Alert close - icon Fill 1 Copy 10 Untitled-1 tt copy 3 Untitled-1 Untitled-1 tt copy 3 Fill 1 Copy 10 menu Group 3 Group 3 Copy 3 Group 3 Copy Page 1 Group 2 Group 2 Skip to content

Users of library services privacy notice

Privacy notice for users of library services.


Who controls your data

For any information held about you by Derbyshire libraries, the controller is Derbyshire County Council. We keep your information in an electronic library management system. But we still use paper for some things, such as the mobile library service.

Information we collect

In order to let you become a library member, we need a few basic details such as your name, your home address, your date of birth and, if you have them, an email address and telephone number.

If you use the home library service, we will ask about where you live so we can visit you safely. For instance, we like to know if there is a dog on the premises. You might also let us know your preferred access arrangements. For example if you are unable to answer the door, or will take a long time to do so. If you tell us about your health, this is known as special category data. We handle it confidentially and destroy it when we finish using it. We do so because there is a substantial public interest in having a library service that is comprehensive and accessible to everyone.

Why we need your data and how long we keep it

We need your personal information so that we can provide an efficient library service. This is a public task assigned to us by the Public Libraries and Museums Act 1964. You do not have to give us your information, but unless you do, you cannot become a library member, so most services will not be available to you.

We do not use your information to contact you about library events, or for any other marketing purposes, unless you specifically tell us you want that, for instance, by signing up for one of our email alerts. See our outreach privacy notice for more information.

Your membership lasts 3 years. You can always renew it if you want to carry on using the service. If we don’t hear from you when the 3 years are up, we will keep your data for a further 3 years before terminating your account and deleting your reader record. Limiting the length of memberships helps us ensure personal data is up-to-date, but please tell us about any changes as soon as you can. Even after your personal record is deleted, minimal information such as your postcode may remain among the data we use to generate usage statistics.

Sharing your information

Derbyshire libraries has joined up with other East Midlands library authorities in a consortium called EMLIB. If you choose to join a library run by our consortium partners, we will make your personal data accessible to their staff, subject to the EMLIB partnership agreement. All the partners use the same library management system, run by our contracted provider. The provider is allowed to process a very limited amount of your data if we ask them to, for instance if there is a technical problem. This data sharing is also governed by a data sharing agreement.

Volunteers in council-run libraries have no access to the library management system and therefore no access to your data. Volunteers and staff in community managed libraries are given limited access to the system, meaning that the only personal data available to them is your name.

We do not ordinarily share your information with other services or organisations, unless the law requires. We can also make an exception in our legitimate interests. For instance, if we needed to take legal steps to recover overdue items from you, we'd pass your details to our legal services department. We keep records of attempts to recover our property for 6 years.

We do not ordinarily share your information with other services or organisations, unless with your consent. For instance, library members with visual impairments may allow us to share their details with a charity that arranges transport to the library.

Keeping your information safe

We are committed to protecting personal data and have data policies and procedures in place to ensure that it is safeguarded.

To find out about information security in relation to the Radio Frequency Identification (RFID) tags used on library books, see the document attached to this page.

You can also take simple steps to guard your own security:

  • do not share your library card number or passcode
  • always keep your library card in a secure place
  • keep your library books secure too - remember that your borrowing choices may reveal aspects of your private life

Your rights

Should you wish to raise any concerns about how we have processed your personal data you can contact the Data Protection Officer:

You also have the right to contact the Information Commissioner.

Who you can contact

Find out more about how we handle personal information.

If you need to complain, find ways of getting in touch, or come into your local library to speak to us.

The UK's regulatory body is the Information Commissioner's Office.