Policy V.2, Freedom of Information & Privacy
The Greater Victoria Public Library (Library) is committed to protecting library patrons’ personal information. The Library is authorized to collect patrons’ personal information by the Freedom of Information and Protection of Privacy Act (FIPPA) of British Columbia. Any personal information collected, used, or disclosed by the Library is in accordance with FIPPA and this policy.
The following definitions from FIPPA are used in this policy:
- “contact information” means information to enable an individual at a place of business to be contacted and includes the name, position name or title, business telephone number, business address, business email or business fax number of the individual;
- “personal information” means recorded information about an identifiable individual other than contact information;
- “service provider” means a person retained under a contract to perform services for a public body;
- “third party”, in relation to a request for access to a record or for correction of personal information, means any person, group of persons or organization other than
- the person who made the request, or
- a public body.
This policy applies to the Greater Victoria Public Library Board (Board), library management, library staff and library patrons.
Policy Statement and Details
1. Collection and Use of Personal Information
The Library collects personal information to conduct library business, to provide library programs and services, and to plan and evaluate library programs and services. The following are some non-exhaustive examples of purposes for which the Library may collect personal information:
- issuing a Library card and maintaining a user’s account;
- providing access to library materials and collections, including identifying materials currently on hold or on loan;
- providing and communicating Library programs and services;
- evaluating current services and planning future services;
- providing assistive services for users with special needs;
- recording and responding to comments or suggestions;
- developing and fundraising for the Library;
- compiling non-identifying statistical information;
- recording an Incident Report for the protection of library property and security of patrons and staff; or
- collection of fees and fines owed to the Library.
The Library will only use personal information for the purposes for which it was originally collected or in a manner that is consistent with those purposes. In all circumstances, patrons’ personal information will not be sold, exchanged, transferred or given to another organization for any reason whatsoever, other than for the express purpose of providing library programs and services.
2. Consent to Collection and Use of Personal Information
A library patron consents to the collection and use of his or her personal information on the earlier date on which he or she:
- registers for a Library account;
- submits an application form for a Library account, whether on paper or electronically; or
- signs his or her Library card.
A patron may choose not to provide their personal information to the Library, but this may hinder their ability to use some of the Library’s services.
3. Consent to Contact from the Library
A library patron who consents to the collection of his or her personal information may be contacted by email from the Library from time to time regarding library programs, services, or fundraising initiatives. Patrons who do not wish to be contacted about these initiatives may opt out either at the time of registration for a library account, or in reply to an email from the Library requesting consent for this purpose, in accordance with Canadian Anti-Spam Legislation.
4. Patrons Who are Minors
Children under the age of 19 years have the same rights as adults with respect to their personal information under FIPPA. The Library obtains consent to the collection and use of a child’s personal information from the child’s parent or guardian in the same manner as provided in section 2 above.
For matters other than obtaining consent to the collection and use of personal information, the Library considers children aged 13 years and older to be capable of exercising their own rights for policy purposes. If a child is not in fact capable, the child’s parent or guardian may request that the Library deal only with the child’s parent or guardian with respect to this policy until the child reaches majority or an agreed age under 19 years.
5. Access to Personal Information
Library patrons may request access to their personal information held by the Library. Such requests must be submitted in writing to the Library’s Freedom of Information and Privacy Officer listed below. Requests should provide enough detail to enable library staff to find the patron’s personal information. The Library will provide access to the patron’s personal information upon verification of the patron’s identity.
6. Correction to Personal Information
The Library will endeavour to ensure that personal information collected is accurate, complete, and up-to-date. Library patrons who believe that there is an error or omission in their personal information may request that the Library correct the information.
7. Protection and Retention of Personal Information
The Library uses reasonable security measures to protect against risks such as unauthorized access, collection, use, disclosure, or disposal of personal information. These security measures include physical, technological, and operational safeguards that are appropriate to the nature and format of the personal information.
If the Library uses personal information to make a decision that directly affects a patron, the Library will retain that personal information for at least one year in order to provide the affected patron with a reasonable opportunity to access that personal information. Otherwise, the Library will retain personal information only for the length of time necessary to fulfill the purposes for which it was collected.
Personal information is securely destroyed when it is no longer needed.
8. Disclosure of Personal Information
Personal information is disclosed only in accordance with FIPPA or as otherwise required by law. The following are some non-exhaustive examples of situations in which the Library may disclose personal information:
- a patron consents in writing to the disclosure;
- there are compelling health and safety concerns;
- the personal information is disclosed to a third party service provider for the purpose of providing a specific library program or service;
- the personal information is disclosed to a collection agency for the purpose of collecting a debt owed to the Library; or
- the personal information is disclosed for law enforcement purposes, such as where required by a subpoena, warrant, or other order.
9. Third Party Service Providers
Where a third party service provider requires personal information in order to provide services on behalf of the Library, the Library makes reasonable efforts to obtain commitments from such third parties to comply with FIPPA and this policy in respect of the personal information. However, once information is in the hands of a third party, it is beyond the Library’s control and the Library is not responsible for the use or disclosure by that third party of the personal information.
Related Policies, Agreements, and Procedural Documents
For more information regarding the collection and use of personal information, library patrons may contact Dan Phillips, Director, Technology & Risk Management, Freedom of Information and Privacy Officer, at 250-413-0357 or at [email protected]
|Policy Name: V.2 Freedom of Information and Privacy|
|Policy Type: Values|
|Next Review Date: March 28, 2022|
|Date Amended: March 28, 2017|
|Last Reviewed: February 21, 2017|
|First Approved: December 2, 1994|