{{ site.title }}

Privacy Policy

This privacy policy was last updated on May 25, 2018.

The Association of Research Libraries (ARL) is committed to protecting and respecting the privacy of our community. This policy describes the personal data ARL collects, how it is used and stored, and practices in place to ensure the security of this data and compliance with applicable laws. The policy also describes options available to you to request access to, correction of, or removal of your personal data.

What data does ARL collect?

ARL collects two type of personal data. The first is data that an individual may actively provide as a result of:

  • registering for an event (including name, address, email, phone number, and institutional affiliation);
  • paying for a product or service such as an event registration (including name, address, email, phone number, and credit card information);
  • applying for one of ARL’s diversity, leadership, or professional development programs, such as the Initiative to Recruit a Diverse Workforce (including name, address, email, phone number, demographic information, and educational attainment); or
  • subscribing to an email list or newsletter (email address and name).

The second type is data that is passively collected via cookies and web logging during a visit to one of ARL’s websites. This data may include IP address, device type, browser type and version, operating system, pages viewed and length of time on each page, and errors encountered.

How does ARL use the personal data it collects?

ARL uses personal data actively provided by individuals for two purposes:

  • to provide a specified service (such as access to an event or program) and
  • to provide access to information (via membership and participation in an email list or delivery of periodic announcements and newsletters via email).

ARL uses personal data passively collected via cookies and web logs exclusively to improve constituents’ online experience by informing future website design and presentation decisions. This information is not used to identify any specific user or track a specific user’s behavior on the websites.

How and with whom does ARL share the personal data it collects?

ARL will never sell or rent your personal data to third parties. ARL sometimes shares data with suppliers and subcontractors on a “need to know” basis to help operate its websites and services and to provide users with information, products, or services that they may request. For example, ARL shares data with Google Analytics to obtain insight into how visitors use its websites and to improve their online experience.

How does ARL secure the personal data it collects?

ARL has implemented industry-standard security safeguards to protect the personal data it collects. All personal data actively or passively collected by ARL is stored on secure servers generally located in the United States. All payment transactions are encrypted using SSL technology, and no critical personally identifying information (such as credit card numbers) is retained or stored. While ARL takes all reasonable precautions to protect personal data from loss, misuse, or unauthorized access, it cannot guarantee that none of these will occur.

How long does ARL store personal data?

Data from event registrations, program applications, and web logs will be deleted when there is no longer a business need. Data provided during a subscription to an email list or newsletter is retained as long as membership on the list or receipt of the newsletter is desired. Data collected via Google Analytics is retained for 26 months. As stated earlier, data provided during a financial transaction such as purchase of an event registration is not retained.

What is ARL’s cookie policy?

ARL’s websites employ the use of cookies via their use of Google Analytics (a web analytics service provided by Google, Inc). This service sets a cookie in order to evaluate an individual’s use of the website and then compiles aggregate reports for ARL describing activity on the site.

Google stores the information collected by the cookie on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. By using ARL’s websites, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

For information on how to reject or delete this cookie, see Google’s privacy policy.

What are my rights concerning my personal data collected by ARL?

You have the right to request access to, correction of, or removal of your personal data as well as to unsubscribe from ARL-hosted email lists or newsletters. To do the former, please send an email with your request to Gary Roebuck, director of administration and operations, at gary@arl.org. To unsubscribe from email lists or newsletters, please follow the directions at the bottom of emails from these sources or send an email to gary@arl.org.

Changes to this notice

If we make any material changes to this policy, we will signify this by revising the effective date at the top of this page, updating the impacted text and, where appropriate, notifying constituents by email (using the latest addresses we have on file). Please check back frequently to see any updates or changes to this policy.