Commit | Line | Data |
---|---|---|
5afbd760 | 1 | <?xml version="1.0" encoding="utf-8"?>\r |
ae8b9281 RJ |
2 | <chapter xml:id="policy-privacy" xmlns="http://docbook.org/ns/docbook" version="5.0" xml:lang="EN"\r |
3 | xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xlink="http://www.w3.org/1999/xlink">\r | |
4 | \r | |
5 | <info><title>Privacy Policy</title></info> \r | |
6 | \r | |
7 | <para><emphasis role="bold">Approved by the Interim Board of Directors, BC Libraries Cooperative <?linebreak?>September 16, 2009</emphasis></para>\r | |
8 | \r | |
9 | \r | |
10 | \r | |
11 | <section xml:id="policy-privacy-short"> <info>\r | |
12 | \r | |
13 | <title>Short Version</title>\r | |
14 | \r | |
15 | \r | |
16 | </info>\r | |
17 | \r | |
18 | <para>All library users have a right to privacy and confidentiality when using Member library public\r | |
19 | access catalogues (PAC’s) or when interacting with Member library staff in their operation of\r | |
20 | Sitka’s Integrated Library System (ILS).</para>\r | |
21 | \r | |
22 | \r | |
23 | <para>Personal information is collected by Member libraries under the authority of the Library Act and\r | |
24 | section 26 of the Freedom of Information and Protection of Privacy Act (FOIPPA). This includes\r | |
25 | information related to registration, such as name, address, phone number, and circulation\r | |
26 | records, including information that identifies materials checked out by a patron. It includes any\r | |
27 | library record about an identifiable patron or individual.</para>\r | |
28 | \r | |
29 | \r | |
30 | <para>When a library user visits the library's PAC, the IP address of the computer or internet\r | |
31 | provider and related site visit information may be collected. This information is only used\r | |
32 | in statistical (non-personal) form to help make improvements to the website.</para>\r | |
33 | \r | |
34 | \r | |
35 | <para>Member libraries do not sell or rent personal information. Personal information is disclosed\r | |
36 | only in accordance with FOIPPA.</para>\r | |
37 | \r | |
38 | \r | |
39 | <para> The Member library will retain a link between the patron record and items returned for a\r | |
40 | reasonable period of time to ensure returned items are complete and in good condition.\r | |
41 | The library may store other personal information in the patron database but only where\r | |
42 | required. This may include answers to patron questions and logs that monitor use and\r | |
43 | possible abuse of the library borrowing policy or for related operational and statistical\r | |
44 | needs.</para>\r | |
45 | \r | |
46 | <para>Member libraries will make all reasonable efforts to:</para>\r | |
47 | \r | |
48 | <itemizedlist><listitem><para>minimize the amount of personal information collected and stored,</para></listitem>\r | |
49 | <listitem><para>render it anonymous where feasible,</para></listitem>\r | |
50 | <listitem><para> retain it for the minimum time necessary,</para></listitem>\r | |
51 | <listitem><para>protect it from unauthorized access, use or disclosure, and</para></listitem>\r | |
52 | <listitem><para>destroy it securely when no longer needed.</para></listitem>\r | |
53 | </itemizedlist>\r | |
54 | \r | |
55 | <para>Personal information relating to a library user may only be used by library employees\r | |
56 | working within the scope of their duties on a need-to-know basis.</para>\r | |
57 | \r | |
58 | \r | |
59 | <para>In accordance with the FIOPPA, Member libraries may disclose minimum relevant\r | |
60 | information to companies acting on the library's behalf such as for the collection of library\r | |
61 | property, unpaid fees, fines or other charges.</para>\r | |
62 | \r | |
63 | \r | |
64 | <para>These same standards for protection of privacy apply to the staff as users of Member\r | |
65 | libraries. For more information about the collection, use or disclosure of personal\r | |
66 | information, see <link linkend="policy-privacy-detailed">Detailed Privacy Information</link> or contact your library’s FOI/Privacy Officer.</para>\r | |
67 | \r | |
68 | </section>\r | |
69 | \r | |
70 | <section xml:id="policy-privacy-detailed"><info>\r | |
71 | \r | |
72 | <title>Detailed Version</title>\r | |
73 | \r | |
74 | </info>\r | |
75 | \r | |
76 | <simplesect>\r | |
77 | <title>1. Our Commitment to Privacy</title>\r | |
78 | <para>Sitka <link\r | |
5afbd760 | 79 | xlink:href="http://bc.libraries.coop/our-members/"\r |
ae8b9281 RJ |
80 | xlink:title="Sitka member libraries">Member libraries</link> are committed to\r |
81 | protecting your privacy. Any personal information collected, used or disclosed by Member\r | |
82 | libraries is in accordance with the <emphasis>Freedom of Information and Protection of\r | |
83 | Privacy Act</emphasis> (FOIPPA). This Privacy Policy is designed to assist you in\r | |
84 | understanding how Member libraries collect, use and safeguard the information you\r | |
85 | provide and to assist you in making informed decisions when using Member libraries and\r | |
86 | their web sites.</para>\r | |
87 | </simplesect>\r | |
88 | \r | |
89 | <simplesect>\r | |
90 | <title>2. What is Personal Information</title>\r | |
91 | <para>Personal information is defined by FOIPPA as information about an identifiable person.\r | |
92 | Examples include, but are not limited to: name, age, home address, phone number, email\r | |
93 | address, IP address (a computer’s address), identification numbers, reading choices and\r | |
94 | age. The definition does not include work contact information, which is information that\r | |
95 | would allow a person to be contacted at a place of business, such as the person’s name,\r | |
96 | title, business address, business phone number, and business email address.</para>\r | |
97 | </simplesect>\r | |
98 | \r | |
99 | <simplesect>\r | |
100 | <title>3. Collection of personal information</title>\r | |
101 | <para>When collecting personal information from you, Member libraries will advise you of the\r | |
102 | purpose for collecting it and the legal authority for doing so. They will also provide\r | |
103 | you with contact information of the library’s FOI/Privacy Officer, who can answer your\r | |
104 | questions regarding the collection.</para>\r | |
105 | \r | |
106 | <para>The following are some example of purposes for which the Library may collect your\r | |
107 | personal information:</para>\r | |
108 | \r | |
109 | <itemizedlist>\r | |
110 | <listitem>\r | |
111 | <para>issuing library cards;</para>\r | |
112 | </listitem>\r | |
113 | <listitem>\r | |
114 | <para>identifying materials currently on loan;</para>\r | |
115 | </listitem>\r | |
116 | <listitem>\r | |
117 | <para>placing and tracking interlibrary loans;</para>\r | |
118 | </listitem>\r | |
119 | <listitem>\r | |
120 | <para>identifying and recording overdue materials;</para>\r | |
121 | </listitem>\r | |
122 | <listitem>\r | |
123 | <para>placing and tracking materials on hold;</para>\r | |
124 | </listitem>\r | |
125 | <listitem>\r | |
126 | <para>providing answers to reference questions;</para>\r | |
127 | </listitem>\r | |
128 | <listitem>\r | |
129 | <para>faxing materials;</para>\r | |
130 | </listitem>\r | |
131 | <listitem>\r | |
132 | <para>providing information about library programs and services;</para>\r | |
133 | </listitem>\r | |
134 | <listitem>\r | |
135 | <para>providing Home Service for patrons with special needs;</para>\r | |
136 | </listitem>\r | |
137 | <listitem>\r | |
138 | <para>recording book suggestions;</para>\r | |
139 | </listitem>\r | |
140 | <listitem>\r | |
141 | <para>recording comments or suggestions;</para>\r | |
142 | </listitem>\r | |
143 | <listitem>\r | |
144 | <para>general library operations, and</para>\r | |
145 | </listitem>\r | |
146 | <listitem>\r | |
147 | <para>library fundraising</para>\r | |
148 | </listitem>\r | |
149 | \r | |
150 | \r | |
151 | </itemizedlist>\r | |
152 | \r | |
153 | <para>Patrons who do not wish to be contacted about library services and programs or for\r | |
154 | fundraising purposes may choose to opt-out.</para>\r | |
155 | \r | |
156 | </simplesect>\r | |
157 | \r | |
158 | <simplesect>\r | |
159 | <title>7. How personal information is used</title>\r | |
160 | <para>Member libraries will only use your personal information for the purposes for which it\r | |
161 | was originally collected or in a manner that is consistent with those purposes. Member\r | |
162 | libraries will only use your personal information for another purpose if you explicitly\r | |
163 | consent to the new purpose, or use is authorized under FOIPPA or is otherwise required\r | |
164 | by law.</para>\r | |
165 | </simplesect>\r | |
166 | \r | |
167 | <simplesect>\r | |
168 | <title>8. Disclosure of personal information</title>\r | |
169 | <para>Member libraries do not sell or rent personal information. Personal information is\r | |
170 | disclosed only in accordance with FOIPPA or as otherwise required by law.</para>\r | |
171 | <para>Where other organizations require personal information in order to provide services on\r | |
172 | behalf of a Member library, care is taken to ensure that these organizations treat the\r | |
173 | personal information in strict compliance with FOIPPA and the library’s privacy\r | |
174 | policies.</para>\r | |
175 | <para>Examples of where personal information may be disclosed include:</para>\r | |
176 | <itemizedlist>\r | |
177 | <listitem>\r | |
178 | <para>when a patron explicitly consents to the disclosure;</para>\r | |
179 | </listitem>\r | |
180 | <listitem>\r | |
181 | <para>to a collection agency for the purpose of collecting a debt owed to the\r | |
182 | Library;</para>\r | |
183 | </listitem>\r | |
184 | <listitem>\r | |
185 | <para>for law enforcement purposes, such as where required by a subpoena, warrant or\r | |
186 | other order;</para>\r | |
187 | </listitem>\r | |
188 | <listitem>\r | |
189 | <para>where there are compelling health and safety concerns, or</para>\r | |
190 | </listitem>\r | |
191 | <listitem>\r | |
192 | <para>to contact a person’s next of kin if that person is injured, becomes ill or\r | |
193 | dies while visiting the library.</para>\r | |
194 | </listitem>\r | |
195 | </itemizedlist>\r | |
196 | \r | |
197 | </simplesect>\r | |
198 | \r | |
199 | <simplesect>\r | |
200 | <title>9. Disclosure of personal information to another Member library</title>\r | |
201 | <para>Member libraries offer many common or integrated programs and services, and provide\r | |
202 | them on a collective basis. If your home library is a Member library, you can obtain\r | |
203 | services at any Member library. When you present your library card at a Member library\r | |
204 | other than your home library, you will be asked if you consent to the new library\r | |
205 | obtaining your personal information from your home library for the purposes of providing\r | |
206 | you with services. In order to obtain services at a library other than your home\r | |
207 | library, you will need to provide your consent for this sharing of information. While\r | |
208 | the FOIPPA provides that this information can be shared without your consent, Member\r | |
209 | libraries are committed to the higher standard of informed consent.</para>\r | |
210 | </simplesect>\r | |
211 | \r | |
212 | <simplesect>\r | |
213 | <title>10. How personal information is kept secure</title>\r | |
214 | <para>Member libraries use reasonable security measures to protect personal information in\r | |
215 | all forms against risks such as unauthorized collection, access, use, disclosure or\r | |
216 | disposal.</para>\r | |
217 | <para>Security measures include physical, technological and operational safeguards that are\r | |
218 | appropriate to the nature and format of the personal information.</para>\r | |
219 | <para>Technological security measures protect personal information once it reaches Member\r | |
220 | computer hardware. However; security cannot protect information while it is in transit\r | |
221 | over the internet unless the information is collected by a secure online web form.\r | |
222 | Information sent in email messages is not secure. You are encouraged to consider this\r | |
223 | when sending personal information via email.</para>\r | |
224 | </simplesect>\r | |
225 | \r | |
226 | <simplesect>\r | |
227 | <title>12. Retention of personal information</title>\r | |
228 | <para>The length of time Member libraries keep your personal information depends on the\r | |
229 | purpose for which the information was collected.</para>\r | |
230 | <para>If the library uses your personal information to make a decision that affects you,\r | |
231 | they must keep that information for at least one year so that you have an opportunity to\r | |
232 | access it. Otherwise, the library will keep personal information only for the length of\r | |
233 | time necessary to fulfill the purposes for which it was collected. Personal information\r | |
234 | is securely destroyed when it is no longer needed.</para>\r | |
235 | \r | |
236 | </simplesect>\r | |
237 | \r | |
238 | <simplesect>\r | |
239 | <title>13. Accuracy of personal information</title>\r | |
240 | <para>Member libraries endeavor to ensure personal information is as accurate, complete and\r | |
241 | up-to-date as possible.</para>\r | |
242 | \r | |
243 | \r | |
244 | </simplesect>\r | |
245 | \r | |
246 | <simplesect>\r | |
247 | <title>14. How to access or correct your personal information</title>\r | |
248 | <para>You have a right to request access to your personal information held by Member\r | |
249 | libraries. To do so, submit a written request to your library’s FOI/Privacy Officer\r | |
250 | (contact information available at your Member library). Your request should provide\r | |
251 | enough detail to enable a library employee to find your personal information such as the\r | |
252 | personal information you provided with your library card application.</para>\r | |
253 | <para>You also have a right to request that your personal information as recorded by the\r | |
254 | Member library be corrected if you believe it is incorrect. You may do so by submitting\r | |
255 | your request in writing to the FOI/Privacy Officer (contact information available at\r | |
256 | your Member library).</para>\r | |
257 | </simplesect>\r | |
258 | \r | |
259 | <simplesect>\r | |
260 | <title>15. Children's personal information</title>\r | |
261 | <para>The FOIPPA does not distinguish between children’s and adults’ informational rights.\r | |
262 | However, where a person is too young or otherwise incapable of exercising their rights\r | |
263 | under the FOIPPA, the parent or guardian may do so on their behalf.</para>\r | |
264 | <para>Member library policy provides that children 12 years and older are generally capable\r | |
265 | of exercising their own informational rights under the FOIPPA. However, the library may\r | |
266 | treat on a case-by-case basis a situation where a child or parent/guardian does not\r | |
267 | believe the guideline age is appropriate in their circumstances.</para>\r | |
268 | </simplesect>\r | |
269 | \r | |
270 | <simplesect>\r | |
271 | <title>16. Family members' personal information</title>\r | |
272 | <para>Some libraries offer “group” notices to families. In such a case, information such as\r | |
273 | items borrowed, fines owed, etc., for multiple family members are sent to a single\r | |
274 | person in the household, or “head of the household. This constitutes a disclosure of the\r | |
275 | other household members’ personal information and Member libraries will only provide\r | |
276 | information in this way if the patrons whose information is to be disclosed provide\r | |
277 | their written consent. This includes the consent of children 12 years of age and\r | |
278 | older.</para>\r | |
279 | </simplesect>\r | |
280 | \r | |
281 | <simplesect>\r | |
282 | <title>17. Changes to this Privacy Policy</title>\r | |
283 | <para>Member libraries’ practices and policies are reviewed from time to time and this\r | |
284 | policy may be updated to reflect necessary changes.</para>\r | |
285 | </simplesect>\r | |
286 | \r | |
287 | <simplesect>\r | |
288 | <title>18. Who to contact about Member library privacy policies</title>\r | |
289 | <para>If you have any questions or concerns about this policy or how Member libraries treat\r | |
290 | your personal information, you may contact the FOI/Privacy Officer for your <link\r | |
5afbd760 | 291 | xlink:href="http://bc.libraries.coop/our-members/"\r |
ae8b9281 RJ |
292 | xlink:title="Sitka member libraries">Member library</link> or the <link\r |
293 | xlink:href="http://cooperative.bclibraries.ca/contact"\r | |
294 | xlink:title="Contact BC Libraries Cooperative">Manager, Privacy & Security,\r | |
295 | BC Libraries Cooperative</link>.</para>\r | |
296 | <para>If you are not satisfied with how your personal information is being handled by a Member\r | |
297 | library, you have the right to complain to the Information and Privacy Commissioner.</para>\r | |
298 | \r | |
299 | <para>You may contact the Information and Privacy Commissioner at:</para>\r | |
300 | <para>Office of the Information and Privacy Commissioner <?linebreak?>for British Columbia <?linebreak?>PO Box 9038, Stn. Prov. Govt. <?linebreak?>Victoria, B.C. V8W 9A4 <?linebreak?>Tel: 250.387.5629 (Victoria) <?linebreak?>Toll free: Call Enquiry B.C. at 604.660.2421 (Vancouver) or 1.800.663.7367 (elsewhere in B.C.) and request a transfer to 250.387.5629. <?linebreak?>Email: <link xlink:href="mailto:info@oipc.bc.ca" xlink:title="info@oipc.bc.ca">info@oipc.bc.ca</link> <?linebreak?>Website: <link xlink:href="http://www.oipc.bc.ca" xlink:title="www.oipc.bc.ca">www.oipc.bc.ca</link>\r | |
301 | </para>\r | |
302 | \r | |
303 | \r | |
304 | \r | |
305 | \r | |
306 | </simplesect>\r | |
307 | \r | |
308 | </section>\r | |
309 | \r | |
310 | \r | |
311 | \r | |
312 | </chapter>\r |