NetGalley Privacy Policy

This is our updated Privacy Policy effective April 17, 2024.

This Privacy Policy describes the types of information NetGalley, LLC (“NetGalley”, “we”, “us” or “our”) may collect from you or that you may provide when you use our websites at www.netgalley.com, www.netgalley.co.uk, www.netgalley.fr, www.netgalley.de or www.netgalley.jp or other website or services that link to this policy and our practices for collecting, using, maintaining, protecting, and disclosing that information.

Your privacy is critically important to us. At NetGalley, we have a few fundamental principles:

• We are thoughtful about the personal information we ask you to provide and the personal information that we collect about you through the operation of our services.
• We store personal information only as long as we have a reason to keep it.
• We aim to make it as simple as possible for you to control what information in your account is shared publicly (or kept private), indexed by search engines, and permanently deleted.
• We aim for full transparency in how we gather, use, and share your personal information.

Below is NetGalley’s Privacy Policy, which incorporates and clarifies these principles.

Table of Contents

• About NetGalley and What This Privacy Policy Covers
• Information We Collect
• How We Use Information
• Disclosures of Your Information
• Age Restrictions
• European Users and the General Data Protection Regulation (GDPR)
• Security and Data Retention
• Links to Other Sites
• Other Things You Should Know
• Changes to Our Privacy Policy
• Contact Us

About NetGalley and What This Privacy Policy Covers

NetGalley is an innovative and easy-to-use online service and connection point for book publishers, reviewers, media, librarians, booksellers, bloggers, and educators. We offer digital galleys, often called advance reading copies, or ARCs, to professional readers to help promote new and upcoming titles. Throughout this Privacy Policy we’ll refer to our website (www.netgalley.com, www.netgalley.co.uk, www.netgalley.fr, www.netgalley.de, www.netgalley.jp or other website, as applicable, that links to this Privacy Policy) and our other products and services collectively as “Services.” Through our Services, we collect information from and about users of our Services, clients, suppliers and business partners.

This Privacy Policy applies to information on the nature, extent, and purpose of the personal data that we collect and use. Data is not processed for reasons other than those specified below. You can access this Privacy Policy anytime on this website.

Below we explain how we collect, use, and share information about you, along with the choices that you have with respect to that information.

Please note that this Privacy Policy does not apply to any of our products or services that have a separate Privacy Policy.

Information We Collect

We only collect information about you if we have a reason to do so–for example, to provide our Services, to communicate with you, or to make our Services better.

We collect information in three ways: (1) if and when you provide information to us, (2) automatically through operating our Services, and (3) from outside sources. Let’s go over the information that we collect.

Information You Provide to Us

It’s probably no surprise that we collect information that you provide to us. The amount and type of information depends on the context and how we use the information.

• Basic Account Information: We ask for basic information from you in order to set up your account. This information includes personal data such as your first and last name, organization, email address, your home country, etc.
• Public Profile Information: You may provide us with more information–like your biography, your photo, or certain preferences and affiliations–but we don’t require that information to create your account. If you have an account with us, we collect the information that you provide for your public profile. Your public profile is just that–public–so please keep that in mind when deciding what information you would like to include.

If you have an account with us, you can choose not to provide the optional account information and profile information. Please keep in mind that if you do not provide this information, certain features of our Services–for example, your ability to request books–may not be accessible.

• Content Information: Depending on the Services you use, you may also provide us with information about you in the draft and published content of your reviews and feedback.
• Communications with Us: You may also provide information when you respond to surveys or communicate with our staff about a support question.

Information We Collect Automatically

We also collect some information automatically:

• Log Information: Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type and version, IP address, unique device identifiers, language preference, referring site, the date and time of registration and access, operating system, and mobile network information. We collect log information when you use our Services–for example, when you request a book from a publisher on NetGalley.
• Usage and Analytics Information: We collect information about your usage of our Services. For example, we collect information about the actions that site administrators and members perform on a site–in other words, who did what, when and to what thing on a site. We also collect information about what happens when you use our Services (e.g., page views, support document searches, etc.) along with information about your device (e.g., mobile screen size, name of cellular network, and mobile device manufacturer). We may use web analytics services, such as Google Analytics and Google Tag Manager provided by Google (www.google.com), to collect this kind of website visit and usage data, including information such as IP addresses. We use this information to, for example, provide our Services to you, as well as get insights on how people use our Services, so we can make our Services better. Depending on your location, you may be able to deactivate these web analytics services through the Usercentrics (www.usercentrics.com) consent management platform we employ on the Services.
• Location Information: We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Services from certain geographic regions.
• Information from Cookies & Other Technologies: A cookie is a string of information that a website stores on a visitor’s computer or mobile device, and that the visitor’s browser provides to the website each time the visitor returns. Pixel tags (also called web beacons) are small blocks of code placed on websites and emails. NetGalley uses cookies and other technologies like pixel tags to help us identify and track visitors, usage, and access preferences for our Services, as well as track and understand email campaign effectiveness and to deliver targeted ads. At this time, our Services do not respond to “do not track” signals from browsers. However, you can usually choose to set your browser to remove or reject browser cookies before using NetGalley’s website, with the drawback that certain features of NetGalley’s website may not function properly without the aid of cookies. If you are a user of NetGalley in Europe, the current list of cookies, their purpose, storage duration and legal basis can be found in the cookie consent tool, which appears when you visit our website for the first time.
• A Note about Spyware: NetGalley does not install spyware on your computer. Nor does it use spyware to retrieve information from your computer.

Information We Collect from Other Third Party Sources

We may also get information about you from other third party sources. For example, if you create or log into your NetGalley account through another service (like Google) or if you connect your website or account to a social media platform or other service (like Twitter, LinkedIn, TikTok or Goodreads), we will receive information from that platform or service (such as your username, basic profile information, and friends list) via the authorization procedures used by that platform or service. The information we receive depends on which services you authorize and any options that are available.

We may also receive personal information from our affiliates (such as our parent companies, subsidiaries and other corporate affiliates), business partners and third party services, including information about individuals who are not yet our members, which we may use, for example, for marketing and advertising purposes.

How We Use Information

We use information about you as mentioned above and as follows:

• To provide our Services–for example, to set up and maintain your account;
• To supply publishers–so that they may process your requests for their books;
• To further develop our Services–for example by adding new features that we think our members will enjoy or will help them to create and manage their accounts more efficiently;
• To monitor and analyze trends and better understand how members interact with our Services–which helps us improve our Services and make them easier to use;
• To monitor and protect the security of our Services, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of NetGalley and others;
• To provide you notices about your account or the Services;
• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
• To notify you about changes to our Terms of Use or this Privacy Policy, or to notify you about changes to our Services or any products or services we offer or provide though the Services;
• To communicate with you about offers and promotions offered by NetGalley and others we think will be of interest to you, solicit your feedback, or keep you up to date on NetGalley and our products;
• To personalize your experience using our Services, provide content recommendations and serve relevant advertisements;
• In any other way we may describe when you provide the information; and
• For any other purpose with your consent.

We may also use your email address to contact you about our own goods and services, as well as, with your consent, third parties’ goods and services that may be of interest to you . If you do not want us to use your information in this way, please follow the instructions in the email to opt-out of receiving such communications.

If you subscribe to our newsletter and email promotions, we use your name and email address in order to send you emails with personalized information on new products, campaigns and highlights in your preferred categories. By subscribing, you confirm that in the future you wish to receive our newsletter and email promotions at the email address you have provided to us. If you are a user of our www.netgalley.fr or www.netgalley.de websites, we use the services of MailChimp from Intuit Inc., based in Mountain View, USA, to send you newsletters and email promotions. You can view Intuit’s global privacy statement, including its statement about Intuit’s compliance with the EU-U.S. Data Privacy Framework, by clicking here. If you are a user of our www.netgalley.com or www.netgalley.co.uk websites, we use the services of Salesforce Marketing Cloud from Salesforce, Inc. to send you newsletters and email promotions. You can view Salesforce, Inc.’s privacy policy by clicking here and Salesforce’s statement regarding its compliance with the EU-U.S. Data Privacy Framework and UK Extension by clicking here. If you are a user of our www.netgalley.jp website, we use the services of NEXLINK from NEXWAY Co., Ltd. to send you newsletters and email promotions. You can view NEXWAY Co., Ltd.’s privacy policy by clicking here.

If, after subscribing, you wish to unsubscribe from our email promotions, you can do this via the unsubscribe link within each email. Alternatively, you can contact us by email (support@netgalley.com) or by postal mail.

Disclosures of Your Information

How We Share Information

We do not sell any personal information. We share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy. In all cases below, we only share the minimum information necessary to serve the purpose for the disclosure.

• Employees and Independent Contractors: We may disclose information about you to our employees, and individuals who are our independent contractors that need to know the information in order to help us provide our Services or to process the information on our behalf. We ensure that our employees and independent contractors who process personal information are under confidentiality and security obligations consistent with this Privacy Policy.
• Third Party Service Providers: We may share information about you with third party service providers who need to process information about you in order to provide their services to us or to you on our behalf. This group includes service providers that help us provide our Services to you (like bulk email service providers) and those that help us understand and enhance our Services (like analytics providers). We require service providers to agree to the security and confidentiality of personal information consistent with this Privacy Policy.
• Affiliates and Business Partners: We may share information about you with affiliates (such as our parent companies, subsidiaries and other corporate affiliates) and business partners, such as affiliates and business partners with whom we collaborate to bring you Services or we use to support our business. Please note that our affiliates and business partners may use your information for their own purposes, including marketing and offering you content or products that you may be interested in, subject to the Privacy Policies and business practices of those affiliates and business partners.

• A note for members and other users of www.netgalley.jp: Please note that we have entered into an agency agreement with Media Do Co., Ltd., an affiliated parent company (“Media Do Co.”), regarding the operation of the website in Japan, www.netgalley.jp. We share your personal information with Media Do Co., which in turn uses the personal information to ensure the smooth operation of the website, provide guidance related to our Services, pass it on to successor programs, provide opinions and feedback related to the Services, respond appropriately to requests and inquiries, etc. from members or other users, and for other purposes similar to or closely related to the purposes stated above.

• Publishers and Clients: We will share information about you with the book publishers and other NetGalley clients who approve or deny requests you make for access to their books. We require that our clients protect your personal information, and acknowledge that their failure to do so may be subject to legal action. NetGalley clients are responsible for complying with all local laws and statues related to the protection and legal use of personal information.
• As Required by Law: We may disclose information about you to respond to or comply with judicial proceedings, court orders, subpoenas, search warrants, or other legal or governmental process or law enforcement measures, to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud or safety of person or property, to comply with our legal obligations and/or to defend against legal actions or claims.
• To Protect Rights and Property: We may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of NetGalley, third parties, or the public at large. For example, if we have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay.
• Business Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that NetGalley goes out of business or enters bankruptcy, member information would likely be one of the assets that is transferred or acquired by a third party buyer or other successor.
• For its Purpose: We may disclose your personal information to fulfill the purpose for which you provided it or for any other purpose disclosed by us when you provide the information.
• With Your Consent: We may share and disclose information with your consent or at your direction. For example, we may share your information with third parties with which you authorize us to do so, such as the social media services that you connect to your site through our social sharing feature.
• Aggregated and De-Identified Information: We may share information that has been aggregated or de-identified, so that the information could not reasonably be used to identify you, without restriction. For instance, we may publish aggregate statistics about the use of our Services.
• Published Support Requests: If you send us a request (for example, via a support email or one of our feedback mechanisms), we reserve the right to publish that request in order to help us clarify or respond to your request or to help us support other members.

Information Shared Publicly

Your profile is an important tool for telling NetGalley clients how you recommend books. Publishers and NetGalley clients see your profile (but other members do not). Publishers and NetGalley clients you interact with on NetGalley will be able to see only what you choose to share in your profile. You have the option of making your contact information visible or not to publishers.

Reviews and other content you submit on the NetGalley website are public. By default, public reviews on the NetGalley site will be displayed with your name and member type. If you prefer, you can replace your name with an auto-generated alias displayed next to your reviews instead. Public information may also be indexed by search engines or used by third parties, and we may syndicate reviews.

Please keep all of this in mind when deciding what you would like to share.

Age Restrictions

Our Services are not intended for individuals under 18 years of age (“Children” or “Child”). Children may not provide any personal information to us or through the Services. We do not knowingly collect personal information from Children. If you are under age 18, do not use or provide any information through the Services or provide any information about yourself to us, including your name, address, telephone number or email address. If you are under 18 years of age and, for any reason, already have a NetGalley account, we ask that you delete your account, or contact us to do so. If we learn we have collected or received personal information from a Child, we will delete that information. If you believe we might have any information from or about an individual under 18 years of age, please contact us at info@netgalley.com.

European Users and the General Data Protection Regulation (GDPR)

UK and EEA Individuals’ Rights

If you are a resident of the United Kingdom (“UK”) or European Economic Area (“EEA”), you have certain data protection rights under the General Data Protection Regulation (“GDPR”) or the UK’s implementation of the GDPR, as applicable. Subject to any exemptions provided by law, we aim to take reasonable steps to allow you to correct, amend, or delete your personal data. You can do this by contacting us at info@netgalley.com to be informed what personal data we hold about you, and/or if you would like us to correct, amend, or delete your personal data.

Your rights under the GDPR include the following:

• The right to access, update or delete the information we have about you.
• The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
• The right to object. You have the right to object to our processing of your personal data. Your right to object includes the right to object at any time to the processing of your personal data for direct marketing purpose.
• The right of restriction. You have the right to request that we restrict the processing of your personal information.
• The right to data portability. You have the right to be provided with a copy of the information we have about you in a structured, machine-readable and commonly used format.
• The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests. Please also note that our fulfillment of certain requests, such as requests to delete your information or restrict the processing of your information, may result in your being unable to use our Services or us being unable to provide you certain products or services.

You have the right to lodge a complaint with a supervisory authority, in particular in the UK or EU Member State of your habitual residence, place of work, or place of the alleged infringement if you think we are processing your personal data not in accordance with the GDPR. For more information, please contact your local data protection authority in the UK or EEA.

Personal Data Processing in the U.S. and Other Countries

NetGalley is located in the United States. Information we collect will be processed in the United States, and by using our Services you acknowledge and consent to the processing of your data in the United States. The United States is not subject to a finding of “adequacy” from the European Commission under Article 41 of the GDPR, and NetGalley has not self-certified its participation in the EU-U.S. Data Privacy Framework. Accordingly, we rely on derogations set forth in Article 44 of the GDPR. We may also disclose your personal data to our business partners and affiliates, as explained above in the “Disclosures of Your Information” section. These business partners and affiliates are located in E.U. member states or the UK and are subject to the GDPR or the UK GDPR, or are located in Japan, which is subject to a European Commission “adequacy” decision recognizing the personal data protection laws of Japan as adequate to enable data transfers under the GDPR.

Legal Basis

If you are in the UK or EEA, our legal basis for collecting and using the personal information described in this Privacy Policy depends on the personal data we collect and the specific context in which we collect it. We process personal data you provide to us in using our Services, such as basic account information, public profile information, content information and information in communications with us, and information we collect automatically and from third party sources (see above in the "Information We Collect" section for more detail on these categories of information), with your consent and to perform the agreement between us and our client, pursuant to which you have been given access to our Services, as well as our Terms of Use, which is an agreement between you and us. We process your personal data to pursue our legitimate interests as a company, such as to determine the effectiveness of our marketing campaigns and our Services, to operate, improve and renew our Services, to protect our or the rights, property or safety of others, and for general research and analysis purposes. When processing personal data for our legitimate interests, we take appropriate measures to ensure that the interests we have are not outweighed by your interests or fundamental rights and freedoms, which we will be happy to explain to you upon request. We may also process your personal data in order to comply with a legal obligation or to protect your vital interests.

Data Controller and NetGalley’s EU Representative

For purposes of the GDPR, NetGalley is the “controller” with respect to your personal data. NetGalley’s contact details are below in the “Contact Us” section. NetGalley’s GDPR Article 27 Representative, colenio GmbH & Co. KG, located in Unkel, Germany, can be contacted as follows:

colenio GmbH & Co. KG
Attention: Michael Vogelbacher
Bahnhofstr. 5
53572 Unkel
Germany
GDPRCompliance@netgalley.com

Security and Data Retention

While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so. We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. The safety and security of your information also depends on you. Where you have chosen a password for access to the Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We also urge you to be careful about giving out information in any public areas of the Services, like on your public profile.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to the Services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures of the Services.

We will retain your information only for as long as is reasonably necessary for the purposes set out in this Privacy Policy.

Links to Other Sites

Our Services may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, products, privacy policies or practices of any third-party sites or services.

Other Things You Should Know

Transferring Information to other countries

NetGalley is a worldwide service. By accessing or using the Services or otherwise providing information to us, you consent to the processing, transfer, and storage of information in and to the U.S. and other countries, which may have rights and protections that are different from those in your home country.

What if you decide to leave us?

If you decide that it is time for you to leave our Services, there are tools in the application that allow you to delete your account. If you have a problem with this, please don’t hesitate to contact us at info@netgalley.com. Once your account is deleted, publishers and NetGalley clients who gave you access to books will only see "Account Deleted" in their history and reporting. Reviews and other public content you submitted will remain indefinitely but will no longer be associated with your name or any of your other personal information.

Changes to Our Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. If we make changes to the Privacy Policy that materially alter your privacy rights, we will provide additional notice via email and/or a prominent notice on our website or the Services, and update the “effective” date at the top of this Privacy Policy. Before we use your personal information for a purpose that is materially different than the purpose we collected it for or that you later authorized, we will provide you with the opportunity to opt out. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting this Privacy Policy to check for any changes.

Contact Us

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at:

NetGalley, LLC
44 Merrimac St.
Newburyport, MA 01950
USA
Email: info@netgalley.com