The Library processes data in accordance with the requirements of the Data Protection Act 2018 and any successor legislation incorporating data protection. It administers its obligations under this legislation in accordance with the Queen’s University Data Protection Policy.
Processing personal data
The Library processes student personal data as explained in the Queen’s Student Privacy Notice.
The Library also acts as a data controller for the University when processing personal data for the Library’s Associate Membership scheme, for membership of the Healthcare Library for Northern Ireland, for AFBI Library membership and for the registration of Library visitors. The Library’s compliance with data protection requirements for these groups is explained in the following privacy notices:
Personal data of members of the public is also processed by the Library, e.g. when a document delivery request is fulfilled by Special Collections and Archives, or when a member of the public provides feedback to the Library.
The Library has a legitimate interest as defined by data protection legislation to process the data required for the provision of Library services.
How does the Library collect personal data?
Student personal data is collected as outlined in the Queen’s Student Privacy Notice. Personal data for the Library membership schemes noted above, and for all other applications or Library feedback, is only collected at the point of need using the relevant application or feedback form.
What data does the Library collect?
Data collected for Library membership schemes and for Library visitor access is noted in the relevant privacy notices. Where the Library acts as a data controller, personal data is only collected where required to provide a Library service, e.g. name and contact details.
How does the Library use personal data?
The Library uses personal data for the following purposes:
- Allowing access to the McClay Library and reporting visitor numbers;
- Allowing access as appropriate to Library Services;
- Allowing access as appropriate to University systems and online services;
- University Communications;
- Confirmation of identity if needed for payment purposes;
- The fulfilment of document delivery requests;
- Collecting feedback on Library services;
- The promotion of Library services;
- Contact on an occasional basis for surveys and research to improve our service.
Is personal data held by the Library shared with anyone outside of Queen’s University?
Names and email address may be shared with other libraries in order to fulfil an inter-library loan or document delivery request.
Personal data held by the Library is not otherwise shared with third parties.
How long does the Library keep personal data?
Personal data is retained for one year following the expiry of Library membership or registration for Library access. Data retention periods for all personal data held by the Library are listed in the Library Data Retention Schedule.
Data processing outside Europe
The Library does not transfer personal data outside of the European Economic Area.
Library use of browser cookies and web analytics is described in the University legal statement at http://www.qub.ac.uk/Legal/
Library use of CCTV
The Library uses CCTV for the purposes of security in accordance with University policy:
- Any monitoring will be carried out by a limited number of specified staff;
- The recordings will be accessed only by authorised personnel;
- Personal data obtained during monitoring will be destroyed as soon as possible after any investigation is complete;
- Staff involved in monitoring will maintain confidentiality in respect of personal data.
Security of personal data
The security of the personal data held by the University is ensured through the use of physical, technological and organisational measures designed to protect personal data from unauthorised access and against unlawful processing, accidental loss, alteration, disclosure, destruction and damage.
The Library ensures the security of personal data through its adherence to the University Data Security Policy, the Information Security Policy and all other policies and procedures relevant to ensuring the security of personal data.
Rights under data protection legislation
The Data Protection Act 2018 provides a number of legal rights in relation to personal data. These include the right:
- to request access to personal data;
- to request correction of personal data that is wrong or incomplete;
- to request erasure or the restriction personal data;
- to request the transfer of personal data in a structured; commonly used machine-readable format;
- not to be subject to automated decision making; and
- to withdraw consent
Anyone who wishes to exercise any of these rights, or requires further information about any of the rights, is asked to contact the University Data Protection Officer:
Data Protection Officer
Queen’s University Belfast
There may be times where the University cannot stop using personal data following a request to do so, but the Data Protection Officer will explain if this is the case.
The Library at Queen’s
The McClay Library
10 College Park
Belfast, BT7 1LP
Tel: 028 9097 6135