Privacy Policy

Loyola University Chicago Libraries Privacy Policy

Last Updated January 22, 2018

Introduction

As part of our core values, the Loyola University Chicago Library strives to protect the privacy and dignity of its users. This policy outlines the types of information we collect, how we secure it, and your ability to limit or access that information. It is created with reference to the American Library Association's Code of Ethics, the Society of American Archivists Core Values and Code of Ethics, the Illinois Library Records Confidentiality Act, and Loyola University Chicago policies.

This policy will be reviewed routinely as new technology and practices emerge to ensure the library is protecting your privacy. Unless otherwise noted, this policy applies to the Information Commons, Cudahy Library, Lewis Library, University Archives and Special Collections, and the Women and Leadership Archives. This policy does not cover technology services provided by other units housed within the IC or Lewis Libraries such as Digital Media Services or the Writing Center.

Information We Collect

In order to offer library facilities and services it is necessary to collect personally identifiable information (PII). Any PII is stored securely with only authorized staff members given access, and not shared with anyone except as required by law or University policy. Information is purged after a set amount of time, but in some cases, record keeping requires information to be stored perpetually. In cases when you submit information for optional uses such as to receive help or get information about the library this information is used only for its intended purpose, and can be done anonymously in some cases.

The sections below describe the specific information gathered as you use library services.
 

• Facilities
  Use of the Klarchek Information Commons (which includes entrance to Cudahy Library) and Lewis Library require swiping with campus ID or registering as a guest. Information provided includes name, UVID, and current enrollment or employment status.  Library operations require that information be stored perpetually.
• University Archives and Special Collections, and Women and Leadership Archives have additional requirements. Using the collections of the University Archives or Women and Leadership Archives requires signing in with name, address, affiliation, and topic of research, as well as materials accessed. These records are retained perpetually.
• Security cameras are placed throughout the library facilities. A live feed is available to campus safety and library staff responsible for building security. Recordings are stored for two weeks by Campus Safety, and are only used in the case of an incident report.

Reference and Instruction Services

Chat reference services collect IP address, chat transcript, and any identifying information provided by the patron. This information is stored on servers maintained by LibraryH3lp, the vendor for these services, and accessible by Loyola University Chicago reference staff and the ChatStaff backup service. Email reference services collect name, email, and status, as well as the question asked. These are stored on library servers and in Loyola University Chicago email. Never send your password through any chat or email form. The Women and Leadership Archives keep print records of reference questions which are available only to staff.                   

Some library instruction or research help makes use of tools such as Google Apps or other non-Loyola tools. This information may be maintained for internal assessment purposes.

Hardware: Desktop Computers, Scanners, Copiers
 

• All library technology is covered by Loyola University Chicago ITS policies, which are listed here. Certain information about workstation sessions is logged by ITS, please review the Rights and Responsibilities When Using Electronic University Resources policy. Generally, all information stored locally on library computers is cleared when the user logs off. Ensure the security of your information by never leaving your computer unattended in a public area.
• The copier/scanner machines located throughout the Libraries do not store any information locally. You may choose to use features for scan-to-email, which logs a copy of your email address and timestamp for staff only. Follow directions to ensure your email address is not displayed publically. Please ask for assistance if you are unsure about using this feature.

Library Website and Authentication for Electronic Resources
When you access the library website or authenticate to access electronic resources from off campus the library collects your IP address, UVID, and name of the resource accessed. This information is kept for one month for troubleshooting purposes and then deleted.

The library also uses Google Analytics to collect information about visitors to library and archives sites. In most cases, the information collected contains your country, the technology you used, the pages accessed, and the length of your session. In some cases, your IP address is collected. No cross-site tracking is enabled.

Catalog and Use of Library Materials
Your patron account is active until 1 year past the expiration date. This includes your name, address, phone, email, LUC ID, barcode, and university affiliation, as well as a record of fines you have paid. The record of items you have checked out of the library is maintained only while you have the items checked out, and purged immediately after you return them. This is completely confidential, and will not be shared with anyone. Checkout and return confirmations are emailed to you with the title of the item listed. The library catalog has optional features such as saving items and search history available to logged in users. The library does not have a service to track your borrowing history.

Requests for purchases (which are held for you) are tracked in Alma, the library management system, and Gobi, which is used for book purchases. Records of these requests are also maintained on library servers, secure network drives, and Loyola University Chicago email accounts. This information is kept indefinitely. The physical item is not accessible by the public, and the paper hold slip is destroyed after the item is checked out.
 

Interlibrary Loan and Document Delivery

Patron information stored by the Interlibrary Loan and document delivery system, ILLiad, include name, address, phone, email, LUC ID, barcode, and university affiliation. Requests, including item names, placed through interlibrary loan and document delivery services are stored in the ILLiad database hosted at Loyola, and recorded in a shared email account. These records are retained perpetually.

Third-Party Services

The library contracts with many third party services to provide services, including reference management, ebooks, electronic resources, and digital collections. These vendors are expected to comply with ITS policies. Most of these services may be used with limited personal information required as long as you access the resource from a computer on campus, but they collect session data of various kinds such as resources accessed and search logs. If you wish to avoid this type of tracking, please discuss your options with the library. Most vendors offer additional services you can optionally access with a personal account. Important exceptions include EndNote Web, MRI, New York Times Website academic license, SciFinder Scholar, SimplyAnalytics, PrivCo, and RefWorks, which always require registering with your Loyola email address. Our vendors generally follow good security practices, but all use of these services is governed by their privacy and security policies. Certain policies are listed below, but please check if you have specific questions:

• Ex Libris: http://www.exlibrisgroup.com/category/Privacy
• EBSCO: https://www.ebsco.com/company/privacy-policy
• JSTOR: https://about.jstor.org/privacy/
• ProQuest About | http://www.proquest.com/about/privacy-statement.html

Security of Your Information

Information submitted through the library website is generally not secure, and can be potentially compromised. Most pages requiring a password are securely transmitted. All browsers should have security warnings about whether a page is secure or not.

All information collected above will be stored on secure Loyola University Chicago on vendor servers, in Loyola University Chicago email accounts, or secure network drives. No PII is permitted on local hard drives, and computers are regularly scanned for PII.

In the case of a data breach, the ITS Data Breach Response Policy applies.
 

Access to Your Information by You and Others

If you have concerns or questions about information the library has collected about you, please contact the Library Privacy Officer at http://libraries.luc.edu/comments. In some cases, information normally kept perpetually can be purged. Information collected may be used for internal assessment purposes, but generally will not be used outside of the library without informed consent, except in certain cases where the data is used in the aggregate such as library reports or external assessment requirements or accreditation. Requests for your information by law enforcement will be referred to the appropriate Loyola University Chicago authorities.