Corporate privacy notice

Effective Date: May 25, 2018
Last updated: April 7, 2024

Scope

This Privacy Notice (“Notice”) describes how Clarivate (“Clarivate”, “we”, “us” and “our”) collect, use, share, secure, and eventually dispose of (collectively “process”) personal data. Personal data is any information that does, or could, identify you.

This Notice applies to personal data collected by our websites, apps, and products (collectively “services”), and in the course of routine offline business contact with you where we are the data controller. Additional information on our personal data practices may be provided in offer descriptions, supplemental privacy notices or notices provided prior to or at the time of data collection. Certain Clarivate websites may have their own privacy notice that describes how we handle personal data for those websites specifically. To the extent a notice provided at the time of collection or a website or service specific privacy notice conflict with this Notice, such specific notice or supplemental privacy statement will control.

Click on the links below to learn more about how we treat your personal data.

Click here for our supplemental privacy notice for California residents under the CCPA/CPRA.

Click here for our supplemental privacy notice for residents of Virginia, Colorado, Utah and Connecticut.

Click here for our supplemental privacy notice for individuals in China under the PIPL.

Click here for our supplemental privacy notice for individuals in Brazil under the LGPD.

This notice is addressed primarily to our customer representatives, service users (including visitors to our sites and trial users), supplier representatives, research participants and sales prospects.

It also applies to individuals whose personal data is processed as part of our services. For instance, if you are a publication author, a researcher, a patent holder, a party to an IP dispute or an individual otherwise involved in a such a dispute (e.g., a judge or an attorney), a clinical trials investigator or are otherwise an author of, or contributor to, reports, analysis, articles or other materials available in the public domain, your personal data may be included as content in our services.

Clarivate is a global leader in providing trusted insights and analytics to accelerate the pace of innovation. Our vision is to improve the way the world creates, protects and advances innovation. Learn more about our products and services here.

Clarivate is made up of a number of different legal entities, which together form the Clarivate group. To find out more about which legal entity makes decisions about the way other personal data is treated, please contact data.privacy@clarivate.com.

We collect personal data directly from you:

  • When you use our services, e.g., when you purchase or have access to our services, you are usually required to provide us with your name and email address. You may also be required to provide other information necessary for your use of our services or additional information that you choose to disclose to us, such as your professional details or your user preferences.
  • When you interact with us, e.g., when you fill in a form online, contact us or request information from us, seek technical support or when you participate in research activities.
  • Through cookies and similar technologies included in our services, e.g., when you access our services, we collect device and information relating to your usage of our services. For more information on how we use standard technologies, like web server logs, cookies and web beacons, please click here.

We also collect personal data about you from third parties:

  • Our partners and service providers, e.g., technology providers in connection with your use of our services, market research agencies, content providers, etc.
  • Publicly available sources, e.g., academic or scientific publications, patent & trademark offices, and regulatory agencies, court files, etc.
  • Our customers, e.g., our customers may provide us with personal data for research recruiting purposes or to integrate with our services, your employer or the institution you are affiliated with may provide us with contact information so that we can set up your login, etc.
  • Other public or paid-for sources, e.g., we may acquire data from public websites, social media or from data suppliers.

How you interact with us and the different services that we offer determine what personal data we collect about you.

The personal data we collect may consist of the following:

  • Personal identifiers, e.g., name, username, e-mail address, phone number, signatures, etc.
  • Contact information, e.g., e-mail, phone, fax, address, etc.
  • Demographic information, e.g., gender, location, language, etc.
  • Authentication data, e.g., password, etc.
  • Professional information, e.g., publications, employer, location, licensure, credentials, professional identification number, work history/resume, education history, specialties, expertise, availability, etc.
  • Indirect identifiers, e.g., study ID, cookies, IP address, computer device information, etc.
  • Knowledge, belief & preference data, e.g., thoughts, concerns, preferences, feedback, opinions and other information provided through surveys, interviews, etc.
  • Usage data, e.g., information about your use of our services, such as date and time of visits, the pages viewed, time spent at one of our websites, etc.
  • Financial information, e.g., payment information, market research incentive information and related bank details, etc.
  • Commercial information, e.g., purchase history, subscription information, transaction details, information about sanctions and restrictions, etc.
  • Communication data, e.g., information communicated from or to you through telephone recordings, voicemail, email, etc.
  • Marketing data, e.g. your preferences in receiving marketing from us and our third parties.
  • Sensory data, e.g., photographs, audio, video or other similar electronic recordings, etc.
  • Sensitive personal data. We only process personal data about race or ethnicity; political opinions, or religious or philosophical beliefs; trade union membership; or genetic, biometric, health, or sex-life information (“special categories of personal data” as defined by the European Union General Data Protection Regulation) in very limited circumstances. For instance, if you actively provide or indicate such information in a user-controlled area of our services, for example a professional profile or whilst taking part in market research associated with our healthcare research and analytics services. We may occasionally collect personal data that are subject to enhanced security requirements, such as requiring a credit card or government-issued ID to complete a transaction you have requested.

Non-personal data includes data, such as anonymised, aggregated, statistical or de-identified data, that could be derived from Personal Data but is considered non-personal in nature because it does not directly or indirectly reveal a person’s identity.

Generally, we will process your personal data because:

  • It is necessary to perform contractual obligations to you, e.g., if you have a contract with us, we process your personal data to perform that contract (i.e., provide you with services or payment).
  • It is necessary for our legitimate interests or those of a third party. Further details of those legitimate interests are set out below.
  • You have given us your consent. We only ask for consent in limited circumstances, e.g., for certain types of marketing communications in particular jurisdictions or for certain research related activities.
  • It is necessary to comply with a legal or regulatory obligation, e.g., to respond to a court order or a regulator.

Clarivate may anonymise, aggregate, or de-identify Personal Data and process the derivative non-personal anonymised, aggregated, statistical or de-identified data (“Non-personal Data”) through AI systems and/or Generative AI systems. Non-personal Data, such as anonymised, statistical information, demographic information, aggregated, and/or de-identified data, could be derived from your Personal Data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. We may use such Non-personal Data to analyse the effectiveness of our products and/or services, improve and add features to our products and/or services, conduct research and for other similar purposes. We will not attempt to re-identify aggregated or de-identified data. For the avoidance of doubt, relevant data protection laws and this Notice will continue to apply to the processing of all forms and categories of Personal Data.

Artificial intelligence (AI) system: A machine-based system that is designed to operate with varying levels of autonomy and that can, for explicit or implicit objectives, generate outputs such as predictions, recommendations, or decisions that influence physical or virtual environments.

Generative AI system: AI systems that use deep learning foundation models specifically intended to generate, with varying levels of autonomy, content such as complex text, images, audio, or video.

This section sets out the purposes for which we may use your personal data. Your relationship with Clarivate will determine which of the purposes listed in this section apply to you.

Our legitimate interests in processing your personal data are mainly customer and product administration, provision, improvement and development of our services, protection of legal rights and marketing. More detailed information about these legitimate interests is set out below.

  • Customer and product administration
    • Provide you with our services and information that you or the sponsoring organization requested or for which you have expressed an interest, or that you access through our services
    • Create product accounts
    • Provide user and technical support
    • Enforce our terms of business
    • Report product usage information to our customers, business partners, content and technology providers
    • Manage customer information across Clarivate websites and services
    • Contact you about renewal of your subscriptions
    • Perform other related administrative tasks.
  • Product development and personalization
    • Deliver personalized functionality and content in our services, for instance we may retain your browsing and usage information to make your searches within our services more relevant
    • Analyze product usage information to understand which content and tools are most useful for our users and to allow us to deliver and suggest tailored content, features and other Clarivate services that we believe may interest you.
    • Use information collected on our services, usually in aggregated form, to analyze the functionalities we offer and to improve the design and content of our services (including sharing your personal data across our group which allows us to make all our services more user-friendly).
  • Marketing and events:
    • Administer events we host or attend (e.g., conferences, webinars, etc.)
    • Send you marketing messages for Clarivate services that may interest you (Edit your messages at the Email Preferences Center)
    • Provide you with advertising based on your activity on our websites and services and on third-party websites. We do not disclose your contact information to third parties for their own marketing purposes unless we have obtained your consent to do so in accordance with applicable laws.
    • You can opt out of our marketing communications at any time – all Clarivate marketing e-mails contain an “unsubscribe” or “manage my preferences” link. If you have questions regarding our use of your information for marketing purposes, please contact the Clarivate Marketing Team.
  • Product content
    • Organize and include information in our services we collect data from publicly available sources
    • Use personal data which you choose to make available in our services (for instance, you may wish to provide information to enable peer connection and related collaboration)
  • Research activities
    • Maintain and support our research activities, which include the identification and recruitment of research participants, related fieldwork (i.e., interviews, recordings, post interview ratings), conducting market research, developing and providing research services and payment of incentives to a research participant.
    • Contact you to seek your participation in future research activities.
  • Security
    • Protect the security of our IT systems, architecture and networks
    • Prevent misuses of our services
  • Legal rights
    • Exercise our rights and to the extent reasonably required, to assist third parties (such as your employee or our business partners) in exercising their rights
    • Defend ourselves from claims and to comply with laws and regulations that apply to our group or third parties with whom we work
    • For the purposes of fraud screening and prevention
  • Business operations & restructuring
    • Participate in, or be the subject of, any sale, merger, acquisition, restructure, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock

Your personal data will, depending on the purposes of processing, be disclosed to different individuals and organizations, including:

  • Employees and contractors of the Clarivate group whose roles require access to your data. Our personnel are bound to confidentiality terms which cover their obligations to protect personal data.
  • The account administrator(s) or the organization providing you access to our services, in the case of corporate subscriptions.
  • Service providers who process personal data on our behalf (“processors”); for example, Cloud computing providers and web analytics services like Google Analytics and credit card payment processors. Such vendors are contractually bound to protect your data to the same standard as set out in this Notice and, in the case of credit card payment processors, to meet the Payment Card Industry Data Security Standard (PCI DSS).
  • Business partners with whom we deliver co-branded services or host events; or whose content or technology we make available through our services.
  • Professional advisors such as legal counsel and information security professionals where reasonably required to protect our rights, users, systems and our services.
  • Prospective and actual buyers, sellers, advisers or partners in relation to any sale merger, acquisition or similar corporate event involving Clarivate.
  • Government agencies, law enforcement, courts and other public authorities where we have a duty to disclose your personal data by law.
  • Subscribers & members. If your personal data is collected from public sources for inclusion in our product databases and any personal data you choose to provide to us for display in our services (for example, in profiles and when using online forums), your personal data may be accessed by users of our services. Additionally, if you or your organization register for one of our membership-based communities or products, we may make information about you (including contact and institutional information) available to other members through online and offline services.
  • Other third parties you have asked us to share information with or where you have provided us your consent, e.g., if you upload information into a public platform or forum that is publicly accessible, certain research related disclosures to sponsors of the research project.

Google Limited Use Requirement Disclosure
The way EndNote Cite While You Write utilizes and transfers information received from Google APIs to other applications will comply with the Google API Services User Data Policy, including the Limited Use requirements.

Clarivate maintains appropriate administrative, technical, and physical security measures to protect your personal data from accidental loss and unauthorized access or use. These measures may include encryption, firewalls, roles-based data access, intrusion-detection software, and physical access controls to data centers. Clarivate’s privacy and security teams also work to provide internal trainings, raise awareness of privacy and security issues, manage recordkeeping, and prepare for individual requests and security incidents. However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will never occur.

Clarivate uses cookies and other similar technologies, such as web beacons, HTML5 Local Storage, local shared objects, tags, and scripts on our websites and in email communications. We use these technologies to authenticate your access to various areas of our services, understand your interests, analyze web traffic, combat fraud, provide interest-based advertising, improve our services, personalize content and track the effectiveness of our emails. We may collect and store data collected through these technologies with other personal data provided to Clarivate.

Please read the Cookie notice for detailed information about the cookies and other tracking technologies used on our services. The Cookie notice includes information on how you may disable these technologies.

We store your personal data throughout the period of your relationship with us and retain it for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying legal, accounting, or reporting obligations or to resolve disputes.  For more information on how long we store your data, please contact us at data.privacy@clarivate.com.

Clarivate is a global business, and your data may be transferred to countries with different privacy and data protection laws than your own, including to countries such as the United States.

We protect our transfers from the United Kingdom and the European Economic Area with approved legal safeguards that may include: (1) the existence of a European Commission adequacy decision (covering, for example, transfers to Canada, New Zealand, and Switzerland); (2) Clarivate’s Intra-Group Agreement incorporating the Standard Contractual Clauses approved by the European Commission (“Standard Contractual Clauses”); (3) Standard Contractual Clauses and other contract terms executed between Clarivate and applicable third parties that ensure personal data remains protected in accordance with applicable law; or (4) the existence of binding corporate rules or other certification mechanism approved by applicable law.

Depending on where you are located or where you reside, you may have certain rights granted to you over your personal data under local data protection laws. We will honor the requests you make related to your rights as the law requires – this means in some cases, there may be legal or other official reasons that we may not be able to fulfill the specific request you make related to your rights.

What rights may be available to you?

The following rights are available to all individuals in the European Union. The rights available to you may differ based upon local data protection laws. Please contact us through the contact information set forth below if you have further questions about the rights that Clarivate makes available to you.

Information and access. You may have a right to know what personal data we hold about you and be given information about how we process or have processed it. You may also have the right to obtain confirmation from us that we process your personal data, and if so, to request access to or a copy of such personal data. To the extent permitted by law, we may charge a reasonable fee based on administrative costs for copies of your personal data requested by you.

Correction: You may have the right to request that we correct inaccurate personal data we hold about you. You may also have the right to have incomplete personal data completed.

Erasure. You may have the right to request that we erase some or all of your personal data.

Restriction. You may have the right to ask us to restrict further processing your personal data.

Objection. You may have the right to object that we process some or all of the personal data we hold about you.

Data portability. You may have a right to request to receive your personal data in a structured, commonly used and machine-readable format, or, where feasible, to have us transfer your personal data directly to another organization.

The right to withdraw consent. You may have the right to withdraw your consent to the processing of your personal data where we rely solely on your consent for processing such data. Your withdrawal will not affect the lawfulness of our processing based on your consent before your withdrawal, and you can always give us your consent again in the future.

Automated individual decision-making. You may have the right not to be subject to a decision based solely on automated processing of your personal data, including profiling, which produces legal or similarly significant effects on you. We will inform you if automated individual decision-making takes place.

Right to complain. If you believe that we have infringed your rights, we encourage you to contact us first at data.privacy@clarivate.com so that we can try to resolve the issue. However, you may have the right to lodge a complaint with an applicable data protection authority. For individuals in the European Union, please refer to this list of data protection authorities.

Responding to requests. We will aim to respond to your request within 1 (one) month or the specific timeframe required by the laws applicable to personal data about you. We will ask you to verify your identity if we need to, and to provide information that helps us to understand your request better. If we do are unable to comply with your request, whether in whole or in part, we will explain why.

California residents. To learn more about your rights under the California Consumer Privacy Act, please click here.

Individuals in Brazil. To learn more about your rights under the Lei Geral de Proteção de Dados No. 13.709/2018, please click here.

Exercising your rights. To exercise your rights as described above, please submit a request using one of the following methods:

Upon receiving a request from you, we will first verify your identity by matching the information you provide (including your name, email address, and phone number) with what we have on file for you. We may ask you for additional information to verify your identity or to comply with your request. We will complete your request in the timeline prescribed by the applicable privacy laws.

Our services are not directed to individuals under the age of thirteen (13), and we do not knowingly collect personal data from children under the age of 13. If you are under 13, please do not attempt to register for services or send any personal data about yourself to us.

Our services may include social media features, such as the Facebook “Like” button and widgets, the “Share this” button or interactive mini-programs that run on a website. These features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy notice of the company providing it. In addition, if you use social media or other third-party services (e.g., Facebook or Google) to login to our services, these third parties may be able to collect information about you in accordance with their own privacy notices. We do not control the privacy practices of these third parties, and you should review their privacy notices carefully.

This Notice only relates to our processing of personal data where we make decisions about how data is treated.

Some of our customers or business partners may enter your personal data into our services, provide or have us collect your personal data in order for us process such data on their behalf. This includes but is not limited to services such as Techstreet private-label stores (i.e., online stores operated by third-party standards publishers) and ScholarOne Manuscripts. We do not make decisions about how your personal data is processed in those instances.

To find out more about how these customers and business partners treat your personal data, you should refer to their own privacy notices to you.

Where we need to give you additional information about how your personal data is used in relation to specific services, we will provide separate or additional privacy notices.

From time to time, we may update this Notice. Any changes will be effective when we post the revised Notice. This Notice was last updated as of the effective date listed above. If the Notice changes in a way that significantly affects how we handle personal data, we will not use the personal data we previously gathered in the manner described in the new policy without providing notice and/or obtaining your consent, as appropriate. Minor changes to the Notice may occur that will not significantly affect our use of personal data without notice or consent. We encourage you to periodically review this page for the latest information on our privacy practices

If you have any concerns about how we process your personal data, please contact us at data.privacy@clarivate.com or via the mailing address below.  We hope that we can satisfy any queries you may have about the way in which we process your personal data.

You may find additional information about Clarivate’s privacy program at the Clarivate Privacy Center.

If you want to exercise your rights over your data, you can learn more and submit requests here.

Clarivate Analytics (UK) Limited

Attn: Legal, Clarivate Global Privacy Office
70 St Mary Axe
London EC3A 8BE
United Kingdom
+44 2074334000

 

Clarivate Analytics (US) LLC
789 E Eisenhower Pkwy
Ann Arbor, MI 48108
United States

www.clarivate.com