We are improving our site by involving residents.
Help us continue to improve by giving your feedback
Croydon Council privacy notices.
Our culture and library services provides various library events, culture and heritage. We understand that our audiences, library users and partners expect privacy in their transactions with us and for their information to be both secure and used only for the purposes for which it is provided.
We are committed to protecting your privacy when you use our services. This privacy notice explains how we use personal information about you and how we protect your privacy. Under the requirements of Data Protection Legislation including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, this notice applies to any activity involving our use of your personal data, for example, collecting, storing, sharing, and destroying personal information.
The library service collects personal information appropriate to the requirements for using the library service. This includes:
Our cultural services also collect information related to the delivery of projects, events and cultural initiatives. This can also include the above, though often this level of detail is not required.
We will only ever ask for data which is necessary for us to measure the impact of a programme. In most cases, this does not require the recording of name, date of birth, address or contact information.
We use your data to:
We will ask for additional information relating to gender, ethnic background and disability to enable us to compile statistics. This data does not identify individuals. Provision of this information is at your discretion, and you may decide not to give it to us.
The data you provide may be accessible to the suppliers of our library management systems. Anonymised data may also be shared with:
These suppliers have committed to handling data in accordance with the principles in the General Data Protection Regulations (GDPR) and the Data Protection Act (2018). And will only do so to the extent that it is required to maintain the library management systems and evaluate cultural programmes.
We are required to uphold the law and protect the public funds they administer. Information provided to us may be shared with other bodies responsible for:
We will not add your email address to any external mailing lists and we will not disclose these details to third parties unless permitted or required by law. We will keep your email address on file internally and may contact you regarding your library account. You will only receive marketing emails relating to library events and services if you specifically sign up for this service. Your emails to us may be forwarded to library officers to action, unless your email specifically does not consent to this.
We are legally required to provide a library service under the Public Libraries and Museums Act 1964 and in order to provide the service efficiently and carry out this public task, we need your consent to hold and process your data. If you do not provide this we will be unable to provide a library service to you. We have a legitimate interest in holding your data for audit and quality control and to enable the handling of enquiries and complaints.
Data collated through audience and participant surveys related to cultural programmes is held by consent. Sharing of data in these ways is not mandatory for audiences or project participants. We may be contractually obliged to gather data related to the impact of cultural programmes when receiving external grant funding. This may include requests for data to be shared with us as part of grant funding agreements, or with other partners for the purpose of measuring the impact of a cultural programme against its aims.
Whilst the majority of children and young person's information provided to us is mandatory due to compliance with a legal obligation, some of it is provided to us on a voluntary basis. To comply with the GDPR and other data protection laws, we will inform you whether you are required by law to provide certain information to us; if you do have a choice to provide information that is not mandatory, your explicit consent will be requested. You do have the right to withdraw your consent if this is applicable to processing your data. If this is the case, we will let you know.
The parent/carer is responsible for their child's consent up to age 16. From age 16 onwards the young person can provide their own consent.
Personal data will not be retained for longer than necessary in relation to the purposes for which they were collected. There is usually a legal reason for keeping your personal information for a set period of time. If you require more information about our retention schedule please contact us at croydoncentrallibrary@croydon.gov.uk or ask a member of the library staff.
The archives service store data in both manual and digital formats using the Arkivum records management system. The personal data held will relate to those who have donated items to the archive. This will include:
The transfer of any records containing personal data will be agreed in advance by Croydon Archives and the donor, in line with the archives collecting policy. The archives service follows the best practice principles laid out in The National Archives Guide to Archiving Personal Data. This enables the Council to fulfil its statutory duties as a ‘Place of Deposit’, providing ‘proper arrangements’ for collecting, preserving, and public access to records.
Where data is being processed on the basis of consent, this will be recorded within a Donation Agreement, which will detail the consent provided, and any other conditions attached to the donation and the use of the donated items. For example: the Donation Agreement specifies that records containing personal data may be closed to the public for 100 years or until the Data Subject is deceased.
For queries related to the processing of data for cultural programmes please contact culture@croydon.gov.uk.
Under GDPR and the Data Protection Act 2018, you have the right to request access to information that we hold about you. To make a request for your personal information contact the Council at SAR@croydon.gov.uk.
The GDPR and the Data Protection Act 2018 gives you a number of rights to control what personal information is used by us and how it is used by us. Information about your data rights is listed in our corporate privacy notice.
If you have any questions or concerns about the way we collect, store or use your personal information, please contact the library staff in the first instance at croydoncentrallibrary@croydon.gov.uk.
For independent advice about data protection issues, you can contact the Information Commissioner's Office (ICO) at www.ico.org.uk.
We reserve the right to amend this privacy notice at any time and will keep it under review. If we do make any changes, we will add the current version to this web page.
Last updated: April 2023
NEW Help improve this site by giving feedback Show Hide
Send feedback directly to the content team using our website feedback form
You can also join our user research group to receive invites to activities and surveys to help shape future improvements to the site.