Data Privacy and Protection

Home > Policies and Procedures > Governance > Data Privacy and Protection

Privacy

This policy describes how Sharing Heartland’s Available Resources Equally (SHARE) collects, uses, and discloses patron information.

SHARE collects patron data primarily for identity verification and communication. That data may include:

  • First and Last Name
  • Address
  • Contact Preferences (SMS Text Alerts, Email, and Phone Notifications)
  • Phone Number
  • Email
  • Photograph
  • Driver’s License Number
  • Student Identification Number
  • Associations
  • Item Checkout and Holds History
  • Date of Birth

SHARE requires public and academic libraries to collect address, birthdate, and driver’s license or identification number to validate identity, but the decision of what additional data to collect or what is an acceptable form of proof of residency is left wholly to the local library administration and policies. We do not collect social security numbers.

In addition, our integrated library system (ILS) also tracks data of items that are currently checked out, items that have fines or fees, and in some cases a reading history. The reading history feature is optional, as a patron convenience, but due to the implications of patron privacy, it will only be available if it has been enabled first by the local library, and then activated by the patron in their online account or by patron request. It is not automatic or a system-wide feature.  

Patron data, including any details of reading history or items checked out, is confidential. Confidentiality of library materials is a “core value of librarianship” (American Library Association). SHARE is governed by Illinois law, including the (75 ILCS 70/) Library Records Confidentiality Act. This act states that library registration and circulation records are protected as confidential by law. No person may obtain these records without court order or as required by law.

SHARE and your local library may use patron statistical data for reporting purposes, or to inform library policy, such as collection development and programming. SHARE and your local library may also use statistical data in advocacy and marketing efforts. No personal data is used in these statistical reports.

SHARE also employs the use of cookies to understand how patrons use the library catalog and improve the catalog design. This data is collected using cookies. You can opt out of this tracking by disabling cookies in your browser settings.

SHARE does not sell patron data. There are trusted third-party library vendors that do have limited access through authentication protocols that allow patrons to access additional library-supported services, like e-books or other electronic resources.

Patron information is stored as long as you have an active account with a SHARE member library. An active account is defined by the member library, which maintains policies and procedures that determine when accounts are deleted. Data in SHARE is the property of the patron’s home library and conforms to all applicable federal and state laws.

Patrons have the right to request their information be updated or deleted by contacting their local library. Patrons also have the right to opt out of some electronic communications.

Protection

SHARE takes every precaution for the data we maintain, using industry-standard physical, electronic, and procedural safeguards. We use a layered approach to provide multiple levels of protection, including firewall protection, encryption, computer registration, and strict authentication via password protection with varying degrees of member library staff access. Member library staff are also governed by Illinois state law: “No person shall publish or make any information contained in such records available to the public,” (Library Records Confidentiality Act [75 ILCS 70]). Each SHARE staff person, member library, and member library staff are expected to understand and comply with Illinois law and take reasonable precautions to protect database access and library records.

Children’s Privacy

The Illinois Student Online Personal Protection Act (SOPPA) is intended to protect the privacy and security of student data when collected by companies operating websites, online services, or online/mobile applications primarily used for K-12 school purposes.

SHARE does not primarily serve K-12 school members; however, we support the philosophy and intent of the law. Children may have an account through their school or public library. Minors have the same right to privacy under the Library Records Confidentiality Act.

If you have any questions or comments regarding our privacy practices, security procedures, or this policy, please contact us at share@illinoisheartland.org.

Adopted 08/2024