Harrow libraries GDPR privacy notice
Our GDPR privacy notice explains the data we collect. It helps to outline how we deliver library services to you. It explains why we process personal information.
It says who we may share it with and how we use it to deliver library services.
Harrow library services privacy notice
Why we collect your information
For the delivery of our library services you need to register as a member. This gives you access to:
- all library stock in Harrow and The Library Consortium.
- access to computers
- printing and scanning services
- library events and activities.
We collect the following information
Library members details including:
- Name
- Address
- Phone number
- Date of birth
- Parent/guardian details
- Payment details including payments that are outstanding.
Optional:
- Monitoring information
- Agreement to receive marketing information
This information is only used for the intended purpose. However if we intend to use it for any other purpose we will ask you first. In some cases, we may use your information for another purpose if:
- we have a legal duty to do so,
- to provide a complete service to you
- to prevent and detect fraud
- or if there is a risk of serious harm or threat to life.
We also use your details to:
- manage borrowed stock,
- contact you about items that you have reserved,
- and the return of overdue items.
How we collect your information
We collect your information when you register as a member in person. You can also register online. You can collect your card on your first library visit.
Who the information is shared with
Member information is shared with members of The Libraries Consortium (TLC).
We may need to share information between Council departments and services. We may also need to share information with other organisations such as:
- our partners
- third party contractors
- government bodies
- the police
- health and social care organisations
- housing associations
- landlords
- educational establishments.
We will only share information with these groups. We will only do so if it is legal.
How long do we keep your information?
We keep records on the library database. They are kept while you are an active library user. Accounts and records are deleted after 2 years of inactivity. If there are loans or money owed in your account, this is extended to 10 years.
Your rights and access to your information
You have the right to request a copy of the information that we hold about you. The new GDPR also gives you more rights about the information we hold about you and how we use it. This includes the right to:
- Withdraw consent and the right restrict further processing of your data. This might affect service delivery to you.
- Request to have your data deleted if there's no good reason to keep it and there are no valid grounds for keeping it.
- Request your data to be rectified if it is inaccurate or incomplete
- Transfer or copy your data if you move to another authority.
To make a request please submit a Subject Access Request.
If you would like to know more about the information we hold about you, email: dpo@harrow.gov.uk.
You have a right to complain to us if you think we have not followed our duty for handling your personal information. You can do so on our compliments and complaints page.