Privacy Policy

This is our updated Privacy Policy going into effect on September 20, 2018.

Your privacy is critically important to us. At NetGalley, we have a few fundamental principles:

Below is NetGalley’s privacy policy, which incorporates and clarifies these principles.

Name of the controller:

NetGalley LLC (Limited Liability Company)

Chief Executive Officer:

Angela Bole

Address of the controller:

NetGalley LLC (Limited Liability Company)
44 Merrimac St. Newburyport, MA 01950

Data Protection Officer under the EU GDPR:

Michael Vogelbacher
colenio GmbH & Co. KG
Bahnhofstr. 5
53572 Unkel

Purpose and data minimisation

NetGalley is an innovative and easy-to-use online service and connection point for book publishers, reviewers, media, librarians, booksellers, bloggers and educators. We offer digital galleys, often called advance reading copies, or ARCs, to professional readers to help promote new and upcoming titles. We collect and use your personal information only within the framework of the European Union General Data Protection Regulation (EU GDPR) and the legislation of the United Kingdom related to data protection.

What This Policy Covers

This Privacy Policy applies to information on the nature, extent and purpose of the personal data that we collect and use. Data is not processed for reasons other than those specified below. You can access this Policy anytime on this website.

Throughout this Privacy Policy we’ll refer to our website and other products and services collectively as “Services.”

Below we explain how we collect, use, and share information about you, along with the choices that you have with respect to that information.

Please note that this Privacy Policy does not apply to any of our products or services that have a separate privacy policy.

If you have any questions about this Privacy Policy, please contact us.

Data transmission and logging for system-internal and statistic purposes

For technical reasons, your webbrowser automatically transmits data to our webserver when you access our website. This data includes, inter alia, date and time of access, URL of the referring website, file viewed, amount of transmitted data, browser type and version, operating system and your IP address. This data is stored separately from other data you enter when using our service. We are not able to associate this data to a particular person. This data is analysed for statistic purposes and will subsequently be deleted.

Information We Collect

We only collect information about you if we have a reason to do so–for example, to provide our Services, to communicate with you, or to make our Services better.

We collect information in three ways: if and when you provide information to us, automatically through operating our services, and from outside sources. Let’s go over the information that we collect.

Information You Provide to Us

It’s probably no surprise that we collect information that you provide to us. The amount and type of information depends on the context and how we use the information.

If you have an account with us, you can choose not to provide the optional account information, and profile information. Please keep in mind that if you do not provide this information, certain features of our Services–for example, your ability to request books–may not be accessible.

Information We Collect Automatically

We also collect some information automatically:

Information We Collect from Other Sources

We may also get information about you from other sources. For example, if you create or log into your NetGalley account through another service (like Google) or if you connect your website or account to a social media service (like Twitter), we will receive information from that service (such as your username, basic profile information, and friends list) via the authorisation procedures used by that service. The information we receive depends on which services you authorise and any options that are available.

We may also get information from third party services about individuals who are not yet our members (…but we hope will be!), which we may use, for example, for marketing and advertising purposes.

Data subjects and categories

Data subjects include clients, website users, suppliers and business partners as well as staff members. Data categories include first and last name, and if necessary, your address, IP and payment details.

How We Use Information

We use information about you as mentioned above and as follows:

Data protection declaration for the use of Google Analytics as a web analysis tool

This website uses Google Analytics, a web analysis service of Google Inc. (“Google”, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The information about your visit produced by cookies are transmitted to a Google Server in the United States and stored there. In case of IP-anonymisation on our website, your IP address is shorted by Google within EU members States or other contracting States of the European Economic Area prior to transmission.

In exceptional cases, the full IP address is transmitted to a Google Server in the US and shorted there. Google will use this information to assess your use of the website, compile reports on website activities and render other services connected to website and internet use. The IP address transmitted by your browser within the service of google Analytics will not be connected to other Google data.

Browser Opt Out

You can prevent the collection and processing of the data generated by this cookie and related to your use of the website to and by Google by downloading and installing the browser plugin available via this link:

Mobile Opt Out

Sharing Information

How We Share Information

We do not sell our members’ private personal information.

We share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy. In all cases below, we only share the minimum information necessary. For example, we won’t share your username, or password, or your personal Kindle email address with a Third Party Vendor, or Publisher.

Information Shared Publicly

Information that you choose to make public is–you guessed it–disclosed publicly. That means, of course, that information like your public profile, reviews, other content that you make public on the NetGalley website, and your “likes” and comments on other websites that use our Services, are all available to others–and we hope you get a lot of views! We provide a “Firehose” stream of public data (like reviews) from sites that use our Services to provide that data to subscribers, who may view and analyse and republish the content. Public information may also be indexed by search engines or used by third parties. Please keep all of this in mind when deciding what you would like to share.


Under the EU GDPR and at any time, you have the right to address the controller or our DPO (see above) and request information on how your data is process. You also have a right to rectification of your data. Or you can have the processing restricted, meaning a right to have processing limited to parts of your data. At any time, you may object to the processing of your personal data. When you do so, we will check whether there are any conflicting legal transmitting and processing obligations and inform you accordingly. You also have a right to data portability, meaning that we hand over your data in a structured, commonly used and machine-readable format determined by us upon your request.

In addition, if you feel that we do not treat your personal data properly and as laid out in this Policy, you have a right to complaint to the supervisory authority responsible for your country.

When you’ve given your consent to the processing of your data you may, of course, revoke your consent at any time.

If you receive advertisement from us, you also have a right to object at any time so that we stop sending you ads.

Use of Social Plugins

We’re using so-called Social Plugins (Plugins) in order to participate in social networks with social media content:

Privacy Policy for the use of Facebook (Like button)

Our website integrates plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. You will recognize the Facebook plugins from the Facebook Logo or the “Like button” or maybe even content about our Facebook presence on the right side of our website. You may find an overview on Facebook plugins here:

When you visit our website, a direct connection is made via the plugin between your browser and the Facebook server. From your IP address, Facebook thus receives the information that you’ve been visiting our website. When you click on the Facebook “like” button or on a Facebook content while logged into your Facebook account, you can link our website’s contents to your Facebook profile. This also means that Facebook can then connect your Facebook account to your visit on our website. Please note that as the owner of this website, we will not receive any information of the content of transmitted data or their use from Facebook. You can get more information on this from Facebook’s Privacy Policy here:

Privacy Policy for the use of Twitter

This website also uses Twitter plugins. These are operated by Twitter Inc. (795 Folsom St., Suite 600, San Francisco, CA 94107, USA). When you’re visiting a site using such a plugin, which you may recognize from the Twitter bird, the logo or embedded tweets, a direct connection is made via the plugin between your browser and the Twitter servers. We don’t have any influence on the nature and extent of data the plugin transmits to the Twitter servers. According to Twitter, only your IP address is collected and stored. You can find more information on the use of personal data by Twitter here:

Privacy Policy for the use of our Facebook fan page

When you visit our Facebook fan page, Facebook places cookies on the device you use for your visit (i.e. your computer or your mobile device). These cookies store information in web browsers and will remain valid fort wo years unless they are deleted. Facebook receives the information stored in the cookies, stores and processes it. This not only happens when you use Facebook services such as our fan page, but also when you use services offered by other members of the Facebook company group as well as services offered by other companies who use Facebook services. Facebook partners and third parties also use cookies on Facebook services to offer their services to Facebook or to companies placing ads on Facebook.

Please note that the cookie will be set upon your visit of our Facebook fan page regardless of whether you have a Facebook account or not.

If you do have a Facebook account, Facebook collects and processes data upon accessing the fan page, in case you have disclosed this information in your Facebook account. This includes your age, gender, relationship status, employment status as well as information about your life style, your interests and your purchases or shopping behaviour (demographic data). Facebook also collects and processes geographical data such as your location. Facebook uses both types of data to offer customised information and advertisement (personalisation). Facebook can link this data to your person.

If you do not have a Facebook account, the cookie placement at least collects your IP address, information about your device, the region or possibly the more exact location where you use your device, time and duration of your visit and estimates the above-mentioned demographic data via your surfing behaviour.

As the administrator of our fan page, we receive anonymised visitor statistics produced by Facebook based on this data.

You can prevent the collection of data through the cookie and related to your use of the website (including your IP address), its transfer to and use by Facebook by changing your cookie settings before visiting the Facebook fan page. Most browsers offer an option for restricting or completely blocking the cookie storage. Please note that the use and the user comfort might however be limited without cookies. You can also activate the “do not track” setting in your web browser, deactivate script code in your browser or use a so-called script blocker.

You can obtain more information in Facebook’s Privacy Guideline under and read about advertisement settings in the Data Protection Information under


While no online service is 100% secure, we work very hard to protect information about you against unauthorised access, use, alteration, or destruction, and take reasonable measures to do so.

Other Things You Should Know (Keep Reading!)

Transferring Information to other countries

NetGalley is a worldwide service. By accessing or using the Services or otherwise providing information to us, you consent to the processing, transfer, and storage of information in and to the U.S. and other countries, which may have rights and protections that are different from those in your home country.

What if you decide to Leave Us?

If you decide that it is time for you to leave our services, there are tools in the application that allow you to delete your account. If you have a problem with this, please don’t hesitate to contact our DPO. According to the EU GDPR, you have a right to be forgotten.

Once you leave, we will after a period of 60 days, eliminate any reference to your name or other personal details. We will also eliminate the link between your identity and any System Activity Data. We will hold on to your System Activity Data indefinitely. System Activity Data, are site statistics such as your requests, downloads, and feedback. This data (without anything that links back to you), are necessary elements in the ongoing operations of the service.