Alert close - icon Fill 1 Copy 10 Untitled-1 tt copy 3 Untitled-1 Untitled-1 tt copy 3 Fill 1 Copy 10 menu Group 3 Group 3 Copy 3 Group 3 Copy Page 1 Group 2 Group 2 Skip to content

Users of library services privacy notice

Privacy notice for users of library services.

Who controls your data

For any information held about you by Derbyshire libraries, the controller is Derbyshire County Council. We keep your information in an electronic library management system. But we still use paper for some things, such as the mobile library service.

Information we collect

In order to let you become a library member, we need a few basic details such as your name, your home address, your date of birth and, if you have them, an email address and telephone number.

Why we need your data and how long we keep it

We need your personal information so that we can fulfil a contract between you and us for the provision of the library service. If we do not know your basic details, we'll not be able to serve you effectively. You do not have to give us your information, but unless you do, you cannot become a library member, so most services will not be available to you.

We do not use your information to contact you about library events, or for any other marketing purposes, unless you specifically tell us you want that, for instance, by signing up for one of our email alerts. See our outreach privacy notice for more information.

We regularly check whether your personal data is up to date, but please tell us about any changes. We'll normally keep your reader record for one year after your library membership comes to an end.

Sharing your information

Derbyshire libraries has joined up with other East Midlands library authorities in a consortium called EMLIB. Our consortium partners can only see your data with a legitimate reason, subject to the EMLIB partnership agreement. All the partners use the same library management system, run by a company called Sirsi Dynix. That company is allowed to process a very limited amount of your data if we ask them to, for instance if there is a technical problem. This data sharing is also governed by a data sharing agreement.

We do not ordinarily share your information with other services or organisations, unless the law requires. We can also make an exception in our legitimate interests. For instance, if we needed to take legal steps to recover overdue items from you, we'd pass your details to our legal services department. We keep records of attempts to recover our property for 6 years.

Otherwise, we'd only share your information with your consent. For instance, library members with visual impairments may allow us to share their details with a charity that arranges transport to the library.

Keeping your information safe

Security matters to us a lot. Find out how we keep your information secure.

To find out about information security in relation to the Radio Frequency Identification (RFID) tags used on library books, see the document attached to this page.

You can also take simple steps to guard your own security:

  • do not share your library card number or passcode
  • always keep your library card in a secure place
  • keep your library books secure too - remember that your borrowing choices may reveal aspects of your private life

Your rights

Should you wish to raise any concerns about how we have processed your personal data you can contact the Data Protection Officer:

  • email: gdpr@derbyshire.gov.uk
  • write to
    Data Protection Officer
    Derbyshire County Council
    County Hall
    Matlock
    DE4 3AG

You also have the right to contact the Information Commissioner.

Who you can contact

Find out more about how we handle personal information.

If you need to complain, find ways of getting in touch, or come into your local library to speak to us.

The UK's regulatory body is the Information Commissioner's Office.