Legal & Privacy Terms
Effective date of April 23, 2004
This page was last updated February 28, 2019.
In order for SirsiDynix to provide services or products, collection of or access to PII may be required. The information provided to SirsiDynix will be protected by reasonable means from disclosure to third parties.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
ACTIVITIES INVOLVING THE COLLECTION OR PROCESSING OF PII.
SirsiDynix may obtain or gain access to PII in a number of ways. We may, for example, ask our Customer for PII about its employees including name and address for the purpose of registering for conferences, surveys, ordering e-mail news or information, joining limited-access sites (such as forum or list servers), signing up for an event or training, or purchasing and/or registering SirsiDynix products.
SirsiDynix may collect information about Customer’s computer hardware and software, if it was not supplied by SirsiDynix. This information may include: Customer IP address, browser type, operating system, domain name, access times and referring Web site addresses. This information is used for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of SirsiDynix. We do not link this automatically collected data to other information we collect about you.
If a Customer has selected a service or product that requires payment, we may request PII necessary for billing and/or shipping, such as: name, address, telephone number, and credit card number. SirsiDynix uses a third-party payment processing provider for these functions and does not store financial information used in such payment processing.
SirsiDynix also collects information about the pages visited within SirsiDynix websites.
SirsiDynix processes 3rd party PII under the direction of our Customers. Our Customers collect PII from their Patrons. For example, our Customers may collect the name, address, phone number, and other Patron information in order to issue a library card. Customers also may collect information about its Patrons activities related to circulation of books and other materials. We have no ownership of this information or any direct relationship with individuals whose PII may be processed as part of providing our Services.
|Name of Third Party Partner||What Info is Shared With or Collected by This Partner||Partner's Purpose||Applicable to Children Under 13|
|Marketo||Prospect name and contact information may be collected for marketing when volunteered by that individual.||Marketing research and service platform||http://legal.marketo.com/privacy/||No|
|Hirebridge||Prospect name and contact information may be collected for hiring when volunteered by that individual.||Employment application processing||http://www.hirebridge.com/corp/privacy.asp||No|
The U.S. Children’s Online Privacy Protection Act (“COPPA”) may require that our Customers inform parents and legal guardians about how they collect, use, and disclose personal information from children under 13 years of age and that Customers may need to obtain the consent of parents and guardians in order for children under 13 years of age to use the Services we provide on behalf of Customers.
We make no representations, warranties or guarantees that Children’s information will be completely safe or insulated from inappropriate use by external parties, and we do not represent, warrant or guarantee that other users will not attempt to circumvent the rules, features or aspects of the Services. We do not assume any obligation, liability or responsibility associated with such behavior. Because we act as a service provider for our Customers with respect to any Children’s PII, you may be contacted by the Customer or their representatives for consent to collect or otherwise use information from your children. If required by COPPA, that consent allows us to collect and use information on behalf of that Customer to provide the Service.
Additional safeguards with respect to personal information collected about children
If required by COPPA, our Customers should not collect personal information from children under the age of 13 in the United States unless they register in person with the Customer and with verifiable parental consent. Some of our Customers collect birth dates to validate the ages of their patrons, including children. Our Customers may also collect an e-mail address from a parent for the purpose of sending a child e-mails related to the child’s account.
How do we notify and obtain consent from parents for the collection of information from their children?
Our U.S. Customers to whom COPPA applies should require a parent’s verifiable consent to the collection of their child’s PII when their child registers in person to create an account for our Services. If the parent refuses to allow the registration, Customers should not create the account as directed by our Customer. Once a parent provides verifiable consent to the collection of their child’s PII, we will, on behalf of our Customer, create the child’s account and provide the child access to the membership areas of the Services. We perform these Services on behalf of our Customers and therefore such Customers may request your consent.
How can parents access, change or delete personally identifiable information about their children?
If COPPA applies, at any time parents should be able to refuse to allow Customers to process PII from their child and can request that any PII we have collected on behalf of or from our Customers be deleted from the records in our Services; this would be performed by our Customers through our Services. Due to the nature of long-term backup media it is not possible to delete all instances of an individual’s PII from all backup media, but this media is protected by robust physical security measures and is disposed of securely when the media is retired. For certain Customers, a parent has certain editorial access to each of his or her children’s accounts through the parent’s master account on our Customers’ sites. Parents may access, change, or delete the PII that our Customers have collected from their children by logging on to the child’s account through the user interface of the applicable Service. The parent will need to have their child’s username and password to log into their child’s account. Instructions are available via links on each of the Services’ home pages provided by our Customers explaining how to recover a password if the user has forgotten it.
If you have any inquiries regarding our Customers’ privacy practices or how they use your child’s personal information, please contact them directly.
If COPPA applies, Parents have the right to consent to the collection and use of PII from a child without also consenting to its disclosure to third parties as we do not share any of this information with third parties outside of the Customer-approved components of our Services provided by third party vendors.
Upon request SirsiDynix will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging in to your account or contacting us at firstname.lastname@example.org. We will respond to your request within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.
SirsiDynix may transfer personal information to other companies that help us provide our Services. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our Customers.
SirsiDynix will retain personal data we process on behalf of our Customers for as long as needed to provide services and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Customers who use the services offered on our Site may submit the personal information of other individuals at their organization to register them as authorized users. It is the Customer’s obligation, as the data controller, to inform its authorized users about the purposes for which information about them is collected and may be used on this Service. Authorized users can update or remove their account information at any time by logging into the Site and editing their account information, or by contacting their administrator.
SirsiDynix adheres to the American Library Association’s Code of Ethics’ guidelines for privacy protection, including the obligation to protect each library patron’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.
Customer information collected by SirsiDynix will be stored and processed in the United States or in other locations that may be required by SirsiDynix’s Customers or by applicable laws. Customer patron information collected by Customers for use with SirsiDynix products and services will be processed and stored at either a local Customer-hosted SirsiDynix site or a regional SirsiDynix hosting facility.
Notification of Changes
We may update this privacy statement to reflect changes to our information practices including any material changes to how we use PII collected from children under age 13. If we make any material changes we will notify you by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
PII will not be collected, sold, leased, or otherwise distributed or disclosed for commercial purposes and will not be distributed or disclosed to outside parties unless required by law.
PII will not be sold, leased or otherwise distributed or disclosed out of line with this policy without notice being given to the individual. At that time, the individual can request the PII not be shared. PII will not knowingly be collected directly by SirsiDynix from children.
What information may be collected on our website(s) without user registration:
- The domain name (e.g. www.SirsiDynix.com) of the visitor.
- The IP address of the computer or Internet provider.
- The date/time you accessed the site.
- Email Address
- Phone number
- Company Information
How the collected information is used:
- Measuring traffic flow and volume.
- Diagnosing server problems.
- Determining which parts of the site users are visiting.
- Delivering services, for example press releases, events information, training or software, which the user requested or purchased.
- To notify our users of product upgrades, special offers, updated information and other services.
- To allow user access to limited-entry Websites.
SirsiDynix may send out periodic e-mails to its Customers about services or security issues related to a product or service. The user will not be able to choose to use the automatic unsubscribe feature to disable these mailings, as they are considered an essential part of the service the user or customer selected during registration. Users or customers may opt out of such mailings by closing the associated account, contacting SirsiDynix according to the process described in the Opt-Out Features section, below.
Disclosure of PII
No attempt is made to identify individual website users unless illegal behavior is suspected.
Network traffic is monitored to identify unauthorized attempts to upload or change information, or otherwise cause damage to the SirsiDynix’s web services. PII may be disclosed:
To act in urgent circumstances to protect the personal safety of SirsiDynix employees, users of SirsiDynix products or services, or members of the public or when someone may be causing injury to or interfering with SirsiDynix’s rights or property, other users, or anyone else who could be harmed by such activities.
To conform to the edicts of the law or comply with legal process served on SirsiDynix.
If SirsiDynix is involved in a merger, acquisition, or sale of all or a portion of its assets, a prominent notice will be displayed on our Web site of any change in ownership or uses of PII, as well as any choices you may have regarding your personal information, will be posted
SirsiDynix may occasionally hire or use other parties to provide limited services on our behalf, including packaging, mailing/delivering purchases, answering questions about products or services, sending postal mail and processing event registration. We will only provide those companies the information they need to deliver the service, and they are prohibited from using PII for any other purpose.
SirsiDynix’s website(s) may contain links to other sites. SirsiDynix is not responsible for the accuracy, currency, and content of any other sites to which SirsiDynix provides hyperlinks or access. SirsiDynix is not responsible for the privacy practices of other sites. SirsiDynix cannot be responsible for an individual’s privacy when a patron discloses information to outside web sites.
Credit card transactions for SirsiDynix offerings are almost always completed through third-party payment processors without SirsiDynix having any access to related PII. Such processors use industry-standard technology to safeguard the confidentiality of the individual information. This technology includes use of firewalls, secure socket layers (SSL), and/or encryption. In instances where SirsiDynix takes credit card information directly, such information is processed through a third party payment processor as described above, and SirsiDynix does not retain a copy of the credit card information provided.
In order to further protect individual information, Customers and their patrons should always log out and close the browser when finished using a shared or public computer.
SirsiDynix takes reasonable steps to prevent the introduction of viruses, worms, or other destructive materials into or through its systems. However, SirsiDynix does not guarantee or warrant that materials downloaded from SirsiDynix do not contain viruses, worms, or other destructive materials. SirsiDynix is not liable for any damages or harm attributable to such materials. Usage of materials available via download from SirsiDynix is solely at the user’s own risk. No security system is impenetrable. SirsiDynix cannot guarantee the absolute security of its database. SirsiDynix cannot guarantee that the information supplied by the user will not be intercepted while being transmitted to SirsiDynix over the Internet. Depending on our Customers’ security feature selection, information collected through our service is processed via secure socket layers (SSL).
Customer User Access and Choices/Opt-Out
Upon request SirsiDynix will provide you with information about whether we hold any of your personal information. To request this information please contact us at email@example.com.
If our Customers’ personal information changes, they may correct, delete inaccuracies, update, amend, remove, or ask to have it removed by making the change on the user account settings page, by emailing our Customer Support at support@SirsiDynix.com or by contacting us by telephone or postal mail at the contact information listed below. If you no longer desire our Services, please contact us directly. We will respond to your request within a reasonable timeframe.
We will retain Customer information for as long as an account is active or as needed to provide Customers with services. Due to the nature of long-term backup media it is not possible to delete all instances of an individual’s PII from all backup media, but this media is protected by robust physical security measures and is disposed of securely when the media is retired. We will retain and use Customer information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Website users may discontinue receiving some of the communications from SirsiDynix, such as e-mail newsletters announcing new features, contests, and new content, by sending an e-mail to webmaster@SirsiDynix.com. Website users may also discontinue receiving some of the communications from SirsiDynix by editing account settings.
Customer Patron User Access and Choices/Opt-Out
If a Customer Patron’s personal information changes, they may correct, delete inaccuracies, update, amend, or remove it by making the change on the user account settings page, or by contacting a Customer representative. If requested to remove data we will respond within a reasonable timeframe.
We will retain Customer Patron information on live systems for as long as an account is active or as needed to provide the Customer Patron with Services. Due to the nature of long-term backup media it is not possible to delete all instances of an individual’s PII from all backup media, but this media is protected by robust physical security measures and is disposed of securely when the media is retired. SirsiDynix retains data on systems for no longer than one year. Additionally, we will retain and use Customer Patron information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
SirsiDynix is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). It is possible, under certain conditions, for individuals to invoke binding arbitration. SirsiDynix is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. SirsiDynix complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
In certain situations, SirsiDynix may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Enforcement of this Privacy Statement
If an individual has questions regarding this statement, individuals should first contact SirsiDynix by e-mail at legal@SirsiDynix.com. Should you not receive acknowledgement of your inquiry or if the inquiry has not been satisfactorily addressed, the individual should then contact the Legal Department.
SirsiDynix Legal Department
3300 North Ashton Blvd Suite 500 Lehi, UT 84043 United States