Your privacy is critically important to us. At NetGalley, we have a few fundamental principles:
- We are thoughtful about the personal information we ask you to provide and the personal information that we collect about you through the operation of our services.
- We store personal information for only as long as we have a reason to keep it.
- We aim to make it as simple as possible for you to control what information in your account is shared publicly (or kept private), indexed by search engines, and permanently deleted.
- We aim for full transparency on how we gather, use, and share your personal information.
Name of the controller:
NetGalley LLC (Limited Liability Company)
Chief Executive Officer:
Francis P. Toolan, Jr.
Address of the controller:
NetGalley LLC (Limited Liability Company)
44 Merrimac St. Newburyport, MA 01950
Data Protection Officer (shown below as “DPO”) under the EU GDPR:
consileo GmbH & Co. KG
Purpose and data minimisation
NetGalley is an innovative and easy-to-use online service and connection point for book publishers, reviewers, media, librarians, booksellers, bloggers and educators. We offer digital galleys, often called advance reading copies, or ARCs, to professional readers and helps promote new and upcoming titles. We collect and use your personal only within the framework of the European Union General Data Protection Regulation (EU GDPR) and the legislation of the United Kingdom related to data protection.
What This Policy Covers
Below we explain how we collect, use, and share information about you, along with the choices that you have with respect to that information.
Information We Collect
We only collect information about you if we have a reason to do so–for example, to provide our Services, to communicate with you, or to make our Services better.
We collect information in three ways: if and when you provide information to us, automatically through operating our services, and from outside sources. Let’s go over the information that we collect.
Information You Provide to Us
It’s probably no surprise that we collect information that you provide to us. The amount and type of information depends on the context and how we use the information.
- Basic Account Information: We ask for basic information from you in order to set up your account. This information includes personal data such as your first and last name, organisation, email address, birthday, your home country.
- A Note about Children: NetGalley is not intended for Children (anyone under 18 years of age). That is why we collect your birthday. If you are under 18 years of age, we ask that you delete your account, or contact us to do so.
- Public Profile Information: You may provide us with more information–like your biography, your photo, or certain preferences and affiliations–but we don’t require that information to create your account. If you have an account with us, we collect the information that you provide for your public profile. Your public profile is just that–public–so please keep that in mind when deciding what information you would like to include.
If you have an account with us, you can choose not to provide the optional account information, and profile information. Please keep in mind that if you do not provide this information, certain features of our Services–for example, your ability to request books–may not be accessible.
- Content Information: Depending on the Services you use, you may also provide us with information about you in the draft and published content of your reviews and feedback. This might be obvious to you…but it’s not to everyone!
- Communications with Us: You may also provide us information when you respond to surveys or communicate with our concierge staff about a support question.
Information We Collect Automatically
We also collect some information automatically:
- Log Information: Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. We store this data separately other data you enter when you use our Services. This information cannot be connected to a specific person. It will be analysed for statistical purposes and subsequently be deleted. We collect log information when you use our Services–for example, when you request a book from a publisher on NetGalley.
- Usage Information: We collect information about your usage of our Services. For example, we collect information about the actions that site administrators and members perform on a site–in other words, who did what, when and to what thing on a site. We also collect information about what happens when you use our Services (e.g., page views, support document searches, etc.) along with information about your device (e.g., mobile screen size, name of cellular network, and mobile device manufacturer). We use this information to, for example, provide our Services to you, as well as get insights on how people use our Services, so we can make our Services better.
- Location Information: We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Services from certain geographic regions.
- A Note about Spyware: NetGalley LLC does not install spyware on your computer. Nor does it use spyware to retrieve information from your computer.
Information We Collect from Other Sources
We may also get information about you from other sources. For example, if you create or log into your NetGalley account through another service (like Google) or if you connect your website or account to a social media service (like Twitter), we will receive information from that service (such as your username, basic profile information, and friends list) via the authorisation procedures used by that service. The information we receive depends on which services you authorise and any options that are available.
We may also get information from third party services about individuals who are not yet our members (…but we hope will be!), which we may use, for example, for marketing and advertising purposes.
Data subjects and categories
Data subjects include clients, website users, suppliers and business partners as well as staff members. Data categories include first and last name, and if necessary, your address, IP and payment details.
How We Use Information
We use information about you as mentioned above and as follows:
- To provide our Services–for example, to set up and maintain your account;
- To supply Publishers-so that they may process your requests for their books
- To further develop our Services–for example by adding new features that we think our members will enjoy or will help them to create and manage their accounts more efficiently;
- To monitor and analyse trends and better understand how members interact with our Services, which helps us improve our Services and make them easier to use;
- To monitor and protect the security of our Services, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of NetGalley and others;
- To communicate with you about offers and promotions offered by NetGalley and others we think will be of interest to you, solicit your feedback, or keep you up to date on NetGalley and our products; and
- To personalise your experience using our Services, provide content recommendations and serve relevant advertisements.
Data protection declaration for the use of Google Analytics as a web analysis tool
This website uses Google Analytics, a web analysis service of Google Inc. (“Google”, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The information about your visit produced by cookies are transmitted to a Google Server in the United States and stored there. In case of IP-anonymisation on our website, your IP address is shorted by Google within EU members States or other contracting States of the European Economic Area prior to transmission.
In exceptional cases, the full IP address is transmitted to a Google Server in the US and shorted there. Google will use this information to assess your use of the website, compile reports on website activities and render other services connected to website and internet use. The IP address transmitted by your browser within the service of google Analytics will not be connected to other Google data.
You can prevent the collection and processing of the data generated by this cookie and related to your use of the website to and by Google by downloading and installing the browser plugin available via this link: http://tools.google.com/dlpage/gaoptout?hl=en
How We Share Information
We do not sell our members’ private personal information.
We share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy. In all cases below, we only share the minimum information necessary. For example, we won’t share your username, or password, or your personal Kindle email address with a Third Party Vendor, or Publisher.
- Third Party Vendors: We may share information about you with third party vendors who need to know information about you in order to provide their services to us. This group includes vendors that help us provide our Services to you (like bulk email service providers) and those that help us understand and enhance our Services (like analytics providers). We require vendors to agree to privacy commitments in order to share information with them.
- Publishers: We will share information about you to the book publishers who approve or deny requests you make of them. We require that our publisher customers treat your personal information as confidential.
- As Required by Law: We may disclose information about you in response to a subpoena, court order, or other governmental request. For more information on how we respond to requests for information about NetGalley members, please see our Legal Guidelines.
- To Protect Rights and Property: We may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of NetGalley, third parties, or the public at large. For example, if we have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay.
- With Your Consent: We may share and disclose information with your consent or at your direction. For example, we may share your information with third parties with which you authorise us to do so, such as the social media services that you connect to your site through our social sharing feature (see below).
- Aggregated and De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
- Published Support Requests: And if you send us a request (for example, via a support email or one of our feedback mechanisms), we reserve the right to publish that request in order to help us clarify or respond to your request or to help us support other members.
Information Shared Publicly
Information that you choose to make public is–you guessed it–disclosed publicly. That means, of course, that information like your public profile, reviews, other content that you make public on the NetGalley website, and your “likes” and comments on other websites that use our Services, are all available to others–and we hope you get a lot of views! We provide a “Firehose” stream of public data (like reviews) from sites that use our Services to provide that data to subscribers, who may view and analyse and republish the content. Public information may also be indexed by search engines or used by third parties. Please keep all of this in mind when deciding what you would like to share.
Use of Social Plugins
We’re using so-called Social Plugins (Plugins) in order to participate in social networks with social media content:
Our website integrates plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. You will recognize the Facebook plugins from the Facebook Logo or the “Like button” or maybe even content about our Facebook presence on the right side of our website. You may find an overview on Facebook plugins here: http://developers.facebook.com/docs/plugins.
This website also uses Twitter plugins. These are operated by Twitter Inc. (795 Folsom St., Suite 600, San Francisco, CA 94107, USA). When you’re visiting a site using such a plugin, which you may recognize from the Twitter bird, the logo or embedded tweets, a direct connection is made via the plugin between your browser and the Twitter servers. We don’t have any influence on the nature and extent of data the plugin transmits to the Twitter servers. According to Twitter, only your IP address is collected and stored. You can find more information on the use of personal data by Twitter here: https://twitter.com/privacy?lang=en
While no online service is 100% secure, we work very hard to protect information about you against unauthorised access, use, alteration, or destruction, and take reasonable measures to do so.
Under the EU GDPR and at any time, you have the right to address the controller or our DPO (see above) and request information on how your data is process. You also have a right to rectification of your data. Or you can have the processing restricted, meaning a right to have processing limited to parts of your data. At any time, you may object to the processing of your personal data. When you do so, we will check whether there are any conflicting legal transmitting and processing obligations and inform you accordingly. You also have a right to data portability, meaning that we hand over your data in a structured, commonly used and machine-readable format determined by us upon your request.
In addition, if you feel that we do not treat your personal data properly and as laid out in this Policy, you have a right to complain to the supervisory authority responsible for your country.
When you’ve given your consent to the processing of your data you may, of course, revoke your consent at any time.
If you receive advertisement from us, you also have a right to object at any time so that we stop sending you ads.
Other Things You Should Know (Keep Reading!)
Transferring Information to other countries
NetGalley is a worldwide service. By accessing or using the Services or otherwise providing information to us, you consent to the processing, transfer, and storage of information in and to the U.S. and other countries, which may have rights and protections that are different from those in your home country.
What if you decide to Leave Us?
If you decide that it is time for you to leave our services, there are tools in the application that allow you to delete your account. If you have a problem with this, please don’t hesitate to contact our DPO. According to the EU GDPR, you have a right to be forgotten.
Once you leave, we will after a period of 60 days, eliminate any reference to your name or other personal details. We will also eliminate the link between your identity and any System Activity Data. We will hold on to your System Activity Data indefinitely. System Activity Data, are site statistics such as your requests, downloads, and feedback. This data (without anything that links back to you), are necessary elements in the ongoing operations of the service.