When you apply to become a Reader at the British Library we will collect information about you including your contact details, date of birth, contact details for your sponsor (if you are under 18), and details of your research interests. We will use these details to provide you with access to the British Library (e.g. as part of the performance of a task carried out in the public interest). We will also collect details about your ethnicity and any disability you may have; we have a legal obligation to ensure that equality and diversity obligations are being met in relation to access to our public Services.
As part of setting up your Reader account we will also check your proof of ID and proof of address as set out in our Reader Registration process. in certain rare cases me may ask you to join a video conference call before attending one of our sites in order to verify your identity. We will not take copies of the documents that you provide in order for us to confirm your ID. We will take a photograph of you for use on your Reader pass. As you use the Library we will also record your interactions with our Collections, such as your order history and audit trails of which electronic items you have accessed. Again, this is part of the performance of a task carried out in the public interest; the British Library has a statutory responsibility to protect the security of its Collections. Further details about our public task can be found here.
Details relating to the specific Collection Items that you have requested during your use of our Collections (for example through use of our Reading Rooms or our remote Services such as Document Supply) will never be used to provide marketing analysis or similar functions (for example, to send you personalised marketing material), but may be used on an aggregated and depersonalised basis for Service improvement purposes (for example, to determine whether we are purchasing enough journals in a specific foreign language to match our Readers’ research interests).
Upon request we will routinely provide copies of our records to the police in the performance of their legitimate duties. However, in accordance with agreed international ethical standards for libraries, we will not provide details of the specific Collection Items that you have requested during your use of our Collections to any third party unless compelled to do so by law, with two exceptions:
- If we have evidence that gives us reason to believe that you have committed theft or vandalism in relation to our Collections we may choose to pass information about you to other cultural institutions whose Collections may be at risk. This cooperation between cultural bodies is in our own legitimate interests as we seek to protect the national Collections from harm.
- If we have evidence that gives us reason to believe that you have deliberately infringed the intellectual property of a third party through your use of our Collections we may pass your personal information to that third party to enable them to defend their rights. This is to protect our own legitimate interests in protecting the concepts of Library Privilege and Legal Deposit.
We may use various organisations to provide IT capabilities in support of our Services, and who may process your information on our behalf. These Data Processors will process your information only under contract to the Library, and may not use your information in any other way. In particular, we use the following systems to process your information:
We will retain your Reader account and associated audit trails relating to your use of our Collections for 40 years, for the purpose of administering the security of our Collections (e.g. as part of the performance of a task carried out in the public interest). We reserve the right to increase this period as necessary to protect the integrity of the cultural treasures that we preserve on behalf of the nation, in line with our responsibilities as set out in the British Library Act.
In addition to collecting contact details as part of our normal booking process, we will also be recording the times that Readers enter and leave our premises in order to reduce the risk of a local outbreak of coronavirus.
We will share your contact details and times of attendance with Test and Trace personnel, if asked, in the event of a fellow customer or staff member testing positive for coronavirus.
Your data will be kept secure and handled in line with ethical standards and the Data Protection Act at every stage of the process – from its collection and storage by us to its transfer and use by NHS Test and Trace. NHS Test and Trace will handle all data according to the highest ethical and security standards and it will be used only for NHS care, management, evaluation and research.