Library Services privacy notice
Information you need to know
The Library Services department is part of Liverpool John Moores University. See further information on the institution.
Liverpool John Moores University is the Data Controller.
Our Data Protection Officer can be contacted at DPO@ljmu.ac.uk.
LJMU takes your privacy very seriously. This privacy notice explains how we use your personal information and your rights regarding that information. We will always use your data as set out in the principles of the General Data Protection Regulation (GDPR) and all current Data Protection Legislation. We are committed to being transparent about how we collect and use your data and to meeting our data protection obligations.
For information about how the wider University uses personal data please see the Privacy Notice section of our website.
What information are we collecting?
We collect the following personal information:
- Names
- Email addresses
- Home addresses
- Telephone numbers
Why are we collecting your data and what is the legal basis for this?
LJMU will collect personal data from you for several reasons, and will at all times do so in compliance with the principles of the GDPR, and for one of the legal basis set out in Article 6 of the Regulation.
We collect this information for different purposes depending on the nature of the transaction. This includes:
- Attending events
- Responding to enquiries
- Arranging access to resources
- The lawful basis for collecting this data is:
- Public Task
- Consent
- Performance of a Contract
Where we are processing personal information on the basis of consent, people will be informed of their right to withdraw consent at the point of requesting their personal information and the process for doing so.
Libchat
Library Services uses a product called Libchat to manage its online chat service (provided by Springshare). The majority of chats will be answered by LJMU staff, however, please note that to facilitate a 24/7 chat service there are times where this chat is staffed by colleagues outside of the UK. As a result any personal data that you share as part of these chats may be viewed by people outside of the UK. Springshare operates in full compliance with GDPR legislation and you can view Springshare's comprehensive GDPR policy online.
Who has access to this data?
Your personal data will be used only by relevant LJMU staff where the data is necessary for them to undertake their designated role for example Library Services Staff.
We may on occasion share information with our software providers.
How does the University protect your data?
The University takes Data Protection very seriously and at all times your personal data will be handled in line with the University’s Information Security Policy.
For how long does the University keep your data?
We only keep data for as long as mandated within the University’s Records Retention Schedule.
Your rights
As a data subject, you have a number of rights. You can:
- access and obtain a copy of your data on request, this could be in a portable electronic format
- require the University to change incorrect or incomplete data if you think that it is inaccurate or out of date
- require the University to delete or stop processing your data, for example where the data is no longer necessary or legally required for the purposes of processing
- if your personal data has been provided by consent, you have a right to withdraw that consent at any time
If you would like to exercise any of these rights, please contact the Data Protection Officer DPO@ljmu.ac.uk.
What if you do not provide data?
We only ask the information that we need to provide the service to you. We may not be able to provide you with certain services if you do not provide the information requested.
Transfers of data outside the UK
Generally, we do not send your personal data outside the UK. However, in some specific cases we may transfer the personal data we collect to countries outside the UK in order to perform our contract with you/or a contract with another organisation that requires your personal data i.e. a collaboration agreement with a university based outside of the UK. Where we do this, we will ensure that your personal information is protected by way of an ‘adequacy regulation’ with the UK or by putting alternative appropriate measures in place to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the UK laws on data protection, for example model contractual clauses, data sharing/data processing agreement and binding corporate rules (where applicable).
Automated decision making
We will not make any decisions about you automatically using a computer, based on your personal data. All decisions affecting you will be taken by a human.
How to complain to the Information Commissioner’s Office?
You have the right to complain to The Information Commissioner if you believe that our processing of your personal data does not meet our data protection obligations. The Information Commissioner can be contacted:
Post: Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK95AF.
Telephone: 0303 123 1113.
Email: contact can be made by accessing www.ico.org.uk.