PRIVACY POLICY

Purpose/Objective

Elliot Lake Public Library (ELPL) is committed to protecting the privacy of information given by individual wishing to use the
services of the library. The Library collects this information in accordance with the Municipal Freedom of Information and Protection of Privacy Act(MFIPPA)R.S.O. 1990, Chapter M. 56 and under the authority of the Public Libraries Act, R.S.O., 1990, Chapter P. 44 in order to conduct library operations.

Content

Information Collected

ELPL collects the following information when registering a new user:

  • Name
  • Address
  • Telephone number
  • Name of guardian
  • Email (optional)
  • Date of birth (optional)

Reasons for Collecting Information

Personal information is collected and used by internal staff for the purpose of providing library services including, but not limited to, the following:

  • Access to library materials and services
  • Customer notification about materials, services, fines, fees, events, fundraising and other Library initiatives
  • Program registration
  • Computer use and bookings
  • Automated telephone system
  • Electronic newsletters and marketing of library resources and services
  • Electronic communication including but not limited to email receipts, alerts for holds, due dates, fines, fees or outstanding library materials
  • Library fundraising
  • Non-identifying statistical purposes
  • Fraud prevention or abuse of library services
  • Information about a public meeting space booked for a specific individual
  • Information about when an individual booked a public computer and Internet search history

ELPL engages various third-party digital services for Library users (e.g. interlibrary loan, downloadable media and electronic databases). Information collected by third parties is stored on servers outside the control of the Library.

ELPL collects images and video clips through security cameras. Images are only used to ensure the security and safety of staff and customers using the Library.

The personal information may be given in any of three formats - in person, in writing, electronically - and this Privacy Policy covers all three circumstances

Information will only be used for the purpose for which it was collected, and will not be disclosed except with consent of the individual or as required by law.

Consent

Consent to collect personal information is provided by the customer or guardian in any one of the following scenarios:

  • Orally at the time of registration
  • Accepting and signing a ELPL card
  • Completing and submitting an application form
  • Completing and submitting an electronic form through the website
  • Signing a photograph or video release form

Individuals may choose to not provide all requested information. However, this may result in the Library not being able to provide the individual with all available services.

Parents or legal guardians must give consent for a child under the age of 16 to access library services.

Disclosure of Personal Information

ELPL has a responsibility to respect the privacy of individuals and the confidential nature of personal information. Staff may view and amend customer records as required to perform appropriate library functions. Staff are not permitted to view or amend records outside the scope of duties.

Personal Information may be provided to law enforcement officers by the CEO/Chief Librarian, or designate. Other Library Staff are not permitted to release personal information.

Personal information may only be disclosed if:

  • A subpoena or court order is presented, or an active law enforcement investigation is underway
  • An active child in need of protection investigation is being conducted by the Children's Aid Society
  • An adult patron gives written consent
  • A legal guardian for minor children (under the age of 16) gives written consent
  • Information is required to ensure the safety of Library Staff, to protect the Library property, or to enforce Library policy

Parents and legal guardians may request access to library records for children under the age of 16. Access to records may be provided after the identity of the parent/guardian is confirmed and the age of the child is established.

Staff who are registered as customers  of the Library have the same privacy and confidentiality rights as members of the public in relation to their activities as customers.

The Library may disclose information in accordance with the exemptions provided in section 32 of MFIPPA under compassionate circumstances, to facilitate contact with a spouse, a close relative or a friend of an individual who is injured, ill or deceased.

Retention of Information

Personal information is collected voluntarily and stored electronically in a central database. Personal information is used to create a borrower record. Borrower records allow the library to assign resources and services to an individual. Resources and service transactions remain on the database:

  • As long as circulation records indicate an item on loan
  • As long as fees or fines associated with library material or services remain unpaid
  • Indefinitely as a historical record of items lost, and material fees and fines paid

The Library will retain personal information related to items borrowed until December 31, 2018. A library user can voluntarily activate borrowing history through their "My Account" on the Library's Online Catalogue.

Customers may use email to contact Library staff. This communication will be stored in authorized Library Staff email accounts. Emails may be deleted by Library Staff at any time.

Personal records of all customers who have not used their cards in the previous 5 years and do not have outstanding fines are purged on an annual basis.

Temporary backup files of database transactions are created and saved on a daily, monthly and quarterly schedule by Ontario Library Service North. Files are saved for the purpose of restoring data in case of a system failure and are stored securely, and disposed of on a routine schedule.

All history and cache files which might identify how a person has to use a Library computer are erased when the computer is rebooted. Customers are encouraged to delete their browsing history and temporary Internet files at the end of each session so personal information is not accessible by subsequent users.

Library customers are responsible for deleting any personal information created and stored on electronic devices borrowed from the Library as well as any purchased content downloaded to electronic devices borrowed from ELPL.

Disposal

Paper records no longer needed to conduct Library business are shredded prior to disposal.

This policy may be revised at any time without notice, and shall be effective as of the date of revision.

Responsibility for Privacy

Elliot Lake Public Library Board is responsible for personal information under its control and designates the Chief Executive Officer (CEO) as the individual accountable for the Library's compliance with legislation. The CEO ensures that the policy with respect to collection, use and disclosure of information is followed.

All Elliot Lake Public Library employees will be made aware of the importance of maintain the confidentiality of personal information.

Any library user who feels their privacy has not been protected may challenge library practices with the CEO. A library user whose challenge, is not satisfied with the result, may appeal to the Library Board, maintain either the current policy has been violated or that the current policy needs to be changed in order to address a perceived issue.

A breach is any unauthorized or illegal collection, use, or disclosure of personal information. In the event of a breach, the CEO or designates will:

  • Contain the breach and repatriate the information
  • Assess the severity of the breach
  • Notify affected parties and the Information and Privacy Commissioner as required
  • Investigate the cause of the breach
  • Implement corrective actions