Privacy Policy

Your Right to Privacy

The Tinley Park Public Library is committed to protecting your privacy by keeping personally identifiable information confidential.

Under the Illinois Library Records Confidentiality Act (75 ILCS 70/1, et seq.) the Library’s cardholder registration and circulation records are confidential. For purposes of this policy, “library records” include registration records (i.e. information provided to obtain a library card) and circulation records (i.e. information identifying the individual borrowing particular materials), and may also include other records that link an identifiable individual to the use of Library services where maintained by the Library. Examples include your name, address, telephone number, email address, borrowing history, and interlibrary loan requests when associated with you. The Library will not disclose confidential library records except as permitted by law.

In some cases, state or federal law may prohibit the Library from notifying you that records have been requested or obtained.

Please ask a staff member if you have questions about this policy and/or your rights to privacy in the library. We’re here to help.

Data Security and Breach Notification

The Library maintains reasonable administrative, technical, and physical safeguards designed to protect personal information. In the event of a data security breach involving personal information, the Library will comply with the Illinois Personal Information Protection Act (815 ILCS 530).

Third-Party Vendors and Your Data

Tinley Park Public Library uses third-party vendors to provide digital content, including ebooks, digital audiobooks, movies, music, online resources, and more. Some of these vendors may collect and share the personally identifiable information you choose to provide them in order to use their services. Third-party vendors may collect information to provide their services and may have their own privacy practices and terms of use. You can choose not to use these third-party vendors.

The information that could be collected by third-party vendors may include:

• When you register with the third-party vendor, provide feedback and suggestions, request information, or create shared content
• Internet address (IP address), search history, location-based data, and device information
• Non-personally identifiable information, such as your ad views, analytics, browser information, cookie data, date/time of your request, demographic data, hardware/software type, interaction data, serving domains, page views, and the web page you visited immediately prior to visiting the site
• Other data as described in the vendor’s privacy policy and terms of use

While the Library’s confidentiality obligations under Illinois law apply to Library-maintained registration and circulation records, the Library does not control third-party vendors’ independent data practices. Where practicable, the Library seeks to select and contract with vendors that follow privacy-protective practices and to limit sharing of personally identifiable information to what is necessary to provide the service. We suggest you review the privacy statements for individual third-party vendors to decide if you agree to their terms.

System Wide Automated Network (SWAN) Membership

The Tinley Park Public Library is also a member of SWAN Library Services, a Library Consortium that provides cataloguing services, interlibrary loan, audiobooks, online resources, and other supportive services. Use of SWAN services may involve sharing limited patron information necessary to provide those services. SWAN has its own Privacy Policy which is separate from the Tinley Park Public Library’s Privacy Policy. However, SWAN’s privacy policies also incorporate the standards required by the Library Records Confidentiality Act (75 ILCS 70/ et seq.) and other applicable state and federal laws.

Institutional Data

The Library is committed to continuous improvement of its services for and with the Tinley Park community. As such, it uses specific types of information to achieve its mission, vision, and strategic goals. Taken together, this information is called “institutional data.”

“Institutional data” is information created, collected, maintained, transmitted, or recorded in ordinary operations for the Library to improve its services, collections, programs, spaces, and customer experiences. It includes: (1) data used for planning, managing, and assessing library operations in an ongoing and formative manner to meet the Library’s Mission, Vision, and Strategic Plan; metrics created, collected, maintained, and reported as required for the Illinois Public Library Annual Report (IPLAR) to the Illinois Secretary of State and State Librarian; and aggregated, anonymous data collected in surveys or via digital analytics directly related to services.

It does not include personal data which is information created, collected, maintained, transmitted, or recorded by personal or library-owned devices, media, or systems that is personal in nature and not related to library business.

Provision of many library services requires the collection and retention of personally identifiable information. By choosing to provide contact and other personally identifiable information (for example, when registering for a library card, placing holds, registering for programs, reserving rooms, or receiving notices), you authorize the Library to use your information to deliver services to you. Personal information is limited to what is necessary for proper administration and service delivery, used only for intended purposes, and retained only as long as necessary for those purposes or as required by law.

Non-personal, non-identifiable, aggregated information is used by the Library for ordinary administration and institutional accountability. Access to and security of institutional data is limited to those Library staff professionals as determined by the Director whose roles and responsibilities require it in the ordinary provision of service and consistent with its intended purpose at the time of collection.

On occasion, the Library may partner with other public service agencies, educational institutions, or funders beyond what is required for the IPLAR where aggregated data may be shared in order to refine services or collaboratively address a community-identified priority. No personal information would be shared without explicit consent acquired.

Communications Preferences (Opt-Out)

For expedience and service of users, use of Library spaces, materials, and services, the default is consent for non-personalized information to be gathered (e.g., number of people entering the building in a day, number of people using a database, etc.). By providing contact and other personally identifiable information, you authorize the Library to use your information to deliver its services to you.

Service-related notices (such as holds, overdue notices, account notifications, and reservation confirmations), are part of Library service delivery and may be sent using the contact information you provide. The Library may also send optional communications about Library news, services, and programs. You may opt out of optional communications at any time using the unsubscribe link (when provided) or by contacting Library staff. The Library will honor opt-out requests in accordance with applicable law.

Staff Access

Access to confidential Library records and personally identifiable information is limited to authorized Library staff and service providers who require access to perform job duties or provide contracted services, and only to the extent necessary for those purposes.

Non-identifiable/Statistical Information

This policy does not prevent the Library from publishing or making available reasonable statistical reports regarding Library registration and circulation where those reports are presented so that no individual is identified, consistent with 75 ILCS 70/1(b).

Board Approved 10/28/20
Revised 03/25/2026