PRIVACY POLICY

Effective date: June 30, 2023

LibraryPass, Inc. (“us”, “we”, or “our”) operates the LibraryPass and Comics Plus® websites, and the LibraryPass mobile applications (the “Service”).

LibraryPass respects your privacy. The purpose of this Privacy Policy is to make you aware of how we collect, manage, protect, use, and/or share information and what choices are available to you regarding the collection, use and distribution of your Personal Information and non-personally identifiable information (“non-PII”).  

Because many users of the Service are under the age of 13, this policy also presents how and what information LibraryPass collects from children who are under 13 years old.

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

Definitions

  • Service:  Service means the comicsplus.app website, library.librarypass.com website, the LibraryPass mobile applications and any and all websites and apps operated by LibraryPass, Inc.
  • Personal Data
    Personal Data is information that can be used on its own to identify a specific person. For example, Personal Data can be a full name, home address, email address, phone number, or login details.  It is data about a living individual who can be identified from such information (or from those and other information either in our possession or likely to come into our possession).
  • Usage Data
    Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • Cookies
    Cookies are small data file identifiers that are transferred to your device or web browser. They allow LibraryPass to recognize your device or web browser when you visit or use the Services.
  • Data Controller
    Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.
  • Data Processors (or Service Providers)
    Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
  • Data Subject (or User)
    Data Subject is any living individual who is using our Service and is the subject of Personal Data.

    Information Collection And Use

    You can use most of the Services without submitting much information to LibraryPass. A valid library card or school ID is all you need to use most of the Services.

    We collect several different types of information for various purposes to provide and improve our Service to you.

    Types of Data Collected

    • Personal Data

    While using our Service we ask only for a valid email address. In certain circumstances, we do not require even this, i.e,. Google SAML, SIP2, or other single-sign service instances. We do not collect names, age, gender or any personal data.

    • Usage Data

    We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device (“Usage Data”).

    This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

    When you access the Service by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

    • Tracking & Cookies Data

    We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

    Cookies are files with small amounts of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

    You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

    Examples of Cookies we use:

    • Session or Required Cookies. We use Session Cookies to operate our Service.  LibraryPass:

    uses first party cookies (i.e. cookies set directly by LibraryPass to your device) that are strictly necessary. These are essential cookies that let you move around the Services and use their features. Without these cookies, core functionality cannot be provided. You cannot object to these cookies as otherwise the Services cannot be provided.

    • Preference and Reliability Cookies. We use Preference Cookies to remember your preferences and various settings.  These cookies allow us to monitor and improve the Service’s performance and reliability. They alert LibraryPass when the Service is not performing at expected levels.  These cookies also help us understand user behavior within the Services, such as which features of the Services are most popular. This information helps LibraryPass design a better experience.
    • Security Cookies. We use Security Cookies for security purposes.

    Use of Data

    LibraryPass uses the collected data for various purposes:

    • To provide and maintain our Service;
    • To notify you about changes to our Service;
    • To allow you to participate in interactive features of our Service when you choose to do so;
    • To provide customer support;
    • To gather analysis or valuable information so that we can improve our Service;
    • To monitor the usage of our Service; 
    • To detect, prevent and address technical issues;
    • Determining your library card authentication status;
    • Detecting your web browser language; 
    • Displaying your indicated font preference; 
    • Keeping you logged in as you navigate related webpages; and
    • Determining how many active installations of Services exist

    GDRP Compliance

    The General Data Protection Regulation (GDPR) is a data protection law that went into effect on 25 May 2018. It applies to all organizations that collect and/or process personal data of individuals located in the European Union.  

    The GDPR applies to LibraryPass because we serve library patrons and students in the EU. LibraryPass is committed to GDPR compliance.

    LibraryPass functions as the Controller of personal data because we determine the purposes and means of data processing for data collected by our Service. We do not request any personal data, such as an email address.  Other personal data, such as a cookie identifier or device identifier, may be collected by our Service during a user’s interaction with the Service. LibraryPass determines the purpose and legal basis for such data being collected by its Service. It is important to recognize that LibraryPass’ Services are designed to collect and process the minimal personal data necessary to provide the Services to the user.

    Additionally, as required of Controllers by GDPR, users can contact LibraryPass directly to exercise their rights to personal data access, rectification, portability, objection, and erasure (see below for more information). LibraryPass will respond to all requests within the GDPR-required 30-day timeframe.

    LibraryPass’ servers are located in the United States. As the US-EU Privacy Shield Framework has been declared invalid by the European Court of Justice, LibraryPass has adopted Standard Contractual Clauses (SCCs) to safeguard international data transfers, including transfers of personal data from the EU, Switzerland, and the UK, to the US.  Please note that we do not request or require any personal data for your use of the Services.

    If you are a resident of the European Economic Area (EEA), you have certain data protection rights. LibraryPass aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.  If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us at info@librarypass.com.

    In certain circumstances, you have the following data protection rights:

    • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
    • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
    • The right to object. You have the right to object to our processing of your Personal Data.
    • The right of restriction. You have the right to request that we restrict the processing of your personal information.
    • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
    • The right to withdraw consent. You also have the right to withdraw your consent at any time where LibraryPass relied on your consent to process your personal information.

    Please note that we may ask you to verify your identity before responding to such requests.

    You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

    LibraryPass will continue to monitor and evaluate GDPR compliance guidance supplied by regulatory bodies and others, and may adjust its GDPR compliance efforts if necessary.  If you have questions regarding this GDPR page, or about LibraryPass’ GDPR compliance, please email info@librarypass.com.

    Retention of Data

    LibraryPass will retain Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

    LibraryPass will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

    LibraryPass will de-identify and remove all account data for any non-renewing account that requires us to do so.

    Transfer Of Data

    Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

    If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.

    Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

    LibraryPass will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

    Disclosure Of Data

    • Business Transaction:  If LibraryPass is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.
    • Disclosure for Law Enforcement:  Under certain circumstances, LibraryPass may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
    • Legal Requirements:  LibraryPass may disclose your Personal Data in the good faith belief that such action is necessary to:
      • To comply with a legal obligation;
      • To protect and defend the rights or property of LibraryPass, Inc;
      • To prevent or investigate possible wrongdoing in connection with the Service;
      • To protect the personal safety of users of the Service or the public; and
      • To protect against legal liability.

    Security Of Data

    We take commercially reasonable security measures to protect against unauthorized access to, or modification or alteration of, the personal information you provide to LibraryPass. 

    We do this through, among other methods, the use of passwords, firewalls, internal reviews of our data collection process, encryption technologies and other physical security measures to guard against any unauthorized disclosure of your personal information. 

    Despite these measures, we recognize that third parties may unlawfully obtain access to this information and therefore do not guarantee that your information will always remain private. In the event we discover or are notified of a security breach where personal information is at risk, to the extent you have provided personal information sufficient to contact you, we will notify you as soon as reasonably possible in the manner and time periods required by law. 

    Further, if you have reason to believe that a third party has gained unauthorized access to your information, please contact us immediately at info@librarypass.com.

    “Do Not Track” Signals

    We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.

    You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

    Service Providers

    We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

    These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

    Links to Other Sites

    Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

    Children’s Privacy

    If you are under 18 and are reading this, please be sure to read this Privacy Policy for Children with your parent(s) and/or legal guardian(s) (collectively referred to as “parents”) and ask them questions about what you do not understand.

    The LibraryPass Privacy Policy is incorporated herein by reference.

    The Federal Trade Commission’s Children’s Online Privacy Protection Act (“COPPA”) requires us to inform parents about how we collect, use, and disclose Personal Information from children.

    Under COPPA, “Personal Information” is defined as individually identifiable information, and includes: full name (first and last); a home or other physical address including street name and city or town; online contact information such as an email address or screen name; a phone number; a Social Security number; a photograph, video or audio file containing a child’s image or voice; a persistent identifier that can be used to recognize a child over time and across different websites or online services; geolocation information sufficient to identify street name and name of city or town; or information collected that is combined with the individually identifiable information listed above.

    We do not knowingly collect personally identifiable information from anyone – including those under the age of 18. If you are a parent or guardian and you are aware that your Children have provided us with Personal Data, please immediately contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take immediate steps to remove that information from our servers.

    LibraryPass Services are intended only for students and patrons of either a K12 or Public Library.  As such, students and patrons have access to the Services through various authentication methods that may require them to enter a library card or student ID number to access the Service.  Our request for such identification is solely for the purpose of validating the status of the identification number. We do not request, access, or retrieve any additional information. All information, including identification numbers, is protected from unauthorized disclosure.

    LibraryPass may also collect information about a child’s online activity, digital content selections, interactions with digital content such as bookmarks, as well as IP address, device type, unique device data such as device ID, and operating system.

    LibraryPass collects information through active participation of the child and passively through the use of “cookies” and similar technologies. 

    LibraryPass collects information from a child in order to:

    (i). Support the internal operations of the Services, including but not limited to support for: activities necessary to maintain or analyze the Services, network communications, user authentication of users or personalization of content, activities necessary to perform authorized school or educational purposes, and security of users;

    (ii).  Determine the child’s current geographic location so that we may provide localized content and Services;

    (iii) Comply with the requirements of our publisher and library partners;

    (iv). Integrate with additional service providers for use of the Services;

    (v).  Personalize our Services to better reflect particular interests and preferences; and

    (vi). Generally improve the user experience.

    LibraryPass never sells a child’s information. We may share anonymized information in aggregated form with third parties in order to analyze Service usage, improve the Services and user experience, or for other similar purposes. The use and disclosure of such anonymous information is not subject to any restrictions under this Privacy Policy for Children. A child’s information is only retained by LibraryPass for the time period necessary to support the authorized school or educational purposes.

    What if a child shares information with others while using the Services?

    While using the library Services, children may enjoy opportunities to post reviews and share digital content information with others in public forums and on social networking websites such as Facebook, Twitter, etc.  When a child shares such information, it is made public and is not subject to this Privacy Policy for Children. We are not responsible for any third party’s use of information a child publicly displays or discloses through our Services. 

    Parents may email info@librarypass.com to inquire if their child has submitted Personal Information to LibraryPass and to request the review, correction, and/or removal of any such Personal Information from our system.

    If you are a teacher or administrator at an educational institution using the school Services, please email info@librarypass.com to request the review, correction, and/or removal of a student’s Personal Information, and we will facilitate your access to and correction of such Personal Information promptly upon your request.

    Parents and guardians are encouraged to monitor their child’s digital content checkouts from their public library.

    Changes to this Privacy Policy for Children

    This Privacy Policy for Children was last updated in April 2022. Please check this Privacy Policy for Children periodically for updates. Your continued use of the Services after the posting of any changes to this Privacy Policy for Children means that you agree to be bound by such changes.

    In the event of a change of control (i.e. sale of sale or merger of LibraryPass, Inc.) the successor entity will be subject to these same privacy commitments.

    Changes To This Privacy Policy

    We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

    We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

    You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

    Contact Us

    If you have any questions about this Privacy Policy, please contact us via email: info@librarypass.com.