Skip to main content

Workplace Policies

Confidentiality and data protection

Personal Data

punctum books is the data controller of personal data of the following groups:

  1. Employees
  2. Authors, editors, and other contributors to book projects
  3. Donors/Subscribers
  4. Bookstores, vendors, and other commercial partners

All personal data stored in emails, Wordpress, Nextcloud, and InvoiceNinja are stored on encrypted servers managed by Cloud68.

Employee records

Employee records for the purpose of payroll are held within Quickbooks. Banking information is only accessible to the employees themselves via their own login. Payroll management is only accessible to the co-directors. Employee records are stored on NextCloud and Bookstack and only accessible to the co-directors.

Contributor records

Personal information of authors, editors, and other contributors to book projects is provided by them throughout the book production process. At the point of manuscript submission, contributors provide their name, biography, ORCiD, and social media handles for outreach and metadata purposes.

When the book is published, contributors provide their address information for the purpose of receiving author copies. This address information is recorded within KDP, from where it is automatically deleted after some time.

When contributors order extra author copies, their address information is recorded in InvoiceNinja for the purpose of invoice generation.

Subscriber records

When new donors or subscribers decide to support punctum books, their personal and credit card are managed by Stripe, but the co-directors have access to a subset of these data via the Stripe dashboard.

There are legacy data in the Wordpress website of subscribers that supported punctum books through two different Wordpress plugins. As these subscriber resubscribe or cancel, there will be increasingly less personal data of from subscribers accessible through the Wordpress backend.

Vendor records

Bookstores, vendors, and other commercial partners of punctum may provide address information for the purposes of shipping books and invoicing. These data are stored in KDP and InvoiceNinja.

Unpublished financial information

We are transparent on a yearly basis about our finances 

Data of customers/partners/vendors

No sharing of contacts or lists

Customer lists (existing and prospective)

No sharing of lists existing aand prospective

Unpublished goals, forecasts and initiatives marked as confidential

Financial stuff is private and is encrypted 


Harassment and violence/ Workplace harassment/ Workplace violence

Use copim code of conduct procedure <https://copim.pubpub.org/pub/code-of-conduct/release/3> and Eileen will make some revisions (chain of command for complaints?) 

Workplace Safety and Health


We have to be in contact, health benefits will remain, half pay for 6 mo and we will all (everyone on payroll) revisit after 6 mo. Freelancers will be employed to make up work 


Emergency Protocols 


There will be access to a password list in worst case scenario

Back to top