University of Chicago Library

Privacy Statement

Introduction

The University of Chicago Library is committed to protecting the privacy of its users. The Library's privacy and confidentiality policies are intended to comply with the American Library Association's Code of Ethics, the Illinois Library Records Confidentiality Act, and all other relevant laws and University policies. This document explains our policies on the collection, use, disclosure, retention, and protection of Library user information.

Information We Collect and How It Is Used

In order to conduct Library business, the Library collects and maintains personally identifiable information about library users. If you are affiliated with University of Chicago, the Library automatically receives personally identifiable information to create and update your library account from the Registrar's Office (for students) or Human Resources (for employees). If you are not affiliated with the University of Chicago, the Library must obtain certain information from you in order to provide you with access to the Library and services.

The Library will maintain confidentiality of information sought or received and other personally identifiable data regarding use of library materials, facilities, or services. Identifiable information may be retained, in some cases indefinitely, when doing so serves an institutional purpose. The Library will not make this information available to any other entity outside the Library, except as required by University policies or as mandated by law.

Use of Library Workstations and Networks

To use a library workstation or network, users must log on with their CNetID or a temporary login provided to individuals without CNet IDs. You are responsible for logging off when your session is finished in order to protect your privacy and to ensure that another person does not use the workstation under your login. All use of Library computers and networks is subject to the Library's Acceptable Use Policy and to the University's Eligibility and Acceptable Use Policy for Information Technology. The Library may disclose login information to University authorities in addressing violations of these policies.

Information Collected When Using Library Website

Whenever a user visits the Library's website, certain information is gathered and stored automatically. This information does not generally identify the user personally. Information that is automatically collected and stored includes:

This automatically collected information is only used internally for technical troubleshooting, to monitor compliance with the Library's Acceptable Use Policy, to improve the usability of our website, and to record aggregate statistics.

Authenticating to Use Library Resources

Users connecting to Library resources from off-campus or via the wireless network are asked to authenticate with a CNetID and password. As part of this process, information (including a user's CNetID) is logged by University Information Technology Services (IT Services).

Personal Information Submitted By Users

If you choose to submit personally identifiable information to the Library (through web forms, email messages, or other communication), that information will be used only for the purpose for which you submitted it, with the exception that the Library may make reasonable statistical reports that do not identify particular individuals. The Library does not share this information with private organizations or allow it to be used for commercial purposes. The Library does contract with Application Service Providers (ASPs) to provide some services, such as interlibrary loan, but the Library requires application service providers to respect the confidentiality of the information placed on hosted servers. While we may disclose information about use of the Library in aggregate (such as server use statistics), we will not disclose to unaffiliated parties any information that could be used to identify individuals or their use of Library resources, except as required by University policies or as mandated by law.

Sites Linked from Library Webpages

The Library website contains links to websites and licensed databases that are not maintained or supported by University of Chicago Library. In some cases, library services may be provided via third party tools, e.g., Ask a Librarian, etc. While you may reach these services via Library web sites, you are subject to the privacy practices of those third parties, and the Library encourage users of these services to be aware of their policies before using them.

Security

Transmissions made on the Internet are generally not secure, since the information is transferred in clear text. In some cases transactions made via our web site are conducted using an SSL (Secure Socket Layer protocol) connection in order to provide increased security to the information as it is transmitted. Personally identifiable information is stored in a password-protected environment and may only be accessed by authorized staff for the purpose of performing library work. While the Library makes a concerted effort to protect personal information, we cannot guarantee that your submissions to our website, any content residing on our servers, or any transmissions from our server will be completely secure.

Questions

If you have questions about this policy or its implementation, please contact us.