Privacy statement for people using library services

Newcastle City Council's Libraries and Community Hubs division provides the public library service in Newcastle upon Tyne. If you visit a library, use the Newcastle Libraries online catalogue, give us a ring or make a formal complaint – among many other examples – you will be using our service.

As library and information professionals we feel strongly about intellectual freedoms. We are committed to defending and promoting the right to access information, as well as freedom of expression and the right to privacy.

This privacy statement explains what personal information we collect about you when you use Newcastle Libraries, why we collect it and what we do with it once collected; allowing you to make informed decisions when using your libraries and library services.

What we mean by personal information

By personal information or personal data we mean any piece of information relating to you that either:

• identifies you directly, for example your name or your library card number;
• helps identify you when put together with other type of information, for example your age together with the name of your street.

Some of your personal information is classed as "sensitive" and is given further protection by the law. Sensitive personal information includes: your religion, your ethnic origin, your sexual orientation, information about your health.

Your right to data protection

Your right to the protection of your personal data is guaranteed by the United Kingdom Data Protection Act 2018 and General Data Protection Regulation (GDPR).

Newcastle City Council's Libraries and Community Hubs division set out why we collect your personal data and how it will be handled, as detailed in this statement. Should you need to contact us about our collection and processing of your personal data, we can be reached at information@newcastle.gov.uk or 0191 2774100.

The Data Protection Officer for Newcastle City Council can be reached at dataprotection@newcastle.gov.uk or by calling 0191 2116500.
You can find information about how Newcastle City Council as a whole handles your personal information in the Council's privacy notice.

More information on your rights

You have a right to be informed that your personal information is being used; this is why we have a privacy statement! Data protection laws guarantee you other specific rights regarding the personal data we hold about you.

Click on the links in this section to find out more from the Information Commissioner’s Office website. The Information Commissioner’s Office is the independent agency responsible for monitoring the correct application of data protection laws in the UK.

Your rights explained

• Right of access: you have the right to request from us information regarding whether we hold personal data about you. If we do, you have the right to obtain a copy of that data as well as information on why and how it is used.
• Right to rectification: you have the right to request from us that we update the personal data we hold about you where it is incorrect or incomplete.
• Right of erasure: you have the right to request that we delete the personal data we hold about you when it is no longer necessary for us to keep it. For example, you may request that we delete your details from our systems when you move away and will no longer be using any of Newcastle Libraries’ services.
• Right to limit how we use your data: you have the right to ask us to stop using your personal data until we have checked the information we hold about you is correct. This right also applies in cases where it is not necessary for us to use your information any more but there are reasons for not deleting it.
• Right to object: you have the right to object to us using your personal information.
• Right to data portability: you have the right to request a copy of your information in a machine-readable format.
• Right to withdraw consent (where applicable): if you have given us your permission to collect and store some of your personal information for a specific purpose, you have the right to change your mind and ask us to stop processing your information.
• Right to lodge a complaint with a supervisory authority: if you have raised a concern with us about how we process your personal information and you feel we have not responded in a satisfactory way, you have the right to lodge a complaint with the Information Commissioner’s Office.

Why we process your personal information

Newcastle City Council has an obligation to provide a public library service under the Public Libraries and Museums Act 1964. To comply with this obligation it is necessary for us to collect, store and use some of your personal information. For example, to be able to offer citizens the possibility of borrowing items it is necessary for us to process some personal information; we therefore require you to provide us your name, date of birth and postal address when you join the library.

Other legal obligations

The Public Libraries and Museums Act 1964 is just one of the laws under which we would have to process your personal information in order to fulfil a public task or a legal obligation.

Other pieces of legislation and regulations include, but are not limited to:

• Health and Safety at Work Act (1974);
• fire safety regulations;
• contract law;
• child protection law;
• adult safeguarding.

In the cases where using your personal information is not a necessity but an added service we will ask for your consent before we use your information.

More information on what we collect about you, why we collect it and what we do with it once collected is detailed in each of the different situations below.

Using the online catalogue

The catalogue allows you to search for resources and access your online account. The connection between you and the catalogue server is encrypted so that information sent between the two is kept secure.

We do not use analytics on our online catalogue. We do not collect any information about you, your device or your usage of this website.

Some of the features on this website such as our Eventbrite calendar and our Facebook and Twitter feeds function with third-party cookies which may collect information about you. To better protect your privacy, we advise you to regularly clear the cookies installed within your browser.

Using Newcastle Libraries buildings

City, Gosforth, High Heaton, Kenton and West End libraries are equipped with CCTV. The CCTV systems record and save images of what is happening in the building.

We use CCTV because we believe it is in our legitimate interest and the one of visitors to the library that our buildings are a safe environment for everyone. We use CCTV for the purposes of public safety and the prevention of disorder or crime in compliance with the Surveillance Camera Code of Practice issued under the Protection of Freedoms Act 2012.

The images are kept for up to 30 days then deleted.

Only Newcastle City Council’s security team and the Libraries’ team in charge of buildings have access to the CCTV systems. Security contractors are occasionally given access with our permission for maintenance purposes.
We would only share CCTV footage with the police if they make a specific request to view it. They can also request us to make a copy of the footage and hand it over to them; the request from the police has to state the reason why they want the footage and for which specific date and time.

Using wi-fi in libraries

The wi-fi in libraries is the Go Digital network provided by BT. When you use the wi-fi BT collects “information from cookies placed on your connected devices that we need so we can provide a service” (quote from BT’s privacy policy, which covers all the services BT provides including wi-fi). View BT’s cookie policy for details.

Joining Newcastle Libraries

To provide you with a library membership it is necessary for us to collect and store your full name, date of birth and postal address. A membership is individual; we use this personal information to confirm it is provided to you personally and that, for example, we do not confuse you with someone else of the same name. When you use our online membership form we require your email address; this is simply so we can get back to you about your request. If you do not wish to receive further membership notifications after your request has been fulfilled you can remove your email address from your membership details or ask us to do so.

We will ask for your consent to store and use other details. We find it useful to have your phone number in case we may need to contact you quickly, for example about a hold you placed. If you provide us with your email address we will send you automatic notices to tell you when your items are due back and when an item you reserved has arrived. If you give us permission to do so we will send you the Newcastle Libraries email newsletter.
We will ask if you would provide us with some sensitive personal information such as your ethnic origin or whether you have a disability. We would use this information for statistical purposes only, to better understand our membership and improve the service. Answers to these questions are entirely optional.

The information is stored encrypted in our library management system servers, hosted in the UK by our supplier PTFS Europe. Only our staff and some PTFS Europe staff have access to our database.

Your library membership expires every 12 months; when it is renewed we check your details with you. This is our way to ensure the information we hold about you is correct. If you do not renew your library membership within 12 months of it expiring we delete your membership and all the information we hold about you. The only times we would keep your information longer even though your membership has expired is if you have outstanding items or fines; in this case we would keep your information until the end of the financial year plus 6 years.

Borrowing items from Newcastle Libraries

When you borrow items from us we record the time, date, library and details of the item. We do the same when the item is returned. This is necessary for us to manage our collections and the lending process.
We keep this information – called your circulation history – for 12 months. After 12 months it is anonymised: we keep the information about the item having been borrowed but we do not know by whom.
We keep the circulation history for 12 months before anonymising it to allow library members who use our home delivery service to benefit from an efficient service. We choose items for housebound members before dispatch; we need to know what items those users have had recently to make sure they do not receive the same items all the time. We do not have the technical capacity to apply different anonymisation rules for different categories of members; therefore all library members’ circulation history is kept for 12 months.

We keep records of holds you have placed and fees you may owe us. We collect this information because again it is necessary for us to manage our collections and the lending process.
We do not have the technical capacity to delete this type of information after a chosen amount of time so it is currently kept until your membership is deleted (see Joining Newcastle Libraries section).

Using library computers

When you use library computers our computer booking system records your card number, which computer you use, the date, the time and the duration for which you are logged in. This information is necessary for us to manage computer bookings.
Our system also records whether you booked the computer in advance or walked straight to it, whether you booked in advance and missed your booked slot. We use this information in aggregated form to gain insight into how our computers are used.
The data from our computer booking system is held on the Council servers. Individual usage records are deleted after 6 months. Only our staff have access to the database.

When you browse the Internet from library computers Newcastle City Council records which websites you visit. This is because of the Council’s plan to fulfil its responsibilities under the Prevent Duty Guidance (2015) issued under section 29 of the Counter-Terrorism and Security Act 2015.
Only the Council’s IT security team and the libraries’ senior managers have access to the data. Your browsing history is kept for 1 year before it is deleted.

For more information about using library computers you may like to view our Acceptable Use Policy. 

Using online resources including e-books

Your library membership gives you access to some of our online resources from your own Internet-enabled device. You can access dictionaries, old newspapers, e-books, etc. from your own phone, tablet, e-reader or computer. We do not share any of your personal details with our resources suppliers. Instead, to allow you to login to the resources we provide our suppliers with a secure way to interrogate our database and simply check whether your membership is current and you are using the right PIN.

When you access one of these resources the supplier’s own privacy policy applies. Here is a list:

• Solus Library app;
• Bolinda BorrowBox website and app (for eBooks, eAudiobooks and magazines);
• Encyclopædia Britannica online;
• Theory Test Pro;
• Gale Cengage Times Digital Archive and Nineteenth century newspapers;
• Oxford University Press dictionaries and other resources;

We advise you to review the privacy settings regularly on each of the apps you use.

Attending library events

We use the Eventbrite online platform to manage event bookings. Eventbrite requires a first name, a surname and an email address to manage the booking. To understand what data Eventbrite collect about you for their own use see their privacy policy.
We may ask for optional information for some events: for example a phone number in case the event is cancelled and we need to let you know, or your permission to use your email address to send you a feedback form.

Some of our partners require specific information for events they deliver with us. For example, our digital inclusion events are run by colleagues from Your Homes Newcastle (YHN). We understand that participants to these events may not yet have an email address – that’s why they need the digital inclusion courses. It is therefore necessary for the YHN Digital Inclusion Officer to collect your phone number to get in touch with you, and your postal address to send you the event ticket.
Registration information for events organised solely by ourselves is kept no longer than four months after the event. This duration is linked to technical capability: it is currently the shortest time after which the Eventbrite platform allows us to delete an event.

When we organise events in partnership with other organisations we may share your registration information with them in order to better prepare for and manage the event.
We may take photographs at library events. We do this to provide citizens and stakeholders with insights into our services. We may use these photos internally for reporting purposes or externally on our social media channels or promotion materials. If your face is recognisable in any of our photos we will ask you for your permission to use the photo and to store it for future use.

Contacting Newcastle Libraries

When you email us on information@newcastle.gov.uk we keep your message in our email service software until we have dealt with your enquiry. We keep your original message and our reply for one month after they were sent. We do this so that if you get back to us we can refer to your original enquiry.

When you ring us your calls are recorded; this is so complaints can be managed efficiently. Call recordings are kept for 12 months. We do not keep any additional information about you or your enquiry.

When you contact us by post we keep your letter until we have replied to it; we aim to reply within 5 days. After replying we dispose of your letter in a confidential waste bin. We keep electronic copies of your letter and of our reply for one month after the reply is sent. We do this so that if you get back to us we can refer to your original enquiry.

When you contact us via our social media channels all the messages are stored on the platform - either Twitter, Facebook or Instagram. If you contact us via Twitter direct message we delete the conversation after 1 month, in a similar way to how we deal with email enquiries. Facebook and Instagram do not currently offer the possibility to delete private messages.

For more information about how each platform handles personal information see their privacy policies: Twitter’s, Facebook and Instagram's.

Heritage donations and deposits

When you donate or deposit documents with our Heritage department, we ask you to declare in a form how we should treat the documents. On the same form we ask you to provide your name and a way to contact you (postal address, email or phone number). We collect this personal data so we may either use the form as a proof of ownership (in case of a gift) or to contact you about the documents (in other cases). We keep the form and your personal details for as long as we hold the documents.

Sharing your data

We share some information with our suppliers and partners to provide you with access to library services, as explained above. We ask each of these suppliers and partners for guarantees that they protect your personal data according to our standards and in compliance with the law.

We do not share your personal information with others unless we are compelled to do so to comply with a legal obligation.

Last updated 26 April 2021 (updated eBooks suppliers)