.


Crossref has taken steps to ensure that personal information collected is secure. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.


We will not share your personal information with third parties, except as we describe in this policy or as separately authorized by you. We may share some of your information with companies that perform support services to us, such as accounting or legal firms, firms that provide data hosting or database management services, and other technical support. These third parties are required to maintain the confidentiality of your personal information and to use your personal information only in providing services to us. In rare circumstances, your personal information may be disclosed to third parties to comply with applicable laws and regulations. Any other disclosure of your personal information will only be made following your express consent.

Crossref is registered in the United States. Wherever you are located, any of the data you provide to Crossref may be transferred to the United States, where data protection and privacy laws may be different, and less rigorous, than the laws in your country.

Accessing, correcting, and removing information

Unless there is an exemption or other applicable law, you have the right to withdraw your consent to us processing your personal data, including the transfer of that information to the United States. You also have a right to request copies of your personal data and request that we correct any information that is inaccurate or out of date, or to ask that it be erased where it is no longer necessary for us to have the data. Where your data has been provided to us by another organization, such as a publisher, you should contact that organization in the first instance. If you have provided your information directly to us, or if you have any other questions about this notice or want additional information, you should contact us directly.

Changes to this privacy policy

This privacy policy is effective as of May 2018 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

We reserve the right to update or change our privacy policy at any time and you should check back periodically.

Please email us with any questions about privacy.

Page owner: Ginny Hendricks   |   Last updated 2018-May-24