Privacy statement: Library 2024/2025 - for external readers and visitors using the University of Portsmouth Library

Who is processing your personal data?

The University of Portsmouth Library processes data about you to give you access to the building and/or to provide services offered by the Library to you.

If you have any questions about how the University processes your data, then the following contact information may be useful.

 

The University’s correspondence address is:

The University of Portsmouth

Winston Churchill Avenue

Portsmouth

PO1 2UP

Main switchboard: 023 9284 8484


The University’s Data Protection Officer is:

Samantha Hill – Information Disclosure and Complaints Manager

Email: samantha.hill@port.ac.uk

Direct telephone number: 023 9284 3462

To check and update your details with the Library, please contact:

library@port.ac.uk

023 9284 3228

 

What we use the data for

The University of Portsmouth Library processes your personal data, to allow you access to the building, to allow you to borrow loans where applicable, to use Library services where contact information is required (e.g. our online chat service). Your data will also be used to produce anonymous statistics to show Library usage trends.

The University of Portsmouth Library may contact you to keep you informed of events relevant to your use of the Library or to invite you to renew your membership, using the email address you have provided.

 

Your responsibilities

It is your responsibility to inform us as soon as possible if data we hold about you is incorrect or requires updating.

  • You will be asked to check that the details we hold for you are correct, when you renew your External Reader membership. As it is not possible for External Readers to update their own details, staff in the University Library will be able to do it for you.
  • You will be asked to provide up-to-date information about yourself each time you apply for a Day Pass to the Library.

 

Our legal basis for processing your data

The University’s legal basis for processing your personal data is that the processing is necessary for the performance of a task carried out in the public interest.

Admission to the Library for the purpose of study or research is at the discretion of the University Librarian for users who are not members of staff or registered students of the University.  This data is collected to enable us to grant you entry to the Library to use our services in the absence of a Staff or Student contract, and to ensure that we can identify clients of our service, if required by resources suppliers or for security reasons (personal or IT-related).

 

Who will have access to your data?

Only those members of staff within the University of Portsmouth Library who need to have access to the data you provide when you register, those members of staff who update information via the Library Management System or the University Card System in order to administer your access to the Library’s services, and those members of staff processing your service requests, will have that access.

 

Who will receive your data?

It is not possible to list all of the bodies with whom we might have to share your personal data, but the following are examples of when the University Library will release data about you to third parties where you ask us to, where we have a legitimate reason to use that data in connection with your use of Library services, or where the University is under a legal requirement to provide data.

  • Details of any reportable accidents are referred to the Health and Safety Executive (HSE). Data provided to the HSE will include the personal data of any individual involved in the accident.
  • Your data will be used to produce anonymous statistics to show Library usage trends.
  • We will release data to the police and other enforcement agencies in emergencies and where it is required by these agencies for the detection or prevention of crime.
  • The University has a duty of care to the wider community and may release data to an authorised public body where it is required for the safety, health and welfare of the community.
  • We will release data to home institutions in the case of default or non-returned loans for users of the Sconul Access scheme.
  • Data may be released to the third party organisations that host University data. For example:
    • the University’s card supplier, for use in the production of your University card;
    • the University Library’s chat service, in order to contact users with further details if appropriate;
    • the University Library’s Access Control system supplier, to enable you to access the Library turnstiles;
    • the University’s Library Management System supplier, to enable you to borrow the Library stock;

All instances of data sharing/hosting is covered by contractual arrangements or an Operational Agreement with the party concerned.

If you wish the University of Portsmouth Library to provide data to third parties, you should provide written consent to release the data, stating the name and contact details of the individual to whom you wish the data to be sent and the particular data you agree can be released/discussed.

 

Will your data be sent or stored abroad?

The University uses Google Apps for Education, which may involve personal data being stored on servers based outside of the European Union. The Library’s chat service is based in the US and collects user information so that we can contact users with further details relating to your enquiry, if appropriate.

 

How long will your data be stored?

  • For those clients who apply for an External Reader card: We retain your full library account for up to 12 months after the expiry of your account, so that we can offer you a renewal of your account when asked to do so. (After this 12 months, your library account is “anonymised”, which means that we remove all personal information from the account.  We retain information about which items have been borrowed on your account to aid our stock management processes and other usage trends)
  • For those clients who apply for a Day Pass: We retain your application form for up to three months after the expiry of your Pass

 

Your rights

You are entitled to request a copy of the data you provide to us in an electronic format so that you may pass that data to another body (the right to data portability), as well as to request a copy of the data we hold about you (a Subject Access Request). You are also entitled to raise an objection to the processing where the processing of data we hold about you is likely to cause you damage or distress, and to request the rectification of any incorrect data, the restriction of any further processing of your data or the erasure of your data (right to be forgotten).

You should be aware that, as the University Library requires your data in order to grant you access to the building and its resources, should you exercise your right to the erasure of your personal data, it will not be possible for you to continue to use the Library’s services.

 If you require any further information on, or wish to object to any of the uses to which we put your data, you should contact Samantha Hill, the University’s Data Protection Officer (contact details above).

Finally, you have the right to complain about the processing of your data to the UK regulator, the Information Commissioner’s Office. For more information about this body and how to make a complaint, please see www.ico.org.uk.

Document author and department: Kath Shakespeare, University Librarian, Library & Information Services 

Annual review; last updated: 6 August 2024