GDPR - protecția datelor cu caracter personal

GDPR - protection of personal data

Starting May 25, 2018, new regulations concerning the protection of personal data (GDPR – General Data Protection Regulation) came into force, applicable to all public institutions and commercial companies that collect the personal data of citizens within the European Union.

Evidently, libraries in Romania fall under the scope of these regulations, and the necessary measures and procedures to be implemented require, on one hand, a good knowledge of this regulation, and on the other hand, the existence of IT system features that are in full compliance (GDPR-compliant) with these regulations.

Data Protection and Privacy Policy

Our policy for the protection of personal data and respect for individual privacy has been implemented starting May 1, 2018. In this document, you will find descriptions of the methods, reasons, and cases in which we collect and retain personal information, as well as the ways to protect this information.

Changes to the Liberty5 Library Automation System

Due to the fact that the Liberty5 library automation system collects and retains users' personal data, the producing company - Softlink International - has included changes in the latest version (8.027) that fully comply with GDPR rules (GDPR-compliant):

Member Self-Registration

  • When a new user self-registers to create an account in Liberty5, they are informed about how their data will be stored, processed, and used. The user must accept the specified terms to complete the registration. The default text, with English and Romanian variants, is as follows:

    • “The information you enter will be permanently stored and will be used to allow you to use the library system and in some cases to contact you. This information could potentially be accessed from other countries.”

    • “Informațiile pe care le introduceți vor fi permanent stocate și vor fi folosite pentru a vă permite să folosiți sistemul de bibliotecă și în anumite cazuri pentru a vă contacta. Aceste informații pot fi potențial accesate din alte țări.”

  • The text can be modified and customized based on the specific requirements of the library. We recommend consulting a lawyer before making modifications to the text's phrasing.

  • The self-registration process in previous versions required completing the "Sex" field. This requirement has been eliminated in the new version.

Inclusion of Personal Data in Log Files

  • For resolving technical assistance issues, log files are occasionally sent outside the European Union. In accordance with GDPR specifications, the method of creating log files has been modified so that personal data is no longer included.

Changes to the Way We Investigate Technical Assistance Issues

  • Previously, in certain situations, resolving technical assistance issues required sending personal identification data outside the original geographic region. Starting in May 2018, this procedure has been discontinued.

  • To resolve support issues, the technical team only uses copies of databases from which personal identification information of clients has been deleted in advance.