The Center for Research Libraries (CRL) is committed to respecting and protecting the privacy of our community. The following discloses our practices for information collection, use, storage and methods to ensure the security of this data.
CRL collects the following data from our users:
Personal data that an individual user may voluntarily and knowingly provides as a result of creating a user account, registering for an event, submitting a form or subscribing to an email list or newsletter. The data may include name, address, email, phone number, job title, professional role, subject specialties / interests and institutional affiliation.
- Similar personal data about users from publicly available sources in order to promote participation in CRL programming and collaborative work.
- User-generated information needed to support online interactive features such as favorite resource lists, saved searches, comments, reviews, and other data posted on CRL’s platforms.
Activity data that is passively collected via cookies and web logging during user visits to a CRL website. This data may include IP address, device type, browser type and version, operating system, pages viewed and length of time on each page, and errors encountered.
In addition, CRL may require users to register for an account in order to gain access to features and contents that are available to CRL member community only. CRL does not require users to register to gain access to other services and web contents.
Purpose and use
CRL collects, stores and uses personal information that users provide and information collected to better serve users during their engagement and interaction with CRL. Any information collected on a website in the crl.edu domain will be used only to provide or improve CRL services. Personal data will be used only for such purposes as distributing information on CRL activities, updating CRL’s membership contacts, and responding to questions or comments.
CRL uses activity data passively collected via cookies and web logs only to improve constituents’ online experience by informing future website design and presentation decisions. This information is not used to identify any specific user or track a specific user’s behavior on CRL websites.
CRL will never sell or rent personal data to third parties. CRL sometimes shares data with technology suppliers. For example, CRL shares data with Google Analytics to obtain insight into how visitors use its websites. For privacy reasons, only aggregated statistical data is gathered by Google Analytics, and it does not include individual IP addresses or other individually identifiable information.
CRL takes seriously the trust of its community. CRL has implemented industry-standard security safeguards to protect the personal data it collects. All personal data actively or passively collected by CRL is stored on secure servers located in the United States. Whenever possible all user account information is additionally encrypted using SSL technology while in transit. CRL utilizes appropriate technical and administrative procedures to prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information. Personal and account information is only accessible to qualified employees of CRL.
The need to retain data varies, depending upon the type of data. Data from event registrations, program participations, and web logs will be deleted when there is no longer a business need. Data provided during a subscription to an email list or newsletter is retained as long as membership on the list or receipt of the newsletter is desired. Data collected via Google Analytics is retained for 26 months.
A cookie is a text string that a website stores on a visitor’s computer. CRL’s websites employ cookies in various ways:
Via CRL’s use of Google Analytics, a web analytics service by Google. This service sets a cookie to evaluate an individual’s use of the website and then compiles aggregate reports for CRL describing activity on the site.
Cookies may also be used to temporarily store miscellaneous user preferences or session-specific data for performance optimization.
Personal data rights and access
Users have the right to request access to, correction of, or removal of their personal data. To make such a request, users are asked to send an email to WebSystems@crl.edu. Users may also opt-out of receiving certain communications from CRL and unsubscribe from CRL-hosted email lists or newsletters. To unsubscribe from email lists or newsletters, simply follow the directions provided in these sources.