Our Privacy Notice - Libraries
How we use your information
In order to use the library service your personal information is needed for the following purposes:
- To create and manage your library account, allowing you to withdraw books and to access the library service
- To get in touch with you when necessary to do so, such as when advising on reservations and issuing late fees.
- To ensure that you meet the criteria for certain aspects of the service – for example, those over 60 are not required to pay late fees; those who are home educators have a higher limit on the number of books they can withdraw; etc.
- To meet the Council’s obligations under the Local Government etc (Scotland) Act 1994 relating to providing a library service.
Our legal basis
Whenever the Council processes personal data we need to make sure we have a legal basis for doing so. We understand the Council’s basis in data protection law to be Article 6(1)(e) of the General Data Protection Regulation (GDPR) because your personal information is necessary to the performance of a task carried out in the public interest or in the exercise of official authority vested in the Council - in this case, the Local Government etc (Scotland) Act 1994.
If you do not provide your personal information we will be unable to provide you with access to the library service.
Who we share your information with
Your personal data may be shared internally with authorised officers of the Council if having access to personal data is a necessary part of their roles to ensure records are accurate and up to date, which improves the standard of the services we deliver. It may also be shared with other relevant Council departments where applicable.
The Council may also share your personal data with other relevant Council departments and third parties, where we are under a legal obligation to do so. For example this may be with Police, UK Border Agency or other Registered Professional Bodies.
The Council is required by law to protect public funds against fraud. It may share personal data with other relevant Council departments and third parties responsible for auditing and administering public funds, or who otherwise have responsibility for preventing and detecting fraud.
How long the information is held for
Your personal data will be held by Moray Council for a pre-determined length of time. You can find all the information about how long we retain personal data for on our website:
http://www.moray.gov.uk/moray_standard/page_92820.html (found on the Moray Council website under Section 5 of the Records Management Plan)
Your rights
Moray Council is the Data Controller for this personal data. You have legal rights about the way the Council handles and uses your personal data. These include the right to ask for a copy of it, to ask us to correct it and to ask us to stop doing something with your personal data. For more information about these rights please contact the Council’s Data Protection Officer at info@moray.gov.uk or 01343 562600.
As so far as the legislation permits, you also have the right to request the deletion of your data and to object to the processing.
You also have the right to make a complaint to the Information Commissioner’s Office. They are the body responsible for making sure organisations like the Council handle your personal data lawfully.
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Email: casework@ico.gov.uk
Website: www.ico.org.uk