Suffolk Libraries takes the safety of your personal information seriously. This notice explains why we collect your personal information, how we use it and keep it safe. It also explains your rights.
Under the Data Protection Act 2018 the Data Controller is Suffolk’s Libraries IPS Limited, Ipswich County Library, Northgate Street, Ipswich IP1 3DE, 01473 351249. The person responsible for data protection is our compliance manager Mike Ellwood: firstname.lastname@example.org, 07843642150.
What information does Suffolk Libraries collect?
We collect your name, address, date of birth, gender, phone number and email address and borrowing history. We also collect cookies when you use our website,
If you wish you may also subscribe to our electronic newsletter or your local library newsletter and you may unsubscribe at any time.
How does Suffolk Libraries collect it?
We only use the information you supply us with when you join the library and on your ID documentation. You can update it at any time by logging in to your account or contacting our staff.
Why does Suffolk Libraries need it?
We need to know who you are as you are making a contract with us to provide library services. We use it to contact you about your account, such as when a reservation has arrived for you, and to work out any charges owing.
We need your age as some categories of stock have age limits and children have a lower level of charges. Age and gender helps us check we are reaching all sections of our communities and where we need to develop new services to attract under-represented groups of users. We only collect the minimum amount of information we need to provide the service.
What happens to the data?
Your information is stored securely on our library management system which is operated on our behalf by Civica (our data processor). It is stored in the UK and will never be transferred out of the European Economic Area.
We do not pass your information on to third parties unless there is a serious reason to do so. It happens very rarely and is usually for the following reasons
- The detection and prevention of crime or fraudulent activity; or
- To protect a child or vulnerable adult who are thought to be at risk; or
- If there is a serious risk to the public or our staff.
We may occasionally release to a third party an anonymised copy of our borrower data with all the names, addresses and card numbers removed for analysis. This is to help us monitor our performance and improve our services.
While you wish to remain a member of the library we will keep your information and ask you from time to time to confirm if it is still correct. If you tell us you no longer wish to use the library we will remove your data from our system straightaway and delete it unless there are outstanding charges on your account. Otherwise, if your card has not been used for 2 years your information will be deleted.
How does Suffolk Libraries protect data?
Suffolk Libraries takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.
We train all our employees on their role and responsibilities of processing and protecting personal data. We have security provisions in place with our IT system provider to ensure personal data is secure, such as firewalls, anti-virus software and security profile settings.
As a data subject, you have a number of rights. You can:
- Access and obtain a copy of your data on request
- Require Suffolk Libraries to change incorrect or incomplete data
- Require Suffolk Libraries to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing
- Object to the processing of your data where Suffolk Libraries is relying on its legitimate interests as the legal ground for processing
- Ask Suffolk Libraries to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override Suffolk Libraries legitimate grounds for processing data.
If you would like to exercise any of these rights, contact our compliance manager at email@example.com
If you have a concern about the way we are collecting or using your personal data, we ask that you raise your concern with us in the first instance by contacting our compliance manager. Alternatively, you can contact the Information Commissioner’s Office.