Regulations and policies
Privacy notice for Health Library and Health Library at County
We collect and store the following personal contact details:
- Name
- Title
- Addresses
- Telephone numbers
- Email addresses
Additionally, we may collect and use information from other sources or generated through your activities as a library user, including:
- Your loan history
- Fines paid or outstanding
- Details of training sessions attended
This data allows us to provide library services, maintain accurate records, and manage our library operations effectively. Being able to monitor the usage and location of our library resources means that we can ensure all our library users have access to our resources and our resources are appropriate and up to date.
You can access and update the personal information we hold about you by logging into your library account online at: https://keele.primo.exlibrisgroup.com/discovery/search?vid=44KLE_INST:44KLE_V1
Sensitive Personal Data
The following sensitive personal information related to your health will be retained when it is necessary to your use of the library such as for ensuring accessibility, providing tailored services, or meeting specific needs including:
- Medical conditions
- Disabilities
- Other special needs
The data we collect is provided directly by you. We collect and process data when you:
- Register with our Libraries by completing a paper membership form, which we input into our Library Management System (LMS).
- Voluntarily complete a paper or online library survey or service request form.
- Provide feedback via email, by completing a paper form, submitting it on our message boards, or handing it to a member of our team.
- Sign up for any additional Library services online.
For Keele University students and staff, data for library membership is collected through automated imports of relevant data from central University systems.
| Purpose/ Activity | Personal data processed | Lawful basis for processing | How long we keep this data for |
|---|---|---|---|
|
Article requests and Inter-Library Loans |
Name and email address | Contact details are used to communicate with you regarding your article request or interlibrary loan and to fulfil the request. These details are subsequently stored for copyright | 7 years |
|
Literature searches and evidencing their impact |
Name, email address and Job title, work department | Contact details to communicate about and supply search results to you. The details will then be retained to answer any subsequent queries about your search results and to be able to demonstrate impact of the service for reporting to NHSE. | Up to 3 years |
|
Book suggestions |
Name and email address | Processing book suggestions for stock and providing evidence for why the book was ordered. We use your email address if you have requested to be notified when the item is available in the library or to have it reserved for you. | Paper forms are held for 2 years, and spreadsheet data is stored until the end of the financial year, then deleted. |
|
Library membership |
Name, Title, Job title, work department, Addresses, Telephone numbers, Email addresses. personal and work details required. | We communicate with you about your library account and loans and maintain a record of resources on loan. Communications are primarily sent via email and occasionally by post. Your anonymised data is used for statistical and reporting purposes. | 3 months after membership expires or up to 2 years for unresolved issues like fines or unreturned loans. |
|
Suggestions from the emails or comments forms |
Name and Email | To communicate with you regarding your feedback. In some cases, it is held for the maximum time in case further action is required related to the enquiry. | Comments sent via Library email or paper form, along with our responses, are stored for up to 3 years. Topdesk enquiries are retained for 6 full years plus the current year. |
|
Training bookings and emails via Microsoft Teams and Microsoft Bookings calendar |
Name, email and telephone number |
To book your place in the training and to contact you if the training is cancelled or needs to be changed, we also retain your information to request feedback or evidence of our impact. Following information can be held for 60 days:
|
Up to 3 years to contact NHS service users regarding training impact. |
|
Out of Hours Access records |
Name, Title, Job title, work department, Addresses, Telephone numbers, Email addresses personal and work details required. | For the issue of access cards at Health library at County and the control of access to the building for security reasons. | 3 months after the card has been deactivated or returned. |
We work with other companies within the European Economic Area (EEA) to provide some of our library services, such as managing library systems, printing, and email alerts. These companies store or process some of your information (such as your name and contact details) to help us deliver these services.
Library Management System: For recording the lending materials, managing your library account and creating library accounts: https://exlibrisgroup.com/ex-libris-privacy-policy-2/
OCMS Access Card System: A system provided by IDware. Your information is entered in to identify and control access to the Campus and Health Library buildings. Please find a link to IDWare’s privacy policy : https://www.id-ware.com/en/privacy.html
Printing Credit Top-Up System: A system provided by Upay from UniWare to allow you to top up credit for photocopying and printing. Their privacy policy : https://upay.co.uk/privacy_policy.pdf
KnowledgeShare: For setting up current awareness services if you choose to use them. https://www.knowledgeshare.nhs.uk/index.php?PageID=help_privacy
These systems store your name and contact details, and technical support staff from the suppliers may have full access to the systems for maintenance. IT security measures, such as firewalls and granulated access management, are in place to control this access.
Overdue Books and Financial Issues: If you have long-overdue books that are not returned we will share your details with Keele University Finance or your NHS HR department for official invoicing.
LimeSurvey: Is used to create our Health Library Online Forms such as forms for Inter Library Loans and Literature Searches https://www.limesurvey.org/privacy-notice
Page tiger: Used to create surveys and online polls. The privacy policy can be accessed at https://www.pagetiger.com/privacy-notice
Global companies we work with are:
INTUIT Mailchimp: For sending out personalised welcome emails and renewal emails. https://www.intuit.com/privacy/statement/
Orthoevidence: You can sign up for this service, a global online source of high-quality, timely orthopaedic evidence-based summaries, pre-appraised by orthopaedic medical experts. https://myorthoevidence.com/privacy
The University has appointed a Data Protection Officer (DPO) to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPO.
DPO email: dpo@keele.ac.uk
DPO address: Data Protection Officer, Governance Department, Keele University, Keele, Staffordshire, ST5 5BG.
- You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
- You have the right to access, correct, or delete your personal data.
A full list of your rights under General Data Protection Regulations and contact details can be accessed at https://ico.org.uk.
We may update this privacy notice at any time. Substantial updates will be communicated to you directly, and other updates will be posted here.
