Privacy notices: Library and resident services and museums

List of all privacy notices for advantage card, community hub, blue badges, bus passes, museum memory box, volunteering.

Libraries and Customer Contact face-to-face: Privacy notice

Who we are

Libraries and Resident Services
Libraries and Customer Contact face-to-face
St Ives Road
Maidenhead SL6 1RF.
Email: customer.services@rbwm.gov.uk 

Lawful basis for processing the information

  • Local Government Finance Act 1992.
  • Libraries and Museum Act 1969.
  • Copyright Designs and Patient Act 1988.

General Data Protection Regulation

Article 6(1)(e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Article 6(1)(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes.

How we collect information

  • Information is collected from you for you or for your child when you join the library either in person or online.
  • Information on children may be provided to the library service by the council’s Education Department or Registration Service for an automatic library card scheme.
  • Information for Cox Green School students is shared by Cox Green School, to provide each student joining the school with a school-use only library card.
  • For Advantage Cards, we collect information when you join the library. We check your information is up to date and that you live in the borough when we enable or renew your Advantage Membership.
  • For Concessionary Bus Passes, we collect information when you apply. We check your information is up to date when you renew your Bus Pass.
  • Resident Services: we collect information from you to direct you to appropriate support when you visit a Library. 
  • Some of our buildings have CCTV systems operating for the security of both customers and staff. These systems may record your image during your visit. CCTV operation adheres to the code of practice.

What information is collected

We may collect certain personal information which allows us to adequately provide you with library, council and other support services.

We may collect or process a number of different types of personal information from you depending on which of our services you choose to use, but which may include any or all of your:

  • title.
  • first name.
  • surname.
  • login credentials (including username and password).
  • postal address (including billing/shipping addresses and postcode).
  • telephone number (including home and mobile phone numbers).
  • photograph (for example those taken at our events or those you upload to our systems) .
  • email address.
  • social media account ID (including your Facebook username and identifiers from other social media accounts)
  • age.
  • date of birth.
  • gender.
  • information necessary for legal compliance.
  • details of ethnicity or disability/access requirements.
  • educational institute details (such as your school, university or college).
  • marketing preferences (for example where you have opted in to receive our newsletter(s))

This list is not intended to be exhaustive and may be updated from time to time as our business needs and legal requirements dictate.

We will normally collect personal information directly from you when you volunteer it to us, or when we gather it from your use of our Services. We try to limit our use of personal information to the details we need to provide our Service for you.

We do not normally collect any Sensitive Personal Information from or about you, and do not wish to do so unless it is absolutely essential.

We may on rare occasions collect and use your Sensitive Personal Information, such as dietary or access and assistance requirements which may indicate a health condition or illness, or other Sensitive Personal Information details which are volunteered or provided by you.

If we need Sensitive Personal Information we will ask you to provide us with necessary details only. For example, we may need to collect Sensitive Personal Information when you register so that we can help you with any access requirements you might have, and to comply with our legal obligations under equality legislation. 

In other cases, we will collect and use this type of information only with your clear consent.

Please do not provide us with Sensitive Personal Information under any other circumstances.

How we use the information provided

Libraries and face to face resident services uses personal information to provide specific services to residents, such as Bus Pass, Advantage Card, Blue Badge. This can also include providing assistance for online services such as setting up online accounts and accessing email.

Library Membership to allow the borrowing and reserving of items from the library or the use of online information services and Public PCs.

If you use our online resources, we may use your library membership number to check you are a valid library member.

For children under 16, we use guarantor information to send the parent or guardian notifications about available reservations and overdue loans.

For a Concessionary Bus Pass the personal information provided by the resident allows us to check eligibility and issue a Concessionary Bus Pass to those who are entitled.

Libraries and Customer Contact face-to-face only uses personal information for the purposes for which it has been obtained. In instances where we have provided assistance with setting up and accessing online accounts and emails, this information will not be recorded or retained beyond the session with your library advisor.  

Who has access to the information about you

RBWM Library and Resident Services.

Who we may share your information with

  • South East Library Management System consortium (SELMS) to allow borrowing from all libraries in the consortium (opt in required by registering in person at a library of each Local Authority in SELMS). Members of the SELMS consortium are: Brighton & Hove Libraries, Buckinghamshire Libraries, Camden Libraries, Hertfordshire Libraries, Kent Libraries, Medway Libraries, Milton Keynes Libraries, Reading Libraries, Richmond upon Thames Libraries, Slough Libraries, Southend on Sea Libraries, Southwark Libraries and West Berkshire Libraries.
  • Civica UK: All of your library membership information is kept in our Library Management System (Spydus), which is hosted by Amazon Web Services (AWS.) https://www.civica.com/en-gb/policies-and-statements/privacy-notice/. https://aws.amazon.com/privacy/.  
  • RBWM ICT department: If you use the Public PCs in any borough library, your internet usage information will be held by the borough ICT department.
  • Lorensbergs Limited – If you use the Public PCs in any borough Library, we may share log files with the provider to resolve issues. 
    https://www.lorensbergs.co.uk/privacy-cookie-policy/  
  • Bibliotheca Limited – If you use self-service kiosks at any borough Library, we may share log files with the provider to resolve issues. 
    https://www.bibliotheca.com/privacy-policy/  
  • D-Tech International Limited – If you use self-service kiosks at any borough Library, we may share log files with the provider to resolve issues. 
    https://d-techinternational.com/privacy-cookies-policy/  
  • Royal Borough Financial Control: If you make payments on self-service kiosks, we will share the information you enter with Financial Control department to process your payments.
  • RBWM Complaints team: Compliments and Complaints are shared internally with the Complaints team.
  • Data is shared for the provision of council services with third party providers which may change from time to time and include (Serco, Volker, Parkwood, Northgate, Optalis, Achieving for Children and internal council departments).
  • Staff DBS (Disclosure and Barring Service) data is shared with schools that we work with.
  • Constant Contact: If you have consented to receive marketing the library e-newsletter, you will be sent the Library and Resident Services e-newsletter. We will share your library membership number and email address with our email marketing provider. 
    Data shared may be held in the USA. Providers are members of Privacy Shield a US data protection agreement designed to offer the same level of protections as the European standards. 
    https://www.constantcontact.com/legal/privacy-notice  
  • OverDrive: If you choose to borrow e-books or e-audiobooks via Overdrive, we will share your library account number and membership status, to authenticate that you are a valid RBWM library member. Data shared with OverDrive is held in the USA. https://www.overdrive.com/policies/privacy-policy 
  • Borrowbox: If you choose to borrow e-audiobooks via Borrowbox, we will share your library account number and membership status, to authenticate that you are a valid RBWM library member. https://www.borrowbox.com/privacy-policy/   
  • Pressreader: If you choose to borrow e-magazines and e-newspapers via Pressreader we will share your library account number and membership status, to authenticate that you are a valid RBWM library member. 
    https://help.pressreader.com/hc/en-us/articles/205818089-Privacy-Policy  
  • Hublet Limited: If you choose to borrow our loanable Hublet tablets at Maidenhead Library we will share your data with the provider. https://gethublet.com/privacy-policy/  
  • Solus UK Limited: If you choose to use the Windsor and Maidenhead Libraries App, we will share your library account details with our library app provider. https://yourlibraryapp.com/privacy.htm   
  • National Fraud Initiative (NFI).
  • Police for security and the prevention and detection of crime.
  • Personal information that you have volunteered in order for us to provide assistance with setting up and accessing online accounts and emails will not be shared. 

How long we store your information

  • Your data will be held for two years after your membership expires if you do not owe money or items. 
    If you have not used the library in that time and your account is clear of money or items owing your data will be anonymised. Anonymising a record removes anything that could be used to identify a person but retains the loan history. 
    You would need to join again to use the library service. Information is held for seven years if there are items or monies outstanding.
  • Information about Public Computer usage is stored for one year.
  • Concessionary Bus Pass personal data is accessible for five years while the pass is valid. After this time the data becomes inactive and not accessible.
  • Advantage membership data is kept on the system until the customer informs us they are leaving the borough, at which time we would cancel the Advantage membership, the library membership will be retained unless the customer also requests this to be cancelled. 
  • Please ensure your data is correct by logging on to https://rbwm.spydus.co.uk/  and checking your account. 
    You can update your details online or in any borough library. If you would like us to remove you from our database please email digital.support@rbwm.gov.uk.  
  • Removal from our database will mean you are no longer a member of Libraries and cannot use our services or receive Advantage benefits. You cannot be removed from the database if you have monies or items outstanding.

Does your service utilise automate decision making? – No