Library and Learning Resources Privacy Notice

Library and Learning Resources [LLR] at Canterbury Christ Church University is committed to protecting the privacy and security of your personal information.

This privacy notice applies to all LLR users. It describes how we collect and use personal information about you in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018

1) Whose personal data do we process?

This privacy policy applies to the following Canterbury Christ Church University LLR users:

  • Staff and Students of Canterbury Christ Church University.
  • Alumni
  • Associates
  • External Memberships (incl paid members, SCONUL members)
  • Members of the public

2) What information do we collect about you?

We may collect, store and use personal information from you, from other parties, or information generated by your use of LLR services.

The types of data we collect for LLR Users are:

  • Contact details such as name, address, telephone number(s), email address.
  • Your Unique Identifier
  • Information about your use of the LLR collections, services and facilities;
  • Your financial transactions with the Library, including payment method
  • Enquiries made by you as a user of LLR.
  • Records of email or other correspondence (including any notes made on your account)
  • We may also collect, store and use more sensitive personal information about your health, disability or other special needs where this is relevant to your use of LLR services.

For SCONUL Access members we collect personal data on:

  • Home institution
  • Level of study
  • Course
  • Home institution card number
  • Mode of study (full-time / part-time)

3) How is your personal information collected?

We collect personal information about students:

  • Via automated imports of relevant data from central University systems.
  • Via online or paper forms. 
  • LLR activities throughout the period you are registered with us.

4) How will we use information about you?

  • For the continuous improvement of our services.
  • To create your library account.
  • To administer your membership(s), which may be by letter, email, phone or in person.
  • To give you the appropriate information, support and services.
  • To provide support services for users with disabilities.
  • For document delivery services.
  • For Electronic Resources Management [information about electronic records on hold or purchased].
  • To communicate about LLR news and membership.
  • To ensure that all marketing communications you receive from us are relevant;
  • To ask you to take part in surveys related to LLR.
  • To compile anonymous statistics and conduct research for internal and statutory reporting purposes.
  • To meet our responsibilities under equalities and health and safety legislation.
  • For archival purposes.

5) What is our lawful basis for processing your personal data?

  • Public task: the processing is necessary for the University to perform a task in the public interest or for our official functions.

  • Legitimate interests: The processing is necessary for the University’s legitimate interests or the legitimate interests of a third party in providing or supporting the provision of higher education, unless your interests and fundamental rights override that interest.

  • Performance of your Student Contract; the University will process your data to enable it to meet its contractual obligations to you.

6) Who your personal information is shared with?

We will only share personal data that is relevant and proportionate for the practical delivery of the service. When we share personal data as detailed above we ensure that security is maintained. The following organisations and individuals receive your information:

  • LLR staff who support your use of LLR services and facilities.

  • Finance staff who administrate your financial transactions.

  • Companies or organisations providing specific services to, or on behalf of, LLR. This includes the Library Management system and cloud-based systems supporting the university's service provision

  • On occasion and where necessary in accordance with the law, the police and other law enforcement agencies.

  • Personal Academic Tutors in support of your personal academic development purposes.

  • NHS library staff in cases where there are matters relating to breach of NHS library regulations.

  • Any co-operating library who is part of any reciprocal access schemes.

Other than to the above, LLR will not divulge data to third parties relating to your Library loans or status at the University. This includes other people undertaking loans or paying fines on your behalf, which can only be undertaken if you have previously given written consent to permit this.

Student data may be shared in accordance with the main student privacy notice.

7) How long will your information be held?


Retention period

Method of retention

Personal details

Students: 1 year after the expiry of your account

Staff: expiry of your account.

Borrower membership: 1 month after expiry of account

[unless there are debts or outstanding loans which can be held for up to 7 years.]

Library management system [LMS] - online.

Sconul Access – online on LMS and paper form.

Borrower membership – online.

ALD 1:1s – paper records.

ALD record of meetings, tutorials and actions taken – Access database.

User feedback – online surveys.

History of borrowing library materials

Students: 1 year after the expiry of your account

Staff: expiry of your account.

Borrower membership: 1 month after expiry of account.

[unless there are debts or outstanding loans which can be held for up to 7 years.]

LMS – online.

History of charges/fines.

Students: 1 year after the expiry of your account

Staff: expiry of your account.

Borrower membership: 1 month after expiry of account

[unless there are debts or outstanding loans which can be held for up to 7 years.]

LMS – online.

Bills – online.

Fine appeals

3 months


Online payments

2 months


Records of emails or other correspondence

3 months


Document Delivery

7 years to comply with copyright regulations


In some circumstances we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

8) Security

We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.

9) The Data Controller and further information

Canterbury Christ Church University is the Data Controller for this personal data.

Please click the link below to access further information regarding:

  • The Data Controller
  • The name and contact details of the University Data Protection Officer
  • Where to make a complaint
  • Your rights as a Data Subject
  • How to contact the Regulator

10) Version Control

Title: Privacy Notice - Library and Learning Resources 
Applicable to: Students, Employees, General Public
Approved By: Library and Learning Resources
Date approved: 25 May 2018
Date of review: 25 May 2020
Date last amended: 30 March 2020



Connect with us

Last edited: 01/06/2020 17:14:00