The Rolling Meadows Library is strongly committed to protecting the privacy of our patrons. Privacy means the right to open inquiry without scrutiny and confidentiality means keeping personally identifiable information private on patrons' behalf.
Grounded in both law and the ethics of librarianship, the Library protects each patron's right to privacy and confidentiality with respect to resources consulted, borrowed, or transmitted, and services sought or received, consistent with the ALA Code of Ethics, the Library Records Confidentiality Act [75 ILCS 70/1 et seq.], and applicable federal, state, and local law.
Notice of Information Gathered
Patrons have the right to be informed about how personally identifiable information is gathered, retained, and removed, and why it is necessary for library services. The Library may collect the following:
- Registration information (name, address, phone, date of birth, parent/guardian name and address)
- Circulation records (items checked out, on hold, lost, or damaged; fees incurred)
- Email address, if voluntarily provided, for notices and updates
- Borrower card number, for access to certain services
- Program registration and appointment contact information
- Meeting room booking details (requestor, purpose, profit/nonprofit status)
- Notary service records (name, date, document type)
- Other information reasonably required to provide library services
The Library avoids creating unnecessary records, regularly purges records no longer needed, and does not expose personally identifiable information to public view.
Disclosure
The Library keeps all personally identifiable information confidential and will not sell or license it to third parties without patron consent, except as required by law or court order. The Library may share information with other institutions to facilitate library services (such as reciprocal borrowing or interlibrary loan) or to protect library resources and collect fees owed (such as through a collection agency). The Library will grant custodial parents, legal guardians, and legal foster parents access to records for children under 18.
Access by Users
Patrons may view or request updates to their personally identifiable information upon verifying their identity. The Library may also offer patrons the option to create and manage voluntary lists of reading, viewing, and listening preferences, which are protected under this policy.
Data Integrity and Security
- Data Integrity: The Library takes reasonable steps to ensure collected data is accurate and secure, including using reputable data sources, providing patrons access to their own records, updating data when possible, and destroying data no longer needed.
- Data Retention: Personally identifiable information is protected from unauthorized disclosure and purged or shredded when no longer needed, including security and surveillance data.
- Tracking Use: The Library removes links between patron records and borrowed materials once the original purpose for collection is fulfilled, and permits access by authorized library staff to information without creating a data trail. The Library may retain a link between an item and its most recent prior checkout to protect against collection loss or damage. The Library regularly clears cookies, browsing history, cached files, and other temporary internet use records from its computers and networks.
- Third-Party Security: The Library requires that contracts, licenses, and offsite service arrangements reflect its privacy obligations. Third-party access to patron information is governed by agreements restricting its use, aggregation, dissemination, and sale. When patrons connect remotely to licensed databases, the Library releases only information needed to authenticate them as valid cardholders. Patrons are encouraged to review third-party privacy policies when using those services.
- Security Measures: The Library maintains managerial and technical safeguards to protect against unauthorized access, use, or disclosure of data, including internal procedures limiting who may access data and for what purposes. The Library complies with the Personal Information Protection Act (815 ILCS 530/1 et seq.; 815 ILCS 530/5).
Any suspected breach involving personal information will be investigated promptly by the Executive Director or designee, who may consult with legal counsel or law enforcement before determining whether to notify affected individuals. Notice, if warranted, will be provided in accordance with the Act. For purposes of this section, "personal information" means a patron's name combined with any unencrypted or unredacted PIN, access code, or password that would permit access to their account. All security incidents must be reported immediately to the Executive Director or designee.
Library Website Security
- Type of Information Collected: When identification is necessary, the Library collects only the minimum information needed and retains it only as long as required. This may include IP address, browser type, domain names, access times, and referring website addresses, as well as personally identifiable information transmitted in connection with online services.
- How the Information Is Used: Collected information is used to operate and maintain services and to compile general website usage statistics.
- Third-Party Websites: The Library's website links to licensed third-party resources, including databases and electronic journals. While the Library seeks to include privacy protections in its license agreements, use of third-party sites is governed by their own policies, not this one.
- Security: The Library employs authentication, monitoring, auditing, and other technical and operational measures to safeguard data integrity and prevent unauthorized access. Online payments, where available, are processed through a secure, encrypted connection via a third-party payment provider. No security measures can guarantee complete protection from unauthorized access.
- Cookies: The Library does not use persistent cookies. Non-persistent session cookies may be used to maintain a patron's active session and are invalidated when the session ends.
- Acceptance of Terms: Use of the Library's website and app constitutes acceptance of this policy.
Enforcement and Redress
The Library conducts privacy audits to ensure compliance with this policy. Patrons with questions, concerns, or complaints may file written comments with the Executive Director, who will respond in a timely manner and may conduct a review or investigation as appropriate.
Release of Information from the Patron Record to Courts or Sworn Officers
Only the Executive Director and designated Person in Charge may receive or respond to law enforcement requests. The Library will consult legal counsel before responding and will release records only upon a valid subpoena, warrant, or court order showing good cause, or where a sworn officer attests to probable cause of imminent physical harm and a court order is impractical. In the latter case, the officer must sign a form acknowledging the emergency and receipt of the requested information.
Information released to law enforcement is limited to identifying a suspect, witness, or victim and will not include circulation or registration records reflecting materials borrowed, resources reviewed, or services used.
RML Policies
Rolling Meadow Library policies approved by the Board of Trustees help us fulfill the Library’s mission and vision.