Effective date of April 23, 2004
This page was last updated January 20, 2014.
Sirsi Corporation and its affiliated companies dba SirsiDynix ("SirsiDynix") are committed to protecting your privacy. We recognize the need to protect any personally identifiable information ("PII") shared with us, including but not limited to PII of our customers (“Customer(s)”) and our Customers’ patrons. PII is singular or collective information that identifies an individual; for example, a person's name, mailing address, telephone number, e-mail address, or other such information. PII does not include aggregated data from which the personally identifiable information has been removed.
In order for SirsiDynix to provide services or products, collection of or access to PII may be required. The information provided to SirsiDynix will be protected by reasonable means from disclosure to third parties. SirsiDynix also has a specific privacy statement called the Safe Harbor Privacy Statement (below) that applies to certain personal data received in the United States from the European Union and Switzerland,.
ACTIVITIES INVOLVING THE COLLECTION OR PROCESSING OF PII.
SirsiDynix may obtain or gain access to PII in a number of ways. We may, for example, ask our Customer for PII about its employees for the purpose of registering for conferences, surveys, ordering e-mail news or information, joining limited-access sites (such as forum or list servers), signing up for an event or training, or purchasing and/or registering SirsiDynix products.
SirsiDynix may collect information about Customer's computer hardware and software, if it was not supplied by SirsiDynix. This information may include: Customer IP address, browser type, operating system, domain name, access times and referring Web site addresses. This information is used for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of SirsiDynix.
If a Customer has selected a service or product that requires payment, we may request PII necessary for billing and/or shipping, such as: name, address, telephone number, and credit card number.
SirsiDynix also collects information about the pages visited within SirsiDynix websites.
Our Customers collect PII from their patrons. For example, our Customers may collect the name, address, phone number, and other patron information in order to issue a library card. Customers also may collect information about its patrons activities related to circulation of books and other materials.
SirsiDynix adheres to the American Library Association's Code of Ethics’ guidelines for privacy protection, including the obligation to protect each library patron's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.
Customer information collected by SirsiDynix will be stored and processed in the United States or in other locations that may be required by SirsiDynix’s Customers. Customer patron information collected by Customers for use with SirsiDynix products and services will be processed and stored at either a local Customer-hosted SirsiDynix site or a regional SirsiDynix hosting facility.
SirsiDynix abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union.
SirsiDynix attempts to abide by all applicable privacy statutes and regulations. The SirsiDynix safe harbor statement can be found below.
Notification of Changes
PII will not be sold, leased, or otherwise distributed or disclosed to outside parties unless required by law. PII will not be collected, sold, leased, or otherwise distributed or disclosed for commercial purposes.
PII will not be sold, leased or otherwise distributed or disclosed without notice being given to the individual. At that time, the individual can request the PII not be shared. PII will not knowingly be collected directly by SirsiDynix from children.
What information may be collected on our website(s) without user registration:
The domain name (e.g. www.SirsiDynix.com) of the visitor.
The IP address of the computer or Internet provider.
The date/time you accessed the site.
How the collected information is used:
Measuring traffic flow and volume.
Diagnosing server problems.
Determining which parts of the site users are visiting.
Delivering services, for example press releases, events information, training or software, which the user requested or purchased.
To notify our users of product upgrades, special offers, updated information and other services.
To allow user access to limited-entry Websites.
The collected information does not identify individual visitors, unless the individual elects to provide PII. IP addresses are not linked to any personal identifiers. Statistical information is used only in aggregate anonymous form. SirsiDynix uses this data for research purposes only and we may use this information in aggregate anonymous form to create statistical information. In some cases, with Customer and user approval, we may combine site-visitation data with PII in order to provide users with personalized content. If the user declines permission, we will not provide the user the personalized service and will not merge user PII with site-visitation data.
Disclosure of PII
No attempt is made to identify individual website users unless illegal behavior is suspected.
Network traffic is monitored to identify unauthorized attempts to upload or change information, or otherwise cause damage to the SirsiDynix's web services. PII may be disclosed:
To act in urgent circumstances to protect the personal safety of SirsiDynix employees, users of SirsiDynix products or services, or members of the public or when someone may be causing injury to or interfering with SirsiDynix's rights or property, other users, or anyone else who could be harmed by such activities.
To conform to the edicts of the law or comply with legal process served on SirsiDynix.
SirsiDynix may occasionally hire or use other parties to provide limited services on our behalf, including packaging, mailing/delivering purchases, answering questions about products or services, sending postal mail and processing event registration. We will only provide those companies the information they need to deliver the service, and they are prohibited from using PII for any other purpose.
Cookies do not store any PII, such as e-mail address or individual passwords. Cookies cannot:
Read other data off an individual's hard drive.
Pass on a virus.
Read cookies created by other sites.
Temporary cookies files are automatically deleted when you close your browser. Cookies can be "turned off" or disabled by changing the proper setting in your browser. Changing the browser setting will disable all cookies delivered to your browser not just the ones delivered by SirsiDynix; however, the user will not experience a personalized visit nor will the user be able to subscribe to the service offerings on the site.
Registration allows an individual to take advantage of some features of SirsiDynix's software, utilize SirsiDynix services and allows SirsiDynix to communicate with you. Registration will require you to provide various types of information such as your full name, institution name, address, e-mail address, ZIP code, a user name, and password. Optional information is marked as such. Providing additional, optional information helps SirsiDynix make its Web site more valuable to the individual.
Participation in some promotions may not be possible if an individual chooses not to share PII.
SirsiDynix occasionally allows other parties to offer our registered users information about their products and services. If the user does not want to receive these offers, the user should check the appropriate box.
SirsiDynix may send out periodic e-mails about services or security issues related to a product or service. The user will not be able to choose to use the automatic unsubscribe feature to disable these mailings, as they are considered an essential part of the service the user or customer selected during registration. Users or customers may opt out of such mailings by closing the associated account, contacting SirsiDynix according to the process described in the Opt-Out Features section, below.
SirsiDynix's website(s) may contain links to other sites. SirsiDynix is not responsible for the accuracy, currency, and content of any other sites to which SirsiDynix provides hyperlinks or access. SirsiDynix is not responsible for the privacy practices of other sites. SirsiDynix cannot be responsible for an individual's privacy when a patron discloses information to outside web sites.
Credit card transactions for SirsiDynix offerings are almost always completed through third-party payment processors without SirsiDynix having any access to related PII. Such processors use industry-standard technology to safeguard the confidentiality of the individual information. This technology includes use of firewalls, secure socket layers (SSL), and/or encryption. In instances where SirsiDynix takes credit card information directly, such information is processed through a third party payment processor as described above, and SirsiDynix does not retain a copy of the credit card information provided.
In order to further protect individual information, Customers and their patrons should always log out and close the browser when finished using a shared or public computer.
SirsiDynix takes reasonable steps to prevent the introduction of viruses, worms, or other destructive materials into or through its systems. However, SirsiDynix does not guarantee or warrant that materials downloaded from SirsiDynix do not contain viruses, worms, or other destructive materials. SirsiDynix is not liable for any damages or harm attributable to such materials. Usage of materials available via download from SirsiDynix is solely at the user's own risk. No security system is impenetrable. SirsiDynix cannot guarantee the absolute security of its database. SirsiDynix cannot guarantee that the information supplied by the user will not be intercepted while being transmitted to SirsiDynix over the Internet.
PII provided directly to SirsiDynix by individuals can be reviewed and changed by contacting SirsiDynix. PII belonging to patrons of our Customers may be reviewed and changed by contacting the Customer to which such PII was provided.
Website users may discontinue receiving some of the communications from SirsiDynix, such as e-mail newsletters announcing new features, contests, and new content, by sending an e-mail to webmaster@SirsiDynix.com. Website users may also discontinue receiving some of the communications from SirsiDynix by editing account settings.
Enforcement of this Privacy Statement
If an individual has questions regarding this statement, individuals should first contact SirsiDynix by e-mail at legal@SirsiDynix.com. Should you not receive acknowledgement of your inquiry or if the inquiry has not been satisfactorily addressed, the individual should then contact the Legal Department.
Attention: Legal Department
3300 North Ashton Blvd Suite 500
Lehi, UT 84043
SAFE HARBOR PRIVACY STATEMENT
SIRSI CORPORATION DBA SIRSIDYNIX
This Statement describes how SirsiDynix collects and uses certain personally identifiable information that it receives in the United States from the European Union and Switzerland ("EU and Swiss Personal Data"). In particular, SirsiDynix recognizes that the European Union and Switzerland have established strict protections regarding the handling of EU and Swiss Personal Data, and SirsiDynix therefore has elected to adhere to the US-EU Safe Harbor Privacy Principles and US-Switzerland Safe Harbor Privacy Principles (together, the "Safe Harbors") with respect to such EU and Swiss Personal Data that it receives in the United States. For further background and information about the Safe Harbors, and to see SirsiDynix’s representation on the Safe Harbor List, please refer to the U.S. Department of Commerce's website at www.export.gov/safeharbor.
Categories of Individual Data Subjects
In general, SirsiDynix may obtain EU and Swiss Personal Data in the United States about several different types of individuals, including (i) website visitors, and (ii) Customers, Customer patrons, suppliers, and business partners, and (iii) SirsiDynix's own employees. SirsiDynix's practices with respect to each of these types of individual data subjects are described below.
Customers, Suppliers, and Business Partners
SirsiDynix may obtain various types of EU and Swiss Personal Data about Customers, patrons of our Customers, suppliers, and business partners. Such data may include contact information (names, titles, addresses, phone and fax numbers, and e-mail addresses); information about products and services ordered or provided; financial and payment information; user ID, passwords, and information collected through Internet-based and e-commerce activities, and other transaction-related data.
SirsiDynix may use these types of EU and Swiss Personal Data for business purposes, including to deliver or provide products or services; to trouble-shoot server problems, to establish or maintain Customer and business relationships; to provide access to Internet-based and e-commerce activities; to perform accounting functions; and to conduct other activities as necessary or appropriate in connection with the servicing and development of the business relationship.
Patrons, employees and agents of our Customers, business partners, and suppliers may contact us if any of their EU and Swiss Personal Data changes, or if they would like to access and correct EU and Swiss Personal Data that we maintain about them. Such persons can contact us by sending an e-mail to the SirsiDynix Legal Office, or by using the information at the end of this privacy statement. Also, to the extent that any of these individuals receive marketing communications from SirsiDynix, and wish to unsubscribe or otherwise stop receiving such communications, they can contact us at our website: firstname.lastname@example.org.
SirsiDynix employees located in the European Union should consult with their local human resources manager to obtain information about SirsiDynix's practices with respect their EU and Swiss Personal Data. Online job applicants to SirsiDynix should also consult any additional terms that apply when they submit their applications and/or resumes.
Other Necessary Disclosures
SirsiDynix may disclose EU and Swiss Personal Data to business partners and subcontractors as necessary in connection with the performance of requested services or solutions, or as otherwise appropriate in connection with a legitimate business need. SirsiDynix may also disclose EU and Swiss Personal Data as necessary in connection with the servicing the software and hardware of the business. In these situations, SirsiDynix will require the recipient of the data to protect the data in accordance with the relevant principles in the Safe Harbors, or otherwise take steps to ensure that the EU and Swiss Personal Data is appropriately protected. SirsiDynix may also disclose EU and Swiss Personal Data where required or permitted by law, or where SirsiDynix believes that such disclosures are appropriate in connection with a law enforcement request.
Data Security and Integrity
SirsiDynix stores and processes EU and Swiss Personal Data at locations primarily in the EU. On occasion, EU and Swiss Personal Data may be accessed from or transferred to the United States for legitimate business purposes. SirsiDynix takes reasonable precautions to protect EU and Swiss Personal Data from loss, misuse and unauthorized access, disclosure, alteration, and destruction whether such Data is located in the EU or the United States. SirsiDynix also makes reasonable efforts to keep EU and Swiss Personal Data accurate, current, and complete, and reliable for its intended use.
SirsiDynix participates in the EU Safe Harbor Privacy Framework as set forth by the United States Department of Commerce. As part of our participation in the safe harbor, we have agreed to TRUSTe dispute resolution for disputes relating to our compliance with the Safe Harbor Privacy Framework. If you have any complaints regarding our compliance with the Safe Harbor you should first contact us (as provided above). If contacting us does not resolve your complaint, you may raise your complaint with TRUSTe by Internet at http://watchdog.truste.com/pvr.php?page=complaint&url=fax at415-520-3420, or mail at Watchdog Complaints, TRUSTe, 55 2nd Street, 2nd Floor, San Francisco, CA, USA 94105. If you are faxing or mailing TRUSTe to lodge a complaint, you must include the following information: the name of company, the alleged privacy violation, your contact information, and whether you would like the particulars of your complaint shared with the company. For information about TRUSTe or the operation of TRUSTe's dispute resolution process, see http://watchdog.truste.com/pvr.php?page=complaint&url=or request this information from TRUSTe at any of the addresses listed above. The TRUSTe dispute resolution process shall be conducted in English. For human resources data we have agreed to cooperate with Data Protection Authorities of the applicable nations.
If you have any questions about this Safe Harbor Privacy Statement, or if you would like to request access to EU and Swiss Personal Data that we may maintain about you, please contact us as follows:
Attention: Legal Department
3300 North Ashton Blvd Suite 500
Lehi, UT 84043
E-mail: SirsiDynix Legal/Privacy Office
Any questions regarding this Safe Harbor Privacy Statement should first be directed to the SirsiDynix contact above. If you do not receive acknowledgment of your inquiry or your inquiry has not been satisfactorily addressed, you may then contact the local data protection authorities in your EU member state or Switzerland for further information.