You are here

Privacy Policy

Purpose 

To tell clients how and why OPL collects, uses, protects, and/or shares personal information.

Statement

OPL collects personal information about clients under the authority of Section 23(2) of the Public Libraries Act, R.S.O. 1990, c.P.44. Staff protect the privacy of all clients’ personal information in keeping with the Municipal Freedom of Information and Protection of Privacy Act, R.S.O. 1990, c. M.56 (MFIPPA) and other applicable legislation. Personal information is only used to deliver library services and programs.

What is personal information?

In this policy, "personal information" means any information that identifies an individual person, who is the subject of the information. 

What personal information does OPL collect?

OPL collects some personal information (such as: name, address, birth date, telephone number, email address, and preferred language) when a client gets a library card, and when managing their account (such as items borrowed). OPL also collects personal information from clients online. For more information, see “Personal information and the Library’s website” below.

OPL does not share information about clients with any other organizations or companies without permission from clients, except when MFIPPA allows sharing or when other applicable law says that OPL must share the personal information. 

OPL does not keep a record of which items (for example: books or movies) a specific client has borrowed once the items are returned, unless the client asks for this service (such as when a client signs up for homebound services). Items are otherwise deleted from the client's record as soon as they are returned. For statistics, and to improve our services, OPL keeps a record of items checked out; OPL is not able to identify any specific clients from this data.

Clients can manage their privacy settings on the Library’s website on both of the following web pages: 

  1. Account
  2. Notification 

Personal information and the Library’s website

OPL collects IP addresses (a number that can uniquely identify a specific computer or other network device on the internet) from visitors to the OPL website. No other personal information is collected when a client visits the OPL website, unless the client chooses to use services that need other personal information (such as a third party vendor). Clients’ personal information will then only be used for this service.

The Library's web servers keep a log of pages visited on the OPL website, as well as the type of searches done on these pages. OPL also keeps statistics in order to learn more about how people use the Library's website, such as: which pages are popular, what times of day people visit the site, what types of computers or web browsers visitors are using, etc. This information helps us improve online library services. The data OPL obtains is collected from many different people and web addresses, and it is kept anonymous; OPL is not able to identify any specific client from this data.. 

When a client visits the OPL website, the pages they see, along with a cookie, are saved on their computer, tablet, or phone. A cookie is a small amount of information, which sometimes includes a unique identifier, that is saved on the hard drive. Cookies help websites understand more about visitors and their habits (for example, if the visitor has been to this website before). Clients can tell their computer what kinds of cookies they would like to receive, or block, in their web browser settings. If clients block cookies from the Library website, some parts of the website may not be available to them.

Other Websites

OPL’s website or services may link to or use other (third-party) websites; for example, to download e-books, borrow a device or kit, answer surveys, read articles, watch videos, or share information on social media. When visiting these websites, clients should check the privacy statements on those sites and be careful when providing personal information if they do not clearly understand how that information will be used.

Library webpages with information or links to another website (for example, YouTube) may contain separate cookies from these websites. OPL does not control these cookies. Clients should check the other website for more information about their cookies.

Using the Internet at the Library

Clients can use the Internet on public computers and through Wi-Fi at the Library. These are public Internet networks that filter traffic to block spam, phishing, malicious content, proxy avoidance, and child pornography. The Library does not look at what pages are visited by clients on the network, but it does keep a log of 90 days of internet use which can be linked to specific clients. This log is only used by the Library to investigate when someone may have not respected the Library’s Public Network – Terms of Use Policy. The Library only shares information from the logs when allowed or needed by law. Please see the Public Network – Terms of Use Policy for more information. 

There are a number of ways in which clients may share personal information with the Library when using the Library’s website: when logging to the website, filling out a form such as Contact Us, booking a meeting room, computer, or other equipment, or sending a document for printing and photocopying. All information is managed according to our data retention policies.

Electronic messages from the Library

Electronic messages sent by OPL are sent using various tools to people who have given the Library permission to do so, including customers or people who have a relationship with the library. All tools used by OPL store their data in Canada. Each electronic message has a link that clients can click on to unsubscribe from future messages. 

Taking photos or videos in the Library

Visitors who wish to take photos or videos in the Library, on Library property, and at Library events must comply with the Taking Photos and Videos in the Library Policy. For example, photos and videos may be permitted as long as Library activities are not disrupted, and visitors cannot take photos or videos in bathrooms or children’s areas. Please see the Policy for more information.

Giving your Library card to someone else

When you give someone else your library card, you are responsible for anything they do, or any items they borrow. If they also have your PIN or password, the other person may be able to see information about your account (for example, any fees you owe, or the titles of other items you have checked out). Library staff will not share more information about your Library account with someone who is using your card.

Client responsibilities

Clients of OPL should:

  • Be aware of the Library’s privacy policy and their rights as clients using library services;
  • Set their privacy settings in library software or hardware tools that offer this ability for clients;
  • Know that they can see their personal information by following OPL's MFIPPA process; and, 
  • Ask the Library to correct any personal information that is wrong. Staff in any branch can help a client correct their personal information.

Privacy breaches

A privacy breach happens when sensitive personal information is stolen, lost, or shared without permission. If OPL finds out that there has been a privacy breach, staff will: 

  1. Let colleagues know, as applicable;
  2. Investigate the situation, including how big the breach was;
  3. Protect or contain any information possible, make sure no copies of information have been made, and take steps to prevent a further breach;
  4. Contact all affected clients;
  5. Review the situation to recommend any changes to policies or library operations necessary to prevent a future similar breach;
  6. Keep a record of the breach; and,
  7. Notify the Information and Privacy Commissioner of Ontario, and any other organizations, as applicable.