Library service
Privacy notice

Last updated: 11 June 2021 

The following privacy notice sets out how we use and protect any information that you give the Warwickshire Library Service, in particular the personal and sensitive information relation to library members held on our library management system (LMS). 

It should be read in addition to the council’s overall Customer Privacy Notice

Purpose for processing

We require your personal information to enable:  

  • the running of library events, such as registering and joining virtual sessions.
  • the administering of Warwickshire’s Young Poet Laureate.
  • the delivery of a physical and electronic lending and reference-based library service to our members. This includes sending courtesy notifications relating to items out on loan, or requested, and to process fines in relation to late returns.  

Where applicable, we may also process your personal information for the purposes of library security and the health and safety of customers and staff members.

Personal information collected and lawful basis

For the delivery of a physical and electronic lending service we may process the following personal information: 

  • Personal details including your name, date of birth, gender 
  • Contact details, such as home address, phone number/s, email address, and guarantor details if applicable
  • Financial information.

For workshops/events aimed at children and young people, where parental consent will be sought to participate, we will also process family details applicable to this purpose. 

To enable us to deliver targeted services and provide concessionary entitlements, we may also process some special category (sensitive) information, such as visual or mobility impairment; learning difficulties; and/or personal circumstances such as whether a foster child, home educator, foster carer, childminder, carer, young carer. 

For Health and Safety purposes we will also record against your personal information details of incidents that have taken place within a library if applicable to you. 

We will process your email and username given when registering for and joining a virtual Library event, as well as financial information for paid events and video / audio information, if you choose to share these with us during an event. 

Where you choose to use the chat function during events, if you provide personal information that’s not your own you must have the consent of the individuals concerned to share this information. 

For the Warwickshire Young Poet Laureate we will process: 

  • Name 
  • Age 
  • School/educational establishment Email address 
  • Parent/carer email and telephone number 
  • Address, incl. Post Code 
  • Parental consent to apply. 
  • 3 poems 
  • 250 personal statement 
  • Any dates that we need to be aware of that they can’t do for public events. 
  • Visual images as per any virtual meetings/interviews/performances. 
  • Interview / Shortlisting notes. 

Our lawful basis for processing the above personal information is:  

Where we take photographs of children enjoying library activities or events, we will obtain written parental consent prior to any photographs being taken. 

Who we may share your information with

We may share your information with our systems suppliers, including payment service providers who are PCI DSS compliant and Warwickshire County Council’s (WCC) support services in order to administer the systems. WCC’s Customer Service Centre team and community managed libraries supported by WCC have restricted access to our system. Your information could also be shared where we are legally required to do so. 

For the Warwickshire Young Poet Laureate (WYPL), we will share information with our partners ‘Poetry on Loan’, their co-ordinator and assigned poet to act as mentor to the WYPL, as part of the WYPL judging panel. Contact details of the successful WYPL and their poet mentor will be shared with each other on awarding of the accolade. No contact details will be shared with Poetry on Loan. 

If you have been involved in a disruptive incident within a library we may share this information with other residents or owners of the building the library resides, as well as other WCC libraries (including volunteer run community managed libraries that accept WCC library cards) where appropriate. It will be shared for the purpose of seeking/enacting a ban from the library(s) and/or surrounding premises on the basis of library security and the health and safety of both customers and staff. For example, Rugby Library where applicable in relation to disruptive behaviour within the library may share personal information with Rugby Borough Council, including Rugby Art Gallery and Museum, who own and reside in the same building as Rugby Library. 

If you choose to sign up to one of our events via Eventbrite please note your personal information, including financial information, will be processed by the Eventbrite platform. Eventbrite is a separate 'controller' of your personal information which means that they are responsible for the collection and use of your personal information.   

When you register for a library event via Eventbrite your name and email address is transferred to WCC, who will become a separate controller of that information - responsible for the processing of the information received.  

Eventbrite currently stores their data on a server outside the EEA, in the United States. Eventbrite states that it participates in and complies with the EU-U.S. Privacy Shield Framework regarding the collection, use, and retention of Personal Data (from European Economic Area ("EEA") member countries). For more information about how Eventbrite handles your personal information please read their full Eventbrite Privacy Notice.

How long we will hold your information

Your information is held for as long as you remain a member. You can ask to cancel your membership at any time and providing no monies are owed the membership record is deleted. 

Members are notified by email to renew their membership every two years. Where emails are undeliverable, memberships are deleted. Memberships that are not renewed are deemed to have expired and are deleted within 2 years of expiry unless the member has been active (using the service) within the last 365 days when it is renewed for a further year. 

Details of customers who are involved in disruptive behaviour are held for up to 2 years in order to monitor escalating behaviour. Personal data relating to a ban is held for 2 years and then deleted if there are no further incidents. 

Video and audio live event sessions will not be recorded and therefore will not be stored. Attendee lists for library events will be deleted when no longer required after the stated event has taken place. For paid events, where personal information forms part of a financial record, this will need to be kept 6 years from the end of the financial year it relates.

Unsuccessful WYPL applications will be retained for 6 months from file closure to allow time for feedback and the successful WYPL details will be retained until the end of their one-year tenure. 

Proof of consent will generally be kept until the end of the event the consent was sought for. There may be rare instances where we need to keep them longer, for example, if a major incident takes place during an event. 

Please note: all stated retention periods will be subject to any legal holds imposed under the Inquiries Act 2005 that may concern the information and override standard retention.

Your information rights


Find out how to access your personal information 

For rectification, objection, restriction or erasure of your personal information – contact us by email at:   

This includes contact details for the Data Protection Officer and if you have a complaint about your information rights.  

You may also be interested in
Documents and downloads