Effective: 16 December 2019
This Privacy Notice (“Notice”) describes how Clarivate Analytics (“Clarivate”, “we”, “us” and “our”) collect, use, share, secure, and eventually dispose of (collectively “process”) your personal data. Personal data is any information that does, or could, identify you. Your rights over your personal data are set out in Section 10 – Your Rights and Choices.
This Notice applies to personal data collected by our websites, apps, and products (collectively “services”), and in the course of routine offline business contact with you.
This Notice is addressed primarily to our customers, service users (including visitors to our sites and trial users), sales prospects and individuals whose professional data is included in our services.
2. About Clarivate Analytics
Clarivate provides solutions for the discovery, protection and commercialization of ideas through curated content and unique tools. Our brands include CompuMark, Cortellis, Derwent, MarkMonitor, Techstreet and Web of Science Group. Our MarkMonitor brand has a separate privacy statement that you can read here.
Clarivate is made up of a number of different legal entities, which together form the Clarivate group. To find out more about which legal entity makes decisions about the way other personal data is treated, please contact email@example.com.
3. Changes to this notice
We will update this Notice from time to time and will communicate material changes to you through an appropriate channel (for example, by e-mail or via a notice on our website and in our services).
4. Personal data collected
Sources of personal data
We collect personal data directly from you:
- When you use our services, e.g. when you purchase or have access to our services, we may collect your professional profile details. We may also collect and other information that you choose to enter into our services. We will also store your log-in credentials to our services.
- When you interact with us, e.g. when you fill in a form online, we collect the information that you include in those forms or when you seek help with technical issues, you may share information about your devices with us, such as their operating system and installed programs.
- Through cookies and similar technologies included in our services, e.g. when you access our services, we collect device and information relating to your usage of our services. For more information on how we use standard technologies, like web server logs, cookies and web beacons, please click here.
We also collect personal data about you from third parties:
- The organization(s) to which you belong or person(s) who have arranged your access to our services, e.g. your employer or the institution you are affiliated with may provide us with contact information so that we can set up your login.
- Our partners and service providers, g. technology providers in connection with your use of our services.
- Publicly available sources like academic publications, patent offices, and regulatory agencies, e.g. if you are an academic author or researcher, a patent holder, clinical trials investigator or are otherwise an author of, or contributor to, reports, analysis, articles or other materials available in the public domain, your professional data such as your name, work contact details, and specialization may be included as content in our services. If you have questions about this use of your data, contact us at firstname.lastname@example.org.
- Other public or paid-for sources, e.g. we may acquire marketing lists from third parties to identify prospects for our services (see Section 10 – Your Rights and Choices for information on managing your marketing preferences).
Types of personal data we collect
How you interact with us and the different services that we offer determine what personal data we collect about you.
The personal data we collect may consist of the following:
- Name and contact details, e.g. name, e-mail address, postal address, telephone number
- Log-in Credentials, e.g. security and credentialing information required to access our services
- User inputted content, e.g. content you provide to us when you use our services (for instance, if you contact our customer service team or any information you choose to include about yourself in our services)
- Device related information, e.g. information about your computer or other device, such as IP address, location or provider
- Usage information, e.g. information about your use of our services, such as date and time of visits, the pages viewed, time spent at one of our websites.
- Purchase history, e.g. purchases you have made, when your subscriptions expire or renew
- Demographic information, e.g. your country and preferred language
- Billing information, e.g. credit card number and payment details if you make a payment through our services.
Sensitive personal data. We do not knowingly or intentionally process personal data about race or ethnicity; political opinions, or religious or philosophical beliefs; trade union membership; or genetic, biometric, health, or sex-life information (“special categories of personal data” as defined by the European Union General Data Protection Regulation) unless you actively provide or indicate such information in a user-controlled area of our services, for example a professional profile. We may occasionally collect personal data that are subject to enhanced security requirements, such as requiring a credit card or government-issued ID to complete a transaction you have requested.
5. Purposes of processing
Your relationship with Clarivate will determine which purposes apply to you. This section sets out the purposes for which we may use your personal data.
Under European privacy law we need to identify a valid reason for using your personal data – known as a “lawful basis for processing”. Generally, we will process your personal data because:
- It is necessary to perform contractual obligations to you: e.g. if you have a contract with us, we process your personal data to perform that contract (i.e. provide you with services).
- It is necessary for our legitimate interests or those of a third party: further details of those legitimate interests are set out below.
- You have given us your consent: we only ask for consent in limited circumstances, e.g. for certain types of marketing communications in particular jurisdictions.
- It is necessary to comply with a legal or regulatory obligation, e.g. to respond to a court order or a regulator.
Our legitimate interests
Our legitimate interests in processing your personal data are mainly customer and product administration, provision, improvement and development of our services, protection of legal rights and marketing. More detailed information about these legitimate interests is set out below.
- Customer and product administration: to provide you with our services and information that you requested or that you access through our services, create product accounts, provide user and technical support, enforce our terms of business, report product usage information to our customers and business partners, report to our content and technology providers, contact you about renewal of your subscriptions, and other related administrative tasks.
- Product personalization: to deliver personalized functionality in our services, for instance we may retain your browsing and usage information to make your searches within our services more relevant. We also analyze product usage information to understand which content and tools are most useful for our users and to allow us to deliver and suggest tailored content, features and other Clarivate services that we believe may interest you.
- Product analysis and development: we may use information collected on our services, usually in aggregated form, to analyze the functionalities we offer and to improve the design and content of our services (including sharing your personal data across our group which allows us to make all our services more user-friendly). We may also provide information about your use of the services to a third party who has made the services available to you (for instance, your employer) or to a business partner whose content or technology you accessed through the services.
- Marketing: to send you marketing messages for Clarivate services that may interest you (see Section 10 – Your Rights and Choices for information on managing your marketing preferences). We do not disclose your contact information to third parties for their marketing purposes.
- Product content: to organize and include information in our services we collect data from publicly available sources. We may also use personal data which you choose to make available in our services (for instance, you may wish to provide information to enable peer connection and related collaboration).
- Security: to protect the security of our IT systems, architecture and networks as well as to prevent misuses of our services.
- Legal rights: to exercise our rights and to the extent reasonably required, to assist third parties (such as your employee or our business partners) in exercising their rights, and to defend ourselves from claims and to comply with laws and regulations that apply to our group or third parties with whom we work.
- Business restructuring or similar transactions: to participate in, or be the subject of, any sale, merger, acquisition, restructure, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock.
6. Recipients of the data
Your personal data will, depending on the purposes of processing, be disclosed to different individuals and organizations, including:
- Employees and contractors of the Clarivate group whose roles require access to your data. Our personnel are bound to confidentiality terms which cover their obligations to protect personal data.
- The account administrator or the person providing you access to our services, in the case of corporate subscriptions.
- Service providers who process personal data on our behalf (“processors”); for example Cloud computing providers and web analytics services like Google Analytics and credit card payment processors. Such vendors are contractually bound to protect your data to the same standard as set out in this Notice and, in the case of credit card payment processors, to meet the Payment Card Industry Data Security Standard (PCI DSS).
- Business partners with whom we deliver co-branded services or host events; or whose content or technology we make available through our services.
- Professional advisors such as legal counsel and information security professionals where reasonably required to protect our rights, users, systems and our services.
- Prospective and actual buyers, sellers, advisers or partners in relation to any sale merger, acquisition, or similar corporate event involving Clarivate.
- Government agencies, law enforcement, courts and other public authorities where we have a duty to disclose your personal data by law.
- Subscribers to our services. If your personal data is collected from public sources for inclusion in our product databases and any personal data you choose to provide to us for display in our services (for example, in profiles and when using online forums), your personal data will be accessed by users of our services.
- Other third parties you have asked us to share information with, e.g. if you upload information into a public platform or forum that is publicly accessible.
7. Data security
Clarivate maintains appropriate administrative, technical, and physical security measures to protect your personal data from accidental loss and unauthorized access or use. These measures may include encryption, firewalls, roles-based data access, intrusion-detection software, and physical access controls to data centers. However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will never occur.
8. Data retention
We store your personal data throughout the period of your relationship with us and retain it for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying legal, accounting, or reporting obligations or to resolve disputes. For more information on how long we store your data, please contact us at email@example.com.
9. International transfer
Clarivate is a global business, and your data may be transferred to countries with different privacy and data protection laws than your own, including to countries such as the United States.
We protect our transfers from the European Economic Area with approved legal safeguards that may include: (1) the existence of a European Commission adequacy decision (covering, for example, transfers to Canada, New Zealand, and Switzerland or transfers to the United States under the EU-U.S. Privacy Shield programme); (2) Clarivate’s Intra-Group Agreement incorporating Standard Contractual Clauses approved by the European Commission; (3) Standard Contractual Clauses and other contract terms executed between Clarivate and a third-party data processor; or (4) the existence of Binding Corporate Rules or other certification mechanism approved by the European Union.
10. Your rights and choices
You may at any time ask for access to the data that we hold about you, and request its correction or erasure, or that we cease to process it (see Section 13 — Contact Us). For further information on European data protection rights, including your right to lodge a complaint with your supervisory authority, and your right to withdraw your consent to the processing of your data, visit our European Data Protection Rights page.
Within some of our services, you can make privacy-related choices such as deciding how much information you may wish to make available to others or whether you wish to be contacted for a specific purpose.
Marketing: We may send you marketing communications, for example event invitations, white papers, and information about our services that may interest you. We will obtain your prior consent to do this when local law requires it.
You can opt out of our marketing communications at any time – all Clarivate marketing e-mails contain an “unsubscribe” or “manage my preferences” link. If you have questions regarding our use of your information for marketing purposes, please contact the Clarivate Marketing Team.
Our services may contain links to third party sites. Clarivate is not responsible for the privacy practices of such third-party sites. We encourage you to read the privacy statement of each and every site that you use that collects personal data about you.
12. Further privacy information relating to our services
This Notice only relates to our processing of personal data where we make decisions about how data is treated.
Some of our customers or business partners may enter your personal data into our services, provide or have us collect your personal data in order for us process such data on their behalf. This includes but is not limited to services such as Techstreet private-label stores (i.e. online stores operated by third-party standards publishers) and ScholarOne Manuscripts. We do not make decisions about how your personal data is processed in those instances.
To find out more about how these customers and business partners treat your personal data, you should refer to their own privacy notices to you.
Where we need to give you additional information about how your personal information is used in relation to specific services, we will provide separate or additional privacy notices.
13. Contact us
160 Blackfriars Road
London SE1 8EZ