The EBPL Privacy Policy

East Brunswick Public Library makes every effort to protect the privacy of library customers who use library materials and resources, the library website and/or the online library catalog. In accordance with New Jersey state law, The Library maintains the confidentiality of all personal information that it collects. East Brunswick Public Library staff will not respond to any informal request by a third party for personally identifiable information about any library user. Such information includes circulation records, payment records, interlibrary loan records, and other personally identifiable uses of library materials, facilities, or services.

Personally identifiable information may be released only to a law enforcement agency after presentation of a court issued subpoena or search warrant and/or under the provisions of the USA Patriot Act.
 

N.J.S.A. 18A:73-43.2. Confidentiality of library users' records

Library records which contain the names or other personally identifying details regarding the users of libraries are confidential and shall not be disclosed except in the following circumstances:
a. The records are necessary for the proper operation of the library;
b. Disclosure is requested by the user; or
c. Disclosure is required pursuant to a subpoena issued by a court or court order.
L.1985, c. 172, 2.
 

The USA PATRIOT Act P.L. 107-56

The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA PATRIOT Act) became law on Oct. 26, 2001. Under the provisions of this law, the Federal Bureau of Investigation (FBI) and law enforcement officials may seek court orders for Library records for investigations relevant to national security or terrorims. Customers cannot be told their records were given to law enforcement agencies or that they were the subjects of FBI investigations.
 

Personally Identifiable Information

East Brunswick Public Library will collect the information needed to contact library users, such as mailing address, email address, phone number, etc., in order to ensure the proper notification, lending, and return of library materials and the collection of fines. Payments received via credit card will be processed in accordance with PCI standards. Records will be retained for the shortest length of time necessary to facilitate library operations.

Individuals may submit their name, email address, postal address, telephone number, library card number or other identifying information in order to receive library services such as borrowing priveleges, receiving personal responses to questions, receiving Library promotional materials, registering for Library programs or classes, making remote use from outside the library of those portions of The Library's Web site restricted to registered borrowers under license agreements or other special arrangements, or being added to specific mailing lists. The Library does not sell, rent or otherwise distribute information to outside parties except for possible uses related to the recovery of materials. However, library records may be subject to disclosure to law enforcement officials under provisions of the USA PATRIOT Act Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA PATRIOT Act) and, under some circumstances, librarians may be forbidden to disclose the fact that certain records have been requested or obtained.

Any requests for information received by the library will be kept for the shortest amount of time necessary to fulfill the request. This information may be anonymised for training and statistical purposes.  The questions themselves and any personal information such as names, email addresses, telephone and fax numbers submitted with the questions are confidential and are treated as other library user information under provisions of the Confidentiality of library users’ records statute above. The library complies with the New Jersey Division of Archives & Records Management (NJDARM) in accordance to maintaining, retaining and destroying public and confidential information.
 

Remote Access to Electronic Resources and Web Server Usage Tracking

The Library tracks the usage of the library Web site and other library systems and services accessed through library servers.

The Library automatically collects and stores: the untitled name of the domain and host from which a customer accesses the Internet; the Internet protocol (IP) address of the computer a customer uses; the browser software and operating system; the date and times sites were accessed; and the Internet address of the site from which a customer linked directly to library sites. 

The Library uses this information only as anonymous aggregate data to determine the number of visitors to different sections of our websites and to help us make our websites more useful. The Library does not use the information to track or record information about individuals.
 

Online Databases, Library Notifications and Third-Party Partners

The Library has teamed up with reputable third-party vendors in order to provide certain services to its online users. The vendors of some of these databases collect usage statistics, which they provide to The Library each month. The New Jersey Confidentiality statute, N.J.S.A. 18A:73-43.2., may not apply to these third-party vendors. In cases when users leave the Library's site to visit one of its partners' sites, users are encouraged to become familiar with the privacy statements of each site they visit.
 

Library Online Catalog

The Library automatically collects and stores the following information about the library’s online catalog usage: patron log-in totals, number of hold requests placed, number of renewals, and user search types (keyword vs. browse, etc.) Patron names are not collected.

 

Customer Borrowing Records

The Library does not maintain records of what individuals have borrowed and returned in the past, except when overdue fines, and/or charges for lost materials have accrued or have been paid. All information about the individual cardholder is confidential except for notification and collection of overdue materials.
 

Public Computers, Wi-Fi Network and Printing

Cookies are small text files placed on user computers by a Web site to enable customization of individual visits. Some Library electronic services, such as the Library Catalog and remote databases, set temporary cookies for current sessions. These cookies do not capture personal information and are deleted when sessions are ended. Visitors can refuse the cookie by using instructions provided in browsers. Refusing or disabling cookies may result in an inability to access some library services from computers within the Library.

The Library does not use cookies or tracking mechanisms that collect personally identifying information on its ebpl.org site or in its online catalog. The Library also deletes Web browsing history, cached files, or other computer and Internet use records and other software code that is placed on our public workstations or networks upon user logoff.

Wi-Fi access is granted using the least amount of information necessary to provide internet service to the customer. Any personally identifiable information is anonymised and used only for usage statistic purposes.

Documents printed on library printers are kept for a maximum of 10 minutes after being printed for use only in the event that the customer’s document does not print properly. If the document prints properly, users can request that their document be removed from the print queue sooner. Any documents not printed by the end of the day are automatically removed from the print queue system. Users concerned about the privacy of their printed documents are invited to password protect their documents, with the understanding that doing so prevents any access to the document without the use of the password.

 

Security of Library Records

The Library maintains its own computer network. The Library makes every reasonable effort to protect its network from hackers. Our technical security measures to prevent unauthorized access include encryption in the transmission and storage of data; limits on access through use of passwords; and storage of data on secure servers or computers that are inaccessible from a modem or network connection. Any electronic communication that customers send to The Library is not necessarily secure against interception. 

Regardless of how the information is received, the Library does not retain sensitive information longer than is necessary to complete the related transaction.

 

Procedures for Handling Requests for Library Records

Library staff who are approached by a law enforcement officer or agent with any request or court order to examine or obtain the library records of any library user will ask for identification and direct the officer or agent to the Library Director or other designated person in charge. The Library Director or the designated person in charge will review the request or subpoena and seek the advice of the Library Attorney. 
 

Supporting Policies and Codes

American Library Association's Code of Ethics

American Library Association's Policy of Confidentiality of Library Records

American Library Association's Policy Concerning Confidentiality of Personally Identifiable Information about Library Users

Credit Card Security Standards

NJDARM New Jersey Division of Archives & Records Management

N.J.S.A. 18A:73-43.2. Confidentiality of Library Users Records

Approved 2/12/2012 by the Library Board of Trustees