Legal & Privacy Terms

SIRSIDYNIX: PRIVACY POLICY

Effective date of Oct 3, 2022

This page was last updated October 3, 2022.
TRUSTe

Sirsi Corporation and its affiliated companies, dba SirsiDynix, and its subsidiary, EOS International (referred to collectively in this Privacy Policy as “SirsiDynix,” we,” “us” or the “Company”) are committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, protect and process information relating to individuals (“Personal Data”) and your rights and choices regarding your Personal Data. Personal Data does not include aggregated data from which personally identifiable information has been removed.

This Privacy Policy applies only to our processing of Personal Data as a controller. When we process Personal Data on behalf of our customers as a processor, sub-processor or service provider, we do so in accordance with their written instructions to us and other written agreements with them. For information regarding the processing of Personal Data by organizations that use our products and services, please contact those organizations directly.

1. Contact information

To exercise rights that may apply to you as described in Section 6 below

Please click here or call 800-288-8020.

For all other data privacy inquiries

If you have questions regarding this Privacy Statement or require assistance with a data privacy issue, you may direct your inquiry to Data Protection Officer:

SirsiDynix Data Privacy Inquiries

address icon

Address:

3300 North Ashton Blvd, Suite 500 Lehi, UT 84043 United States

address icon

Phone:

800-288-8020

801-223-5200

Our representative for purposes of Regulation (EU) 2016/679 (General Data Protection Regulation, or GDPR) in the European Union is SirsiDynix SASU:

address icon

Address:

90-92 Route de la Reine
92100 Boulogne-Billancourt, France

address icon

Phone:

0800 906 580

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

2. Personal Data we collect and the purposes for which we use it

We collect and process your Personal Data for the following purposes. Where required by law, we obtain your consent to use and process your Personal Data. Otherwise, for purposes of GDPR compliance, we rely on our legitimate interests or another authorized legal basis, as described below.

A. Purchases.

To enable you to purchase our products and services under a contract with you, we or our processors may collect and process the following payment information:

  • your first and last names
  • your credit card information or other payment information

We use a third-party payment processor for these purposes, and we do not store financial information used in payment processing.

B. Product and service delivery.

To fulfill our contract with you or your employer (e.g., if you are an authorized user of our products and services or you work for a supplier of SirsiDynix), we may process the following Personal Data as necessary for our performance of the contract:

  • your first and last names
  • your email address
  • your telephone number
  • your shipping address
  • login information, if services require an online account

C. Conferences, events and office visits.

To facilitate to our interest in promoting security, health, safety and confidentiality in connection with conferences, other events and visits to our offices, or to fulfill our contract with you or your employer in connection with such activities, we may process the following Personal Data:

  • your first and last names
  • your email address
  • your telephone number

In addition, certain health data (which may include special categories of Personal Data) may be processed for office visits and at events during epidemics and pandemics to ensure the safety and security of our visitors and employees (where legally permitted) with your consent or where necessary for reasons of public interest and public health.

D. Product and service information.

To facilitate our interest in promoting our products and services, and after obtaining your consent if legally required, we may process the following Personal Data to provide you with information about our products and services:

  • your first and last names
  • your email address

E. Transactional and other business communications.

To facilitate our interest in communicating with you or your employer when conducting business transactions and other business activities, we may process the following Personal Data:

  • your first and last names
  • your email address
  • your telephone number

F. Website and service management and improvement.

To facilitate our interest in managing and improving our websites and services, and in some cases to fulfill our contract with you or your employer, we may automatically collect and process certain Personal Data when you visit our websites or use our services. Such Personal Data may include:

  • your IP address
  • your browser type
  • your operating system
  • your domain name
  • your access times
  • referring web site addresses

We do not link this automatically collected data to other information we collect about you.

G. Cookies.

To facilitate our interest in managing and improving our websites and services, and where required, after obtaining your consent, we and our partners use cookies or similar technologies to analyze trends, allow access to certain functions, track your navigation of our websites, and gather aggregated demographic information about our user base. You can control the use of cookies at the individual browser level but choosing to disable cookies may limit or degrade your use of some features or functions on our website or service.

H. Legal compliance and risk mitigation.

We may collect and process Personal Data listed in the foregoing paragraphs to the extent reasonably necessary to comply with applicable laws, to protect the vital interests of individuals and to facilitate our legitimate interests in preventing fraud, legal claims, and liabilities.

3. How we disclose Personal Data

Your Personal Data will be accessible to our employees who require access for the purposes described in this Privacy Policy. Our contracted data processors and service providers are authorized to use and disclose Personal Data only as necessary to perform the services for which they were engaged by us.
Other parties we may disclose your personal data to include:

  • potential purchasers of, or successor in interest to, all or a portion of our business or assets; and
  • others pursuant to consent obtained from you.

4. Transfers of Personal Data

We and the third parties described in Section 3 above may collect, transfer and store your Personal Data in the United States and in other countries that have not received an adequacy decision by the European Commission or your local legislature or regulator. These countries may not provide for the same level of data protection as your jurisdiction. In such cases, we ensure that recipients of your Personal Data provide an adequate level of protection and security through written data processing agreements and standard contractual clauses or an alternative mechanism for the transfer of data as approved by the European Commission (Art. 46 GDPR) or other applicable regulators.

5. Criteria and time for retaining Personal Data

We will retain your Personal Data no longer than reasonably necessary to complete the original purposes of its collection or to fulfill our legal obligations. Retention periods are based on the purposes for which the data are processed; the quantity, nature, and sensitivity of the data; and on applicable statutes of limitation and other legal requirements.

6. Your rights and how to exercise them

Depending on the data protection laws that apply to you, you may have specific rights respecting your Personal Data, which may include:

  • the right to request access to and rectification or erasure of your Personal Data;
  • the right to restrict our processing of your Personal Data or to object to processing;
  • the right to transfer your Personal Data to another controller;
  • the right to withdraw your consent to process your Personal Data;
  • the right to lodge a complaint with a regulatory authority;
  • the right to know about the categories and specific items of Personal Data we have collected about you;
  • the right to request correction of inaccurate Personal Data;
  • the right to opt-out of the sale of your Personal Data (we do not sell your Personal Data);
  • the right to obtain copies of agreements or portions of agreements between SirsiDynix and other organizations that control or process your Personal Data;
  • the right to non-discrimination for exercising your rights; and
  • the right of no retaliation following your exercise of your rights.

If any of these rights are applicable to you, you may exercise them by contacting us as described in Section 1 above.

Note regarding our processing of Personal Data on behalf of our customers. As described in the second paragraph of this Privacy Policy, we may process Personal Data on behalf of customers who use our products and services. We process such Personal Data as a processor for such customers, who are the controllers of the Personal Data. We are not responsible for the privacy and data security practices of our customers. If your Personal Data has been submitted to us for processing on behalf of one of our customers and you wish to exercise any rights you may have under applicable data protection laws, please contact that customer directly. We will assist the customer to respond to your request as required by applicable laws.

7. How we protect your Personal Data

Personal Data is stored on servers and systems that are owned by us or by contractors engaged by us under written agreements which comply with this Privacy Policy.
We maintain appropriate technical, administrative and physical safeguards to protect personal data received or collected by us. We review, monitor and evaluate our privacy practices and protection systems on a regular basis.
Notwithstanding the foregoing measures, transmissions over the Internet or mobile networks are not 100% secure and we do not guarantee the security of transmissions.

8. Links

Our websites and services may contain links to websites or services operated by third parties. We are not responsible for the accuracy, currency, or content of any such website or service. We are not responsible for the privacy policies or practices of any third party.
We encourage you to be aware when you leave our websites or services to read the privacy statements of each linked website or service that collects Personal Data. It is your responsibility to protect your Personal Data, including username and password information.

9. Children

Our products and services are marketed and offered to libraries and institutions (referred to collectively in this Section 9 as “Libraries”). We do not market our products or services to, and do not solicit or collect information on our own behalf from, children.
Libraries may use our products and services to provide accounts to children, including children under the age of thirteen. The U.S. Children’s Online Privacy Protection Act (“COPPA”) or other laws may apply to Libraries’ collection and processing of the Personal Data of children, and it is the responsibility of each Library to comply with all laws applicable to it and to its collection of children’s Personal Data.

10. Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes to our practices regarding Personal Data. If we make any material changes, we may notify you by means of a notice on this website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

11. California Consumer Privacy Act (CPPA) disclosures

We do not “share” or “sell” your information, as those terms are defined in the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CRPA).

CCPA Personal Data CategoryPersonal Data Processed by UsCollected in Last 12 Months?Sold or Shared in Last 12 Months?Disclosed* for Business Purposes in Last 12 Months
IdentifiersContact information, such as name, mailing address, email address, telephone number, social security number, driver's license number, passport numberYesNoYes
Financial InformationCredit card number, debit card number, and similar information required to process purchaseYesNoYes
Internet or other electronic network activityCookies as described aboveYesNoNo
Professional or employment informationContact informationYesNoYes

* Additional information for employees and job applicants is available on the SirsiDynix intranet and in application and pre-hire documentation provided by SirsiDynix.
** Disclosures are made to the parties and for the purposes describe in this Privacy Policy.