Effective: December 11, 2018
This Privacy Notice (“Notice”) describes how Clarivate Analytics (“Clarivate”, “we”, “us” and “our”) collect, use, share, secure, and eventually dispose of (collectively “process”) your personal data. Personal data is any information that does, or could, identify you. Your rights over your personal data are set out in Section 10 – Your Rights and Choices.
This Notice applies to personal data collected by our websites, apps, and products (collectively “services”), and in the course of routine offline business contact with you.
This Notice is addressed primarily to our customers, service users (including visitors to our sites and trial users), sales prospects and individuals whose professional data is included in our services.
2. About Clarivate Analytics
Clarivate provides solutions for the discovery, protection and commercialization of ideas through curated content and unique tools. We offer a broad range of services in different areas such as scientific and academic research, life sciences, patent research, intelligence & services, trademark research & protection, industry codes and standards and domain & brand protection. Our domain & brand protection business has a separate privacy statement that you can read here.
Clarivate is made up of a number of different legal entities, which together form the Clarivate group. To find out more about which legal entity makes decisions about the way other personal data is treated, please contact firstname.lastname@example.org.
3. Changes to this notice
We will update this Notice from time to time and will communicate material changes to you through an appropriate channel (for example, by e-mail or via a notice on our website and in our services).
4. Personal data collected
Sources of personal data
We collect personal data directly from you:
- When you use our services, e.g. when you purchase or have access to our products, we will collect the professional profile details and other information that you choose to enter into our products. We will also store your log-in credentials to our products.
- When you interact with us, e.g. when you fill in a form online, we collect the information that you include in those forms or when you seek help with technical issues, you may share information about your devices with us, such as their operating system and installed programs.
- Through cookies and similar technologies included on our services, e.g. when you access our products, we collect device and usage information your usage of our products. For more information on how we use standard technologies, like web server logs and cookies and web beacons, please click here.
We also collect personal data about you from third parties:
- The organization(s) to which you belong or person(s) who have arranged your access to our products and services, e.g. your employer or the institution you’re affiliated with may provide us with contact information so that we can set up your login.
- Our partners and service providers, e.g. technology providers in connection to your use of our services.
- Publicly available sources like academic publications, patent offices, and regulatory agencies, e.g. if you are an academic author or researcher, a patent holder, or clinical trials investigator, your professional data such as your name, work contact details, and specialization may be included in our services. If you have questions about this use of your data, contact us at email@example.com.
- Other public or paid-for sources, e.g. we may acquire marketing lists from third parties to identify prospects for our services (see Section 10 – Your Rights and Choices for information on managing your marketing preferences).
Types of personal data we collect
How you interact with us, and the different products and services we offer, or that you are identified in connection with, determines what personal data we collect about you.
The personal data we collect may consist of the following:
- Name and contact details, e.g. name, e-mail address, postal address, telephone number.
- Log-in Credentials, e.g. security and credentialing information required to access our services.
- User inputted content, e.g. content you provide to us when you use our products and services (for instance, if you contact our customer service team or any information you choose to include about yourself in our products).
- Device information, e.g. information about your computer or other device, such as IP address, location or provider.
- Usage information, e.g. information about your use of our services, such as date and time of visits, the pages viewed, time spent at one of our websites.
- Purchase history, e.g. purchases you have made, when your subscriptions expire or renew.
- Demographic information, e.g. your country and preferred language.
- Billing information, e.g. credit card number and payment details if you make a payment through our services.
Sensitive personal data. We do not process personal data about race or ethnicity; political opinions, or religious or philosophical beliefs; trade union membership; or genetic, biometric, health, or sex-life information (“special categories of personal data” as defined by the European Union General Data Protection Regulation) unless you provide or indicate such information in a user-controlled area of our services, for example a professional profile. We may occasionally collect personal data that are subject to enhanced security requirements, such as requiring a credit card or government-issued ID to complete a transaction you have requested.
5. Purposes of processing
This section sets out the purposes for which we use your personal data. Your relationship with Clarivate will determine which purposes apply to you.
We are required by law in Europe to explain this Notice the legal grounds on which we rely to process your personal data. Generally, we process your personal data when:
- It is necessary to perform contractual obligations to you: e.g. if you have a contract with us, we process your personal data to perform that contract (i.e. provide you with products and services).
- It is necessary for our or a third parties’ legitimate interests: details of those legitimate interests are set out below.
- Where you give us your consent: we collect consent in only limited circumstances, e.g. in certain circumstances for marketing purposes.
- It is necessary to comply with a legal or regulatory obligation, e.g. to respond to a court order or a regulator.
Our legitimate interests
Our legitimate interests in processing your personal data are mainly customer and product administration, provision and improvement of our services, protection of legal rights and marketing. More detailed information about these legitimate interests is set out below.
- Customer and product administration: to provide you with our services and information you requested, create product accounts, provide user and technical support, enforce our terms of business, report product usage information to our customers, report to our content and technology providers, contact you about renewal of your subscriptions, and other related administrative tasks.
- Product personalization: to deliver personalized functionality in our services, for instance we may retain your browsing and usage information to make your searches within our services more relevant. We also analyze product usage information to understand which content and tools are most useful for our users and to allow us to deliver and suggest tailored content, features and other Clarivate services and products that we believe may interest you.
- Product analysis and development: to analyze the functionalities we offer and to improve the design and content of our services (including sharing your personal data across our services allowing us to make all our services more intuitive and user-friendly) we may use information collected on our services, usually in aggregated form. This helps us to better understand your use of our services and to enhance your enjoyment and experience. We may also provide information about your use of the services to a third party who has made the services available to you (for instance, your employer).
- Marketing: to send you marketing messages for Clarivate products that may interest you (see Section 10 – Your Rights and Choices for information on managing your marketing preferences). We do not disclose your contact information to third parties for their marketing purposes.
- Product content: to organize and include information in our services we use publicly available sources to collect data. We may also use personal data which you choose to make available in our services for peer connection and related collaboration.
- Security: to protect the security of our IT systems, architecture and networks as well as to prevent misuses of our services.
- Legal rights: to exercise our rights, and to defend ourselves from claims and to comply with laws and regulations that apply to our group or third parties with whom we work.
- Business restructuring or similar transactions: to participate in, or be the subject of, any sale, merger, acquisition, restructure, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock.
6. Recipients of the data
Your personal data will, depending on the purposes of processing, be disclosed to different individuals and organizations, including:
- Employees and contractors of the Clarivate group whose roles require access to your data. Our personnel are bound to confidentiality terms which cover their obligations to protect personal data.
- The account administrator or the person providing you access to our services, in the case of corporate subscriptions.
- Service providers who process personal data on our behalf (“processors”); for example Cloud computing providers and web analytics services like Google Analytics and credit card payment processors. Such vendors are contractually bound to protect your data to the same standard as set out in this Notice and, in the case of credit card payment processors, to meet the Payment Card Industry Data Security Standard (PCI DSS).
- Professional advisors such as legal counsel and information security professionals where reasonably required to protect our rights, users, systems and our services.
- Prospective and actual buyers, sellers, advisers or partners in relation to any sale merger, acquisition, or similar corporate event involving Clarivate.
- Government agencies, law enforcement, courts and other public authorities where we have a duty to disclose your personal data by law.
- Subscribers to our services. If your personal data is collected from public sources for inclusion in our product databases and any personal data you choose to provide to us for display in our services (for example, in profiles and when using online forums), your personal data will be accessed by users of our services.
- Other third parties you have asked us to share information with, e.g. if you upload information into a public platform or forum that is publicly accessible.
7. Data security
Clarivate maintains appropriate administrative, technical, and physical security measures to protect your personal data from accidental loss and unauthorized access or use. These measures include encryption, firewalls, roles-based data access, intrusion-detection software, and physical access controls to data centers. However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will never occur.
8. Data retention
We store your personal data throughout the period of your relationship with us and retain it for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying legal, accounting, or reporting obligations or to resolve disputes. For more information on how long we store your data, please contact us at firstname.lastname@example.org.
9. International transfer
Clarivate is a global business, and your data will be transferred to countries with different privacy and data protection laws than your own, including to countries, such as the United States.
We protect our transfers from the European Economic Area with approved legal safeguards that may include: (1) the existence of a European Commission adequacy decision (covering, for example, transfers to Canada, New Zealand, and Switzerland); (2) Clarivate’s Intra-Group Agreement incorporating Standard Contractual Clauses approved by the European Commission; (3) Standard Contractual Clauses and other contract terms executed between Clarivate and a third-party data processor; (4) a third-party processor’s participation in the EU-U.S. Privacy Shield; or (5) the existence of Binding Corporate Rules or other certification mechanism approved by the European Union.
10. Your rights and choices
You may at any time ask for access to the data that we hold about you, and request its correction or erasure, or that we cease to process it (see Section 13 — Contact Us). For further information on European data protection rights, including your right to lodge a complaint with your supervisory authority, and your right to withdraw your consent to the processing of your data, visit our European Data Protection Rights page.
Within some of our services, you can make privacy-related choices such as deciding how much information you may wish to make available to others or whether you wish to be contacted for a specific purpose.
Marketing: We may send you marketing communications, for example event invitations, white papers, and information about our services that may interest you. We will obtain your prior consent to do this when your local law requires it.
You can opt out of our marketing communications at any time – all Clarivate marketing e-mails contain an “unsubscribe” or “manage my preferences” link. If you have questions regarding our use of your information for marketing purposes, please contact the Clarivate Marketing Team.
Our services may contain links to third party sites. Please be aware that Clarivate is not responsible for the privacy practices of any third-party sites. Therefore, we encourage you to read the privacy statement of each and every site that you use that collects personal data about you.
12. Further privacy information relating to our products
This Notice only relates to our processing of personal data where we make decisions about how data is treated (Clarivate as a controller).
Some of our customers may enter your personal data into our services or provide us with your personal data in order for us process such data on their behalf. We do not make decisions about how your personal data is processed in those instances (Clarivate as a processor). To find out more about how these customers treat your personal data, you should refer to their own privacy notices to you. Please contact us at email@example.com if you would like more information about how we process personal data as a processor.
Where we need to give you additional information about how your personal information is used in relation to specific Services we will provide separate or additional privacy notices.
13. Contact us
160 Blackfriars Road
London SE1 8EZ