Gartner Digital Markets Software Vendor Privacy Policy

Last Updated: April 2023 

WELCOME TO GARTNER DIGITAL MARKETS! PLEASE TAKE TIME TO READ OUR PRIVACY POLICY FOR SOFTWARE VENDORS (“POLICY”) AS IT SETS OUT IMPORTANT INFORMATION RELATING TO HOW WE HANDLE YOUR PERSONAL INFORMATION!

In this Policy, references to “we”, “us” or “Gartner Digital Markets” are references to Capterra Inc., Nubera eBusiness S.L. (GetApp) and Software Advice, Inc., which are subsidiaries of Gartner Inc. and collectively constitute the Gartner Digital Markets group. This Policy only applies to data collected by Gartner Digital Markets via www.gartner.com/en/digital-markets (the “Site”), and does not apply to Gartner Inc. and its other associated group companies, products, and/or services, www,gartner.com, or Evanta.

In addition to this Site, each of the Gartner Digital Markets entities have separate sites (www.capterra.com, www.softwareadvice.com, www.getapp.com) which collect further categories of data about software vendors and software buyers for additional purposes. More information can be found in the applicable privacy policy on each of the sites.

HOW TO CONTACT US

Questions, comments and requests regarding this Policy should be addressed to our Data Protection team through the following means:

Legal Department
Data Protection Team
56 Top Gallant Road
Stamford, CT 09602
USA
Email Address: GDMprivacy@gartner.com

 

INTRODUCTION

We will collect personal information when you use the Site and the associated services, and as part of the normal course of business. This Policy sets out how we collect and use personal information, and your rights regarding our use of your personal information.

1. INFORMATION THAT WE COLLECT ABOUT YOU

1.1 Data collection and usage

Information you provide directly, or we collect when you:
  • Create a free listing
  • Request a free demo for your listing or get connected with a digital marketing expert
  • Register for an account with us
  • Correspond with us (either by phone or email).

Categories of information we collect about you include:
  • Personal information such as your full name and contact details such as the name of your company, the state/county in which you are based, business email address,  and your telephone number;
  • Your website URL;
  • What you are interested in hearing about (e.g. lead generation or website review);
  • Whether you use other PPC advertising channels;
  • Information about the software you offer, e.g. the product name, type of software and product description;
  • Information you provide so that we may invoice you, including your payment details and billing information; and  
  • Other information you provide when you communicate with us including your full name, contact details and business email address, phone number and details of our communications.

We use this information for certain activities, including:
  • Fulfilling your requests, for example, to publish your listing and other submitted content, to provide you with details of leads (including their name, information about their business, software requirements and follow up next steps (e.g. request demo), and to invoice you appropriately;
  • Managing your profile and listings;
  • Sending you service emails (e.g. service announcements and messages relating to your account);
  • Providing consultation services on the latest research and other helpful advice; 
  • Notifying you about special offers available from us, our affiliates or partners, which may be of interest to you;
  • Sending marketing to business contacts regarding Gartner Digital Markets services and products which may be of interest and to promote our business and brand;
  • Administering our services and website, investigating any complaints and providing customer service;
  • Responding to your questions and requests and otherwise customize your digital markets experience; Resolving disputes;
  • For internal analysis and research to help us to measure interest in and improve our services;
  • Preventing prohibited or illegal activities; and
  • Enforcing our policies. 

We use this information because:
  • We have a legitimate business interest to:
    • Manage and promote our business and brand;
    • Provide and improve our services;
    • Operate our business;
    • Obtain payment for our services;
    • Improve the performance and user experience of our websites;
    • Monitor, investigate and report any attempts to breach the security of our websites; and
    • Resolve any concerns or disputes you may have.
  • We have collected your consent (where required under applicable law) to use your information for marketing. Where we rely upon your consent, you have the right to withdraw this consent by contacting the Data Protection team on the contact details above or unsubscribing via the opt-out functionality provided in our marketing communications to you. 

Information we collect about your use of our website and apps.    

Categories of information we collect about you include:
  • Information captured in our web logs such as device information (e.g. device brand and model, screen dimensions), unique identification numbers (e.g. IP address and device ID), and browser information (e.g. URL, browser type, pages visited, date/time of access), geo-location and other device-specific information, Internet connection information;
  • Advertising information (such as size/type of ad, ad impressions, location/format of ad, data about interactions with ad);
  • Behavioral information (such as information on the behavior or presumed interests of individuals which are linked to those individuals and may be used to create a user profile); and
  • Information captured by our cookies (see our Cookie Policy).  

We use this information for certain activities, including:
  • Personalizing the experience of our website;
  • Administering our website;
  • Performing statistical and trend analysis to improve the user experience and performance of our website;
  • Facilitate your access to and use of our Site; and
  • Resolving disputes and troubleshooting problems    

We use this information because:
  • It is necessary for compliance with any legal or regulatory obligations;
  • We have a legitimate business interest to:
    • Monitor, investigate and report any attempts to breach the security of our websites; and
    • Improve the performance and user experience of our websites.    

1.2 Further information

Where we collect and use information for our legitimate interests as mentioned above, a legitimate interest will only apply when we consider that your interests or rights requiring protection of your personal information do not override our legitimate interests. For more information regarding our legitimate interests as applied to your personal information, please contact us.

Our websites and online services are for individuals who are at least 18 years of age. Our online services are not designed to be used by individuals under the age of 18.

Your personal information may also be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency, in the defense of legal claims or in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats, to the physical safety of any person or violations of any of our Site terms. 

Recorded Communications

We may record calls for training, quality and research purposes. All recordings will be treated as confidential. If you do not want us to record your call, you will be given a chance to opt out. If your call is already in progress, you may ask us to turn off the recording at the start of the call.

Payment Card Information

When applicable, you may pay for products or services using your payment card and in such cases we will collect your personal data connected to your payment card. We use this personal data in order to process your payment and to prevent fraudulent transactions. We do this on the basis of your consent to process this information

2. WHEN WE DISCLOSE YOUR INFORMATION

We may disclose your personal information to third parties as follows:

  • To Gartner group companies in order to process the data for the above mentioned purposes;
  • When we have your consent or authorization to do so;
  • To third parties who work on our behalf to help us administer our Site, or to service or maintain business contact databases and other IT systems, such as suppliers of the IT systems which we use to process personal information, or who provide other technical services, such as printing;
  • To third parties providing services to us who have a need to access your information, such as our professional advisors (e.g. auditors and lawyers);
  •  To comply with applicable laws, protect rights, safety and property, and respond to lawful requests from public authorities (such as disclosing data in appropriate situations for national security or law enforcement purposes);

Capterra, GetApp and Software Advice are part of the Gartner Digital Markets network. As a software vendor, we make your product listing available through these individual websites, and share your listing information within this network so that your listing will be included on any of the Gartner Digital Market sites that we determine as appropriate, giving you the opportunity to collect reviews and acquire high quality web traffic and sales leads.

Your personal information will also be transferred to other third party organizations in certain scenarios (subject to applicable law):

  • If we sell, purchase or transfer any part or all of our business or assets (including in bankruptcy), or in the event of another corporate change, in which case we may disclose your Information to the prospective seller, buyer or administrator of such business or assets including for pre-transaction review under suitable terms as to confidentiality;
  • If we are reorganized or sold, information may be transferred to a buyer who can continue to provide services to you;
  • If we are defending a legal claim, our property, our website or other users, Information may be transferred as required in connection with defending such claim.
  • If there is an emergency which requires us to share your data or for the health and safety of our Site's users or the general public.

We also may share aggregate or anonymous information about you (which does not contain any personal information) to develop content and services and further improve your digital markets experience.

3. DATA SUBJECT RIGHTS

In certain circumstances, you have certain rights regarding your personal information. A summary of each right and how you can exercise it is below. To exercise any of these rights, please contact us. Such requests should include information to allow us to verify your identity (e.g. your name, address, email address or other information reasonably required). If you are a California resident, please refer to Section 10 below for more detailed information on your rights under California law.

Where we receive your request to exercise one of these rights, we will respond without undue delay within the time required by applicable law. This may be extended by a further two months in certain circumstances, e.g. where requests are complex or numerous.

We will provide the information free of charge, except where requests are manifestly unfounded or excessive, e.g. because of their repetitive character. In these circumstances we may charge a reasonable fee or may refuse to act on the request. We will advise you of any fees prior to proceeding with a request.

We may ask for additional information to verify your identity before carrying out a request.

Right

How you can exercise the right

Right to access and/or correct your personal information

You have the right to access personal information we hold about you, as well as to be provided with a copy of the information (in most circumstances). You also have the right to correct any information we may hold about you that is inaccurate.

Right to restrict use of your personal information

You have the right to ask us to restrict processing of your personal data where one of the following applies:

  • The processing is unlawful but you want us to restrict use of the data instead of deleting it;
  • Where you contest the accuracy of your personal data, the restriction will apply until we have verified the accuracy or corrected your personal data;
  • We no longer require the personal data for the purposes of processing, but you still require us to keep it in connection with a legal claim;
  • You have exercised your right to object to the processing. The restriction will apply until we have taken steps to verify whether we have compelling legitimate grounds to continue processing.

Right to request deletion of your personal information

You have the right to ask us to delete your personal information in most circumstances. Please note that if you want us to refrain from sending you marketing communications, the best way to ensure that is to allow us to retain your information with a “do not contact” tag so we know not to contact you in the future.  

There are also certain exceptions where we may refuse a request for erasure, for example, where the personal data is required to comply with a legal obligation or for the establishment, exercise or defense of legal claims.

Right to object to processing of your personal information

You may object to our use of your personal information for marketing purposes.

You may also object to processing of your personal data in cases where we have used legitimate interests as the basis for processing. In such cases, we will stop processing your personal data until we verify that we have compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms in asking us to stop processing the data, or in limited cases where we need to continue processing the data for the establishment, exercise, or defense of legal claims.

Right to data portability 

In most cases, you have the right to receive all personal data you have provided to us in a structured, commonly used, and machine-readable format and to transmit this data to another data controller, where technically feasible.

Right to lodge a complaint with a supervisory authority

If you object to our processing of your personal data, you have the right to complain to the data protection authority in the country where you reside, where you work, or where an alleged infringement of data protection laws has taken place.

4. INTERNATIONAL TRANSFERS

Gartner Digital Markets may transfer your personal information to other Gartner Inc. group companies or suppliers outside your home jurisdiction. We will take all reasonable steps to ensure that personal information is protected and any such transfers comply with applicable law.

We may transfer and maintain the personal information of individuals covered by this Policy on servers or databases outside the European Economic Area (EEA). Some of these countries may not have the equivalent level of protection under their data protection laws as in the EEA.

5. RETENTION PERIODS

We will retain your personal information for as long as required to perform the purposes for which the data was collected, depending on the legal basis for which that data was obtained and/or whether additional legal/regulatory obligations mandate that we retain your personal information.  We may also retain personal information for the period during which a claim may be made in relation to our dealings with you.  

In general terms, this will mean that your personal information will be kept for the duration of our relationship with you and:

  • the period required by tax and company laws and regulations; and
  • as long as it is necessary for you to be able to bring a claim against us and for us to be able to defend ourselves against any legal claims. This will generally be the length of the relationship plus the length of any applicable statutory limitation period under local laws. 

6. CHOICES ABOUT YOUR INFORMATION

We believe it is important to give you choices about the use of your Information. We will use your personal information as described in this Policy. If we want to use your information for a purpose not described in this Policy, we will first get your consent to do so.

Marketing Communications

We will respect your wishes not to receive marketing communications. You can change your marketing preferences by contacting us on the contact details above. Please note that we will continue to send you service-related communications regardless of any opt-out request. We will not sell or share your information with third parties (other than our subsidiaries or affiliates) for their own promotional or marketing purposes unless you give us consent to do so and where permitted by applicable law.

7. SECURITY

We have implemented administrative, technical, and physical security measures to help prevent unauthorized access. Despite these measures, no data transmission over the Internet can be entirely secure, and we cannot and do not guarantee or warrant the security of any information you transmit via our websites or apps. Please note that you are responsible for maintaining the security of your credentials used to access any Digital Markets service or account, and you must report suspected unauthorized activity to us.

We make efforts to restrict access to information to only those employees, contractors, and agents who need such access in order to operate, develop, improve, or deliver our programs, products, and services.

8. COOKIES AND SIMILAR TECHNOLOGIES

A cookie is a small text file which includes a unique identifier that is sent by a web server to the browser on your computer, mobile phone or any other internet enabled device when you visit an on-line site. Cookies and similar technologies are widely used to make websites work efficiently and to collect information about your online preferences.  For simplicity, we refer to all these technologies as “cookies”.

The Site contains electronic images known as web beacons (also known as clear gifs, tags or pixels) that allow us to count users who have visited our pages. Web beacons collect only limited information, e.g. a cookie number, time and date of a page view, and a description of the page on which the web beacon resides. We may also carry web beacons placed by third party advertisers. These beacons do not carry any information that could directly identify you.

More detailed information on how we use cookies and other web technologies can be found here.

9. MISCELLANEOUS

9.1 Links

We provide links to other websites or resources that are not part of the products, programs, or services run by Gartner Digital Markets. We do not control these websites or their privacy practices, and any information you provide to these sites is subject to the privacy notices of those sites and not this Policy.

9.2 Changes to this Policy

From time to time, we may change and/or update this Policy. If this Policy changes in any way, we will post an updated version on the Site. We recommend you regularly review the Site to ensure that you are always aware of our information practices and any changes to such. Any changes to this Policy will go into effect on posting to this page.

If you would like to access previous versions of this Policy please contact us on the contact details above or the click the link at the top of this Policy to view the archived versions.

10. CALIFORNIA PRIVACY RIGHTS & NOTICE OF COLLECTION

California law requires us to provide California residents with additional information regarding how we collect, use, and share your personal information.

Categories of personal information we collect. Throughout this Policy, we discuss in detail the specific pieces of information we collect from and about users. Below are the categories of personal information we collect:

  • Identifiers (such as name and title, contact details, and company name);
  • Internet or other network or device activity (such as browsing history or app usage);
  • Inference data about you; and
  • Other information that identifies or can be reasonably associated with you.

Use of categories of personal information. We may disclose the categories of personal information identified above for our operational purposes where the use is reasonably necessary and proportionate to achieve the operational purpose for which it was collected or processed, or for another compatible operational purpose.

Sale of Personal Information. Based on the definition of “sell” under the California law and under current regulatory guidance, we do not believe we engage in such activity and have not engaged in such activity in the past twelve months (including that we do not “sell” the personal information of minors under 16 years of age). We do share certain information as set forth in Sections 1 and 2 of this Policy, and allow third parties to collect certain information about your activity, for example through cookies, as explained in our Cookie Policy.

Individual Rights. California law may provide you with certain rights and permit you to request the following:

  • Provide you the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.
  • Provide access to and/or a copy of certain information we hold about you.
  • Delete certain information we have about you.

You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Services to you and for compliance with applicable law. If you ask us to delete certain information, you may no longer be able to access or use the Services.

If would like to exercise any of these rights, please email us at GDMPrivacy@gartner.com or send your written request to Data Protection Counsel, Americas, Gartner, 1201 Wilson Blvd., Arlington, VA. You will be required to verify your identify before we fulfill your request. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.

Subject to certain limits under California Civil Code § 1798.83, California residents may request certain information regarding our disclosure of information to third parties for their direct marketing purposes. To make such a request, please contact us as specified at the beginning of this Privacy Policy.

California Online Privacy Protection Act Notice Concerning Do Not Track Signals

Do Not Track ("DNT") is a privacy preference that users can set in certain web browsers. We do not recognize or respond to browser-related DNT signals, as the industry is currently working toward a common approach to responding to DNT. To learn more about Do Not Track, please click here.

10. NEVADA PRIVACY RIGHTS

Nevada law requires us to provide certain Nevada consumers the ability to opt out of the “sale” of “personally identifiable information” as such terms are defined under Nevada law. We do not engage in such activity; however, if you are a Nevada resident who has purchased goods or services from us, you may submit a request to opt out of any potential future sales under Nevada law by emailing GDMPrivacy@gartner.com. Once verified, we will maintain your request in the event our practices change.