I. Introduction
Ball State University Libraries respects and protects your privacy in accordance with the Bill of Rights, Indiana State law (Title 4, Chapter 6), and the following statement from the American Library Association’s document Privacy: An Interpretation of the Library Bill of Rights:
“Users have the right to be informed about what policies and procedures govern the amount and retention of personally identifiable information, why that information is necessary for the library, and what the user can do to maintain their privacy.”
Ball State University Libraries takes most seriously the responsibility to ensure intellectual freedom and recognizes the critical need to protect your privacy and confidentiality. Libraries have a responsibility to foster the free flow of ideas and information, and privacy is essential to the exercise of free speech, free thought, and free association. Ball State University Libraries defines the right to privacy as the right to open inquiry without having the subject of one's interest examined, surveilled, or scrutinized by others. Confidentiality exists when a library is in possession of your personally identifiable information and keeps that information private on your behalf. As such, Ball State University Libraries will not reveal to institutional or legal actors, except upon receipt of a valid and enforceable judicial order or warrant, information about how you use the library (e.g., what you read from collections, what your areas of research are, or when or where you are located in University Libraries).
II. Applicability
This privacy notice applies only to Ball State University Libraries and explains University Libraries’ practices concerning the collection, use, and disclosure of your information. Other university units or third-party vendors may collect and use your information in different ways. University Libraries is not responsible for content or privacy practices outside Ball State University Libraries.
III. Notice & Openness
Ball State University Libraries affirms that you have the right of "notice" -- to be informed about the policies governing personally identifiable information and about how that information is used for the provision of library services.
Information We Collect
The following information may be collected by Ball State University Libraries about your use of its facilities, website, catalog, online resources, services and systems:
- Circulation information (e.g., checked-out materials, fines, etc.)
- Service requests (e.g., ILL requests, requests for purchasing materials, course reserves, reference requests, ask a librarian, etc.)
- Electronic access information (e.g., electronic resources or computers use, etc.)
- Other information required to provide library services (any use of private information for library services not previously mentioned).
How Information Is Used
Ball State University Libraries uses collected data to improve existing services and to facilitate the operational and educational activities of the library and the university. Primarily, personal information is used to provide requested services (e.g., looking up the list of materials you have currently checked out, or allowing you to renew those items), but University Libraries does also use data to assess aggregate value and outcomes of library usage. Ball State University Libraries never uses, sells, licenses or discloses personally identifiable information in ways unrelated to what is described above without acquiring additional consent or unless compelled to do so under the law or to protect library or university resources or interests.
IV. Choice & Consent
To provide borrowing privileges, University Libraries must obtain personal information to create and update your library account. If you are affiliated with Ball State University, the University Libraries automatically receives your personally identifiable information (name, address, e-mail address, status [as student, faculty, staff], identification number, etc.) through Banner, the University’s enterprise resource planning software. When visiting University Libraries' web sites and using the Libraries’ electronic services, you may choose to provide your name, Ball State username, e-mail address, library card ID, phone number or home address. If you are not affiliated with the university, you have the option to provide your e-mail address for the purpose of notifying you about your library account.
By using Ball State University Libraries, you consent to the processing and usage of personal data in the manner and for the purposes detailed in this policy.
V. Access by Users
When you use library services requiring the use of personally identifiable information, you are entitled to view and update your information. Requests for substantive or summative library records must be submitted in writing to the Financial and Business Services Manager in the Office of the Libraries’ Dean. Reports will only be released to the requestor upon in-person presentation of an official photo ID (Ball State identification or driver’s license). University Libraries will respond in a reasonable timeframe based on the complexity of the records request.
VI. Data Integrity & Security
Data collected and maintained at University Libraries is as accurate and secure as possible. Although Ball State University and the Ball State University Libraries cannot guarantee the complete security of data, they take the following steps to protect the privacy and accuracy of your data:
Data Integrity
University Libraries works to assure data integrity by using reputable data sources, providing you access to review your data, and updating data when needed. In addition, University Libraries avoids creating or retaining personally identifiable information that is unrelated to the operational and educational mission of the Libraries.
Data Retention
University Libraries regularly audits data files. When personally identifiable information is no longer needed to manage library services or accounts, it is deleted or anonymized following library data retention guidelines. Information that is regularly reviewed for purging or anonymization includes, but is not limited to, personally identifiable information on library resource use and material circulation history.
Tracking Users
Use of in-library computers requires you to log on with your Ball State username and password. Off-campus usage of electronic resources also requires you to log on with these same credentials. Guest users log in with a special guest account obtained from University Libraries. Data about which users were connected to which machine in the Libraries is collected and used in accordance with Ball State's Website Privacy Policy. The data kept from these transactions does not include information linking the user to the resources used or searches completed.
Cookies
When using networked computers, you must enable cookies in order to access a number of resources available through Ball State University Libraries. A cookie is a small file sent to the browser by a web site each time that site is visited. Cookies are stored on the computer you are using and can potentially transmit personal information. You can refuse to accept cookies, can disable cookies, and remove cookies from your hard drives. University Libraries’ servers use cookies to verify that a person is an authorized user in order to allow access to licensed library resources. Session cookies are removed when you exit the catalog and close the browser. University Libraries does not share information from cookies with external third parties.
Security Measures
University Libraries employs managerial and technical policies and procedures to protect against the loss of data as well as to protect against unauthorized access, destruction, or disclosure of data. Limiting access to data to authorized library staff, prescribing how data can be utilized, encrypting data transmissions, and storing data on secure servers and computers are a few examples of the steps taken to ensure data security.
While University Libraries diligently protects your privacy in relation to library systems, you can also take steps to better protect your personally identifiable information. Here are some resources with suggestions for doing so: Library Freedom Project, Electronic Frontier Foundation, Cookies and You.
VII. Use of Third-Party Vendors
Ball State University Libraries uses reputable third-party vendors with strong privacy policies to review usage data on their web sites. In particular, University Libraries uses Google Analytics to analyze how users frequent the Libraries’ sites. University Libraries uses aggregate data and does not associate usage with a particular computer or user when analyzing or reviewing usage data from Google Analytics or other third-party vendors.
VIII. Enforcement & Redress
Ball State University Libraries never uses, sells, licenses or discloses personally identifiable information in ways unrelated to what is described above without acquiring additional consent or unless compelled to do so under the law or to protect library or university resources or interests. University Libraries authorizes only the Dean and/or the Dean’s designee to receive or comply with requests from law enforcement officers in consultation with university legal counsel. University Libraries will not make library records available to any agency of state, federal, or local government unless a subpoena, warrant, court order or other investigatory document is issued by a court of competent jurisdiction that shows good cause and is in proper form as determined by the Office of General Counsel. University Libraries conducts regular privacy audits to ensure that all library programs and services are enforcing our privacy policy.
If you have questions or concerns about the handling of your privacy and confidentiality rights, you should file written comments with the Dean of Ball State University Libraries.