NLS Privacy Policy for ILS Usage

1. Background
As per the American Library Association Code of Ethics, the Nassau Library System (NLS) works to “protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired, or transmitted”.

This policy documents NLS’s commitment to protecting the privacy of the records of all of the users of its ILS (Integrated Library System) and Associated Services, and describes its efforts to guarantee this privacy in partnership with its independent and autonomous member libraries.

“NLS ILS and Associated Services” refers to a specific suite of software and tools that assist its participating member libraries to more efficiently circulate and exchange library materials, manage patron records, collect and report circulation and other statistics, and send notices to library cardholders. This suite of software and tools also facilitates user authentication for third-party services and technical support.

2. Relevant Law
New York State Law§4509 provides that library records, which contain names or other personally identifying details regarding the users of public, free association, school, college and university libraries and library systems of this state, including but not limited to records related to the circulation of library materials, computer database searches, interlibrary loan transactions, reference queries, requests for photocopies of library materials, title reserve requests, or the use of audio-visual materials, films or records, shall be confidential and shall not be disclosed except that such records may be disclosed to the extent necessary for the proper operation of such library and shall be disclosed upon request or consent of the user or pursuant to subpoena, court order or where otherwise required by statute.

NLS and its member libraries must also comply with the Foreign Intelligence Surveillance Act, 50 U.S.C. 1861, as amended by the USA PATRIOT Act (Public Law 107-56), which states that personal information is to be released pursuant to a court order that has been received by NLS and reviewed for legitimacy by NLS legal counsel. If such an instance occurs, NLS and the user’s home library will be obligated to release the information and not apprise such individual(s) that such a request has been received or that such information has been disclosed.

3. What Information about Users of our ILS does NLS Collect?
NLS collects information that is obtained by our member libraries and entered directly into our online catalog from automatically-collected network logs and through cookies. NLS typically keeps information only for so long as it is needed for the proper operation of the ILS and associated services, and in order to better deliver library services to ILS users. NLS may retain some information in backup storage systems, hard copy form, or as required by law.

These are examples of content that may be collected or provided to NLS by member libraries:

• Personal Information: any information that can personally identify individual ILS users, such as a user’s name, physical address, email address, phone number, Library barcode, payment information, and other similar information.
• Library Record: contains information related to an individual’s personal use of circulating and non-circulating library materials, including those returned late or damaged.

The following are examples of content that may be collected by network logs or through cookies:

• An ILS user’s Internet Protocol (IP) address
• The kind of web browser or electronic device an ILS user is using
• The date and time of each use of the ILS use
• The website that an ILS user visited immediately before accessing our website or online catalog
• Pages that an ILS user views on our website

ILS users should be aware that information collected about them via any of the above means may be de-identified and aggregated with information collected about other users. This aggregated information is analyzed and cannot be used to reasonably identify individuals. This information helps NLS to administer services, analyze usage, provide security and identify new users of NLS-ILS library services. In addition, it helps NLS to improve users’ experience.

4. How does NLS use the information collected?
It is the policy of NLS to keep the personal information of ILS users only when necessary for the effective operation of library, ILS, and associated services and to better deliver these services to ILS users.

The email addresses of ILS users who provide them to their home library are maintained in the ILS for the express limited purpose of NLS member libraries’ and/or NLS’ legitimate communication with individual borrowers about library business. Borrowers may at any time remove, or request removal, of email addresses in their patron records.

As a convenience, the ILS offers features including, but not limited to, borrower reading history lists, and lists of materials of interest to an individual borrower. Use of such features is entirely voluntary and may be initiated or terminated at any time by a borrower. Unless required by subpoena, court order, or otherwise required by statue, no staff member can access the past borrowing history of any items returned on time and in good condition. Staff may view items currently on a patron’s record, or any items that have been lost, returned late, or returned damaged.

NLS uses cookies to collect information about ILS users’ activity, browser, and device in order to provide users some library services. Cookies help users navigate NLS’ website. Cookies also allow NLS to save users’ preferences, so that they do not have to reenter this information each time they use some library services. These cookies, sometimes called, session cookies, are a necessary part of the internet and allow individuals to remain logged in to secure websites. Despite the usefulness of these cookies, users have the option of disabling them by changing a setting on their web browser.

Personal information stored in a user’s library record is removed when that user’s patron record is deleted. When such a record is removed, all personally identifying data associated with that individual is purged. NLS works with its member libraries to encourage the timely identification and removal of the patron records of individuals who are no longer actively using library services.

5. Third Parties
NLS uses third-party library service providers and technologies to help deliver some services to library users. If and when a library user chooses to use such services, NLS may share users’ information with these third parties, but only as necessary for them to effectively provide their services to NLS.

NLS may also display links to third-party services or content. By following links, a library user may be providing information (including, but not limited to personal information) directly to a third party, to NLS or to both. NLS is not responsible for how those third parties collect or use such information. Third parties must either agree to adhere to strict confidentiality obligations in a way that is consistent with this Privacy Policy and the agreements NLS enters into with them or NLS requires them to post their own privacy policy. NLS encourages library users to review the privacy policies of every third-party website or service that they visit or use, including those third parties with whom they interact with through NLS library services.

6. Policy Review
This policy shall be reviewed by the NLS Board of Trustees yearly or sooner if conditions warrant, and may be amended, as necessary.

Adopted by the NLS Board of Trustee: August 27, 2018
Last Reviewed by the NLS Board of Trustees: August 27, 2018