Join the Library Donate

Privacy Notice

The Friends Of Kensal Rise Library (FKRL) is a registered charity that operates a community library called Kensal Rise Library (KRL). This notice is intended to explain how KRL complies with the General Data Protection Regulations (GDPR), which became effective from 25th May 2018. The GDPR legally affects how the library handles data and how it  communicates with stakeholders.

KRL treats all aspects of Data Protection seriously and takes active steps in all areas of its work to ensure that all Personal Data which is controlled and processed is appropriately private and secure, in line with current legislation.  

In this note reference is made to “stakeholders”. This term includes library card holders, volunteers, trustees and other parties who may have passed their personal data to KRL at some point.

B – Need for, and use of, Data: 

  1. Library Lending Functions: 

In order to operate the lending functions of the library, KRL needs to hold information on the library users in its database. The information is taken by a KRL team member when the library card application form is signed by the applicant. This database holds:

Name of card holder(s)

Address

Telephone number

Email contact

Date of Birth

Library card number 

The data is used to operate the applicant’s library card account (and that of any children) and to contact the applicant in case of overdue or lost items.  

KRL’s library system, TinyCat, (see C1 below) also keeps records of all items borrowed and returned, and overdue books.  Bank and credit card data is not kept by the library, and a third party payment system is used whenever payments need to be taken electronically.

KRL also processes data in relation to booking and events, management of the building and equipment (for example, details of those servicing the building), management of donations and for the management of contact lists and communication lists.  

To support diversity and inclusion and to provide required data for funding and grants the library also collects data for statistical purposes, which is anonymous and not connected to any person, for example ethnicity.  Providing this data is entirely voluntary.  

KRL  regards this data as falling under the “legitimate interest” category in the GDPR. 

  1. Donors: 

The library is wholly dependent on the community for support, as it receives no dedicated government or council funding.  The library therefore relies heavily on its donors and needs to keep records of their donations to express appreciation for their support and, (where specifically agreed by the donor completing a Gift Aid form) to collect Gift Aid refunds from HMRC.

KRL manages a database of its Donors.  The information on this Donor database is: 

  • *Name 
  • *Address 
  • *(As applicable) Date of Gift Aid form
  • *(As applicable) Amounts donated and ate of donation
  • *(As applicable) Standing orders in force
  • *(As applicable) Dates and amounts of Gift Aid claims to HMRC
  • * National insurance number only where required by HMRC as part of Gift Aid

* Sent to HMRC for Gift Aid Claims. 

KRL also keeps signed Gift Aid forms and copies of standing order mandates in order to be able to respond to queries by both HMRC and the relevant banks.

KRL regards its lawful basis for processing this data as either Legitimate Interest and/or Consent.

  1. KRL Events and Keeping Stakeholders informed about KRL:

In order to be able to inform KRL’s library card holders and also others who have expressed interest about the library, KRL emails newsletters from time to time. It is the only economically practical method. 

Where communication preferences have been expressed, library card holders may be put onto the newsletter database. Other stakeholders who do not have library cards may request to join in order to be kept informed.  The information on this database is: 

  • Name of card holder/stakeholder
  • Email contact

KRL regards its lawful basis for processing this data as falling under the “legitimate interest” category in the GDPR and / or consent for marketing (for example, newsletters via email, as required by the Privacy in Electronic Communications Regulations, ‘PECR’

  1. Other data kept by KCL for specific purposes:
    1. Volunteer Data has basic details of our volunteers who apply to KRL and complete a paper form which is retained; information on the DBS searches undertaken as applicable and their status on the rota.
    2. Book and Poetry Groups which has the names and contact details of people asking to join the KRL groups
    3. Children’s Activities which has the names and contact details of parents who have expressed an interest in hearing about activities for their child(ren). 

KRL regards this data as falling under “legitimate interest” (a) and “consent” (b, c).

In this section...

Join the Library

Why not join the library and read a book? It's great fun!

How to apply →

Make a Donation

The library depends on donations to keep open. Thank you for your support.