Privacy Policy

Loyola University Chicago Libraries Privacy Policy

Last Updated August 25, 2021

Introduction

As part of our core values, the Loyola University Chicago Library strives to protect the privacy and dignity of its users. This policy outlines the types of information we collect, how we secure it, and your ability to limit or access that information. It is created with reference to the American Library Association's Code of Ethics, the Society of American Archivists Core Values and Code of Ethics, the Illinois Library Records Confidentiality Act, and Loyola University Chicago policies.

This policy will be reviewed routinely as new technology and practices emerge to ensure the library is protecting your privacy. Unless otherwise noted, this policy applies to the Information Commons (IC), Cudahy Library, Lewis Library, University Archives and Special Collections, and the Women and Leadership Archives. This policy does not cover the Rome Center Library or technology services provided by other units housed within the IC or Lewis Libraries such as Digital Media Services or the Writing Center.

Information We Collect

In order to offer library facilities and services it is necessary to collect personally identifiable information (PII). Any PII is stored securely with only authorized staff members given access, and not shared with anyone except as required by law or University policy. Generally, information is purged after a set amount of time, but in some situations, record keeping requires information to be stored perpetually, please see below for these instances. In cases when you submit information for optional uses such as to receive help or get information about the library this information is used only for its intended purpose, and can be done anonymously in some cases.

The sections below describe the specific information gathered as you use library services.

Facilities

• Use of the Information Commons (which includes entrance to Cudahy Library) and Lewis Library requires swiping with campus ID or registering as a guest. The information that we capture via ID swipe or registration includes name, Loyola UVID, and current enrollment or employment status.  Library operations require that we store this information perpetually.
• University Archives and Special Collections, and Women and Leadership Archives have additional requirements. Using the collections of the University Archives or Women and Leadership Archives requires signing in with name, email address, phone number, address, affiliation, and topic of research, as well as materials accessed. These records are retained perpetually and only accessible to staff.
• Security cameras are placed throughout the library facilities. A live feed is available to campus safety and library staff responsible for building security. Recordings are stored for two weeks by Campus Safety, and are only used in the case of an incident report.
• Cudahy Library and the Information Commons use 3D video-based people counters near entrance points to monitor building attendance and capacity. There are no recordings or footage retention periods that are associated with these counters.

Reference and Instruction Services

Library staff maintain records of all questions asked through Ask a Librarian services whether in person, by email, phone, or chat, which may include PII such as name and email. These are used for training and review purposes. Additional data is collected for specific services. Chat reference services collect IP address, chat transcript, and any identifying information provided by the patron. This information is stored on servers maintained by LibraryH3lp, the vendor for these services, and accessible by Loyola University Chicago reference staff and the ChatStaff backup service. Email reference services collect name, email, and status, as well as the question asked. These are stored on library servers and in Loyola University Chicago email. Never send your password through any chat or email form. University Archives and Special Collections and Women and Leadership Archives keep records of reference questions which are available only to staff.                  

Some library instruction or research help makes use of tools such as Google Apps or other non-Loyola tools. This information may be maintained for internal assessment purposes.

Hardware: Desktop Computers, Scanners, Copiers
 

• All library technology is covered by Loyola University Chicago ITS policies, which are listed here. Certain information about workstation sessions is logged by ITS, please review the Rights and Responsibilities When Using Electronic University Resources policy. Generally, all information stored locally on library computers is cleared when the user logs off. Ensure the security of your information by never leaving your computer unattended in a public area.
• The copier/scanner machines located throughout the Libraries do not store any information locally. You may choose to use features for scan-to-email, which logs a copy of your email address and timestamp for staff only. Follow directions to ensure your email address is not displayed publicly. Please ask for assistance if you are unsure about using this feature.

Library Website and Authentication for Electronic Resources
 When you access the library website or authenticate to access electronic resources from off campus there are two systems the library users to provide this access. One system collects your IP address, Loyola UVID, and name of the resource accessed. This information is kept for one month on library servers for troubleshooting purposes and then deleted. The other system, OpenAthens, collects your IP address, but does not store any data about what resource you accessed in a location that library staff can access. This information is available to vendor support personnel for troubleshooting. More information about OpenAthens is available on their privacy policy.

The library also uses Google Analytics to collect information about visitors to library and archives sites. In most cases, the information collected contains your country, the technology you used, the pages accessed, and the length of your session. In some cases, your IP address is collected. No cross-site tracking is enabled.

Catalog and Use of Library Materials
 Your patron account is active until one year past its expiration date. This includes your legal name, preferred name, address, phone, email, Loyola ID, barcode, and university affiliation, as well as a record of any fines you have paid. The record of items you have checked out of the library is maintained only while you have the items checked out, and then purged within 24 hours after you return them. Your checkout information is completely confidential, and we will not share it with anyone. You will receive checkout confirmations via e-mail, which include title and author information for any items you checked out. The library catalog has optional features available to users who log in to their account, such as saving items and search history. The library does not have a service to track your borrowing history.

Requests for purchases (which are held for you) are tracked in Alma, the library management system, and Gobi, which is used for book purchases. Records of these requests are also maintained on library servers, secure network drives, and Loyola University Chicago email accounts. This electronic information is kept indefinitely. Neither this information nor the physical item is accessible to the public, and any physical records of the request including paper hold slips are destroyed after the item is checked out. 

Interlibrary Loan and Document Delivery

Patron information stored by the Interlibrary Loan and document delivery system, ILLiad, includes name, address, phone, email, Loyola ID, barcode, and university affiliation. Requests, including item names, placed through interlibrary loan and document delivery services are stored in the ILLiad database hosted at Loyola, and recorded in a shared email account. These records are retained perpetually.

Third-Party Services

The library contracts with many third-party services to provide services, including reference management, ebooks, electronic resources, and digital collections. These vendors are expected to comply with ITS policies. Most of these services may be used with limited personal information required as long as you access the resource from a computer on campus, but they collect session data of various kinds, such as resources accessed and search logs. If you wish to avoid this type of tracking, please discuss your options with the library. Most vendors offer additional services you can optionally access with a personal account. Important exceptions include EndNote Web, MRI, New York Times Website academic license, SciFinder Scholar, SimplyAnalytics, PrivCo, and RefWorks, which always require registering with your Loyola email address. Our vendors generally follow good security practices, but all use of these services is governed by their privacy and security policies. Certain policies are listed below, but please check if you have specific questions:

• Ex Libris: http://www.exlibrisgroup.com/category/Privacy
• EBSCO: https://www.ebsco.com/company/privacy-policy
• JSTOR: https://about.jstor.org/privacy/
• ProQuest About | http://www.proquest.com/about/privacy-statement.html

Security of Your Information

Information submitted through the library website is generally not secure, and can be potentially compromised. All browsers should have security warnings about whether a page is secure or not. All pages requiring a password are securely transmitted.

All personally identifying information (PII) collected while using library services will be stored on secure Loyola University Chicago or vendor servers, in Loyola University Chicago email accounts, or secure network drives. No PII is permitted on local hard drives, and computers are regularly scanned for PII.

In the case of a data breach, the ITS Data Breach Response Policy applies.
 

Access to Your Information by You and Others

If you have concerns or questions about information the library has collected about you, please contact the Library Privacy Officer at http://libraries.luc.edu/comments. In some cases, information normally kept perpetually can be purged. Information collected may be used for internal assessment purposes, but generally will not be used outside of the library without informed consent, except in certain cases where the data is used in the aggregate such as library reports or external assessment requirements or accreditation. Requests for your information by law enforcement will be referred to the appropriate Loyola University Chicago authorities.