The Library’s commitment to your privacy and confidentiality is based on the laws as well as the ethics and practices of librarianship. The courts have upheld the right to privacy based on the Bill of Rights of the U.S. Constitution. New York State law requires that we treat as confidential information about materials you check out and otherwise access at the Library or through its online sources (NY CPLR Section 4509). In addition, the American Library Association's Code of Ethics provides that: “We protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired, or transmitted.”
We publicly post and openly acknowledge the confidentiality and information-gathering policies of this Library.
INFORMATION COLLECTED BY THE LIBRARY
We collect information about you in three ways: directly from you, from automatically-collected network logs, and through cookies. We typically keep information only for so long as it is needed for the proper operation of the Library and in order to better deliver Library services to you. We may retain some information in backup storage systems, hard copy form, or as required by law. We collect different types of information from you depending on your chosen level of engagement with our Library services and the information needed in order to provide you with access to those services.
A. User-Provided Information
When you register for a user account for our Library services, we may ask you to share certain information with us. If you register with us, we offer you the opportunity to review and, when practical, to update, change or delete some information you have provided us. You can do this by logging into your registered user account or you can ask our staff to assist you by phone at 914-722-1300, or by emailing us at email@example.com,or by visiting the Library and speaking to our staff. If you deactivate your registered user account, you may not be able to continue using certain Library services that require registration. The following are examples of information that you might be asked to provide to us:
- Personal Information: any information that can personally identify you, such as your name, physical address, email address, phone number, Library barcode, payment information, and other similar information.
- Residency Verification: information such as driver’s license, other government-issued identification, and utility bills containing a postal address.
- Login Credentials: includes username, password, and a set of personal questions about you and are provided as part of the process to create an online user account which allows you to view your Library records at any time by logging into your account.
- Library Record: contains your Personal Information related to your personal use of circulating and non-circulating Library materials, including but not limited to computer database searches, interlibrary-loan transactions, reference queries, e-mails, faxes, requests for photocopies of Library materials, title reserve requests, and the use of audio-visual materials such as films and music.
We are committed to keeping such information, outlined in all the examples above, only as long as needed in order to provide Library services.
B. Information Library Automatically Collects.
When you use our Library services, such as our website and mobile applications, our computer servers automatically capture and save information electronically about your usage of our Library services. Examples of information that we may collect include:
- Your Internet Protocol (IP) address
- Your location
- Kind of web browser or electronic device that you use
- Date and time of your visit
- Website that you visited immediately before arriving at our website
- Pages that you viewed on our website
- Certain searches/queries that you conducted
If you are using a Library device, we may also record your Library barcode, time and length of your session, and the websites that you visited. If you are using our public Wi-Fi network, we may, in addition, also collect the MAC address and name of your Wi-Fi device.
A cookie is a small data file sent from your web browser to a web server and stored on your electronic device’s hard drive. They are generated by websites to provide users with a personalized and often simplified online experience. You have the option of disabling such cookies if you choose not to allow their use. If you prefer, you can usually remove or reject browser cookies through the settings on your browser or device. Most web browsers are set to accept cookies by default. Keep in mind, though, that removing or rejecting cookies could affect the availability and functionality of our Library services.
You should be aware that information collected about you through any of the above means may be de-identified and aggregated with information collected about other users or visitors. This de-identified and aggregated information cannot reasonably be used to identify you. This information helps us to administer services, analyze usage, provide security and identify new users of our Library services. In addition, it helps us to improve your user experience.
Closed Circuit Television (CCTV) Recordings: The Library employs CCTV to ensure the physical security of the Library facility, staff and patrons. By visiting the library, you consent to such recordings as per our Digital Surveillance Policy.
HOW PERSONALLY IDENTIFIABLE INFORMATION IS USED
By registering for Library services, you agree to give the Library personally identifiable information in order to establish your account with the Library, manage your use of Library services and enable communication by the Library and its affiliates with you. Your use of Library materials, programs and services may imply additional consent.
We use your Library account to enable and manage your borrowing privileges and your access to specific services, such as use of onsite public computers or use of certain electronic resources.
We use your contact information:
- To communicate with you regarding your account;
- To notify you about programs, activities and services of the Library or its affiliates;
- To provide you with services you have elected to receive, such as access to a workshop, optional email notifications and services you have requested.
We share your information in the following ways with third-parties:
- When You Share Content with the Scarsdale Public Library Community. If you choose to share content through our online services, the Shared Content may be publicly accessible. If you do not want to share content publicly, you can use your privacy settings to limit sharing. You may delete some content that you shared, but some interactive shared content may persist in association with your registered user account, even after your account is terminated. Therefore, you should keep this in mind when participating in shared content activity through our Library services.
- Library Affiliates. We may share your contact information with Library affiliates including, but not limited to the Friends of the Scarsdale Library.
- Legal Requests. Sometimes the law requires us to share your information, such as if we receive a valid subpoena, warrant, or court order. We may share your information if our careful review leads us to believe that the law, including state privacy law applicable to Library Records, requires us to do so.
We do not sell, license or disclose personal information to any other third party without your consent, unless we are compelled to do so under the law or to comply with a court order.
ACCESS BY USERS
You are required to provide current and valid contact information in order to maintain an active account with the Library.
DATA INTEGRITY & SECURITY
- Data Integrity: The data we collect and maintain at the Library must be accurate and secure. We take reasonable steps to ensure data integrity, using only reputable sources of data and updating data whenever possible.
- Data Retention: We protect personally identifiable information from unauthorized disclosure. Records are moved to secure off-line storage once they are no longer needed to manage Library services.
- Tracking Users: We do not ask Library visitors or Website users for personally identifiable information such as Library account number unless they are borrowing materials, requesting certain services, using Library computers or network resources, registering for programs or classes, or making remote use from outside the Library of those portions of the Library's Website restricted to registered borrowers.
- Third Party Security: We make every effort to ensure that all of the Library's contracts, licenses, and offsite computer service arrangements reflect our policies and legal obligations concerning user privacy and confidentiality. Should a third party require access to our users' personally identifiable information, our agreements appropriately address the use, aggregation, dissemination, and sale of that information. When facilitating connections to licensed databases maintained outside the Library by third parties, we only permit third parties to access information that authenticates users as having valid accounts at the Scarsdale Public Library. The Library is not responsible for the privacy practices, security or content of any external Websites to which it has provided links. It is the responsibility of users to familiarize themselves with the privacy and security information of any sites they visit.
- Security Measures: Our security measures consist of both managerial and technical policies and procedures to protect against loss and the unauthorized access, destruction, use or disclosure of data. Our managerial measures include internal organizational procedures that limit access to data and ensure that those individuals with access do not utilize the data for unauthorized purposes. Our technical security measures are designed to prevent unauthorized access including limits on access through use of passwords and storage of data on secure servers or computers that are inaccessible from a modem or network connection.
- Staff access to personal data: We permit only authorized Library staff with assigned confidential passwords to access personal data stored in the Library's computer system for the purpose of performing Library work.
- Disclaimer: The Library uses standard systems and communication methods beyond its direct control, and no guarantee can be made that transactions over the Internet or the local network, by mail or e-mail, by telephone or at a public service desk are infallibly secure and confidential. While utmost care is exercised to protect Library systems and servers from unauthorized access, no guarantee can be made that personal information is invulnerable.
HOW DOES THE LIBRARY COLLECT AND SHARE CHILDREN’S INFORMATION?
The Children’s Online Privacy Protection Act (COPPA) regulates online collection of information from children under the age of 13. If you are under the age of 13, you may not be allowed to use our online services without your parent’s or guardian’s permission, especially when your personal information may be collected. Parents and guardians of children under the age of 13 may view their children’s Library Records. Parents and guardians of children between the ages of 13 and 17 (inclusive) may also view their children’s Library Records, but require their children’s consent. We may partner with third-party services to provide educational content for children. Parents and guardians should review those services’ privacy policies before permitting their children to use them. Parents and guardians may also need to sign additional consent forms for the collection of information about their children before they gain access to optional programs and services, such as our enrolled programs.
HOW DO YOU MANAGE INFORMATION THAT THE LIBRARY HAS COLLECTED ABOUT YOU?
You can manage most information within your registered user account or you can ask Library staff to assist you online, by phone, by email, or by visiting the Library and speaking to a staff member. Our information storage systems are configured in a way that helps us to protect information from accidental or malicious destruction. To that purpose, the information we collect is also saved in backup storage systems. Therefore, any update, change or deletion you make to your information or preferences may not immediately be reflected in all copies of the information we have and may not be removed from our backup storage systems until overwritten.
ENFORCEMENT & REDRESS
The Library only uses and shares personal information as described above. Library users who have questions, concerns, or complaints about the Library's handing of their privacy and confidentiality rights may file written comments with the Library Director. We respond to these in a timely manner, and may conduct a privacy investigation or review of policy and procedures as a result of such an inquiry.
The Library Director or their designee is solely authorized to receive and comply with requests from law enforcement officers. Library staff and volunteers are required to refer any law enforcement inquiries to the Library Director or their designee.
Approved by the Scarsdale Public Library Board of Trustees July 2020