Description of the Eepos Libraries´ customer data file Description of the file for personal data gathered in the library system as required by the Personal Data Act (523/1999)

Updated 13.2.2017

1 a Controller

The Eepos Libraries: the City Libraries of Alajärvi, , , , , , , Seinäjoki and Ähtäri and the Municipal Libraries of Evijärvi, , , Isokyrö, , , , Lappajärvi, , Soini, , and .

Alajärvi City Library, Kirkkotie 7, 62900 Alajärvi Alavus City Library, Järviluomantie 3, 63300 Alavus Evijärvi Municipal Library, Voltintie, 62510 Evijärvi Ilmajoki Municipal Library, Museopolku 1, 60800 Ilmajoki Isojoki Municipal Library, Kristiinantie, 64900 Isojoki Isokyrö Municipal Library, Kyrööntie, 61500 Isokyrö Karijoki Municipal Library, Pappilankuja, 64350 Karijoki Kaskinen City Library, Satamakatu 18, 64260 Kaskinen Kauhajoki City Library, Prännärintie 2 C, 61800 Kauhajoki Kauhava City Library, Kauppatie 88, 62200 Kauhava Kuortane Municipal Library, Koulukuja, 63100 Kuortane Kurikka City Library, Seurapuistikko, 61300 Kurikka Laihia Municipal Library, Laihiantie, 66400 Laihia Lappajärvi Municipal Library, Hyytisentie 5, 62600 Lappajärvi Lapua City Library, Kauppakatu 23, 62100 Lapua Perho Municipal Library, Koulutie 4, 69950 Perho Seinäjoki City Library, P.O.BOX 217, 60101 Seinäjoki Soini Municipal Library, Alajärventie, 63800 Soini Teuva Municipal Library, Porvarintie, 64700 Teuva Veteli Municipal Library, Koulukuja, 69700 Veteli Vimpeli Municipal Library, Patruunantie, 62800 Vimpeli Ähtäri City Library, Lukiontie 3, 63700 Ähtäri

2 Person taking care of register issues

Jaana Viljanen, Seinäjoki Public Library, P.O. BOX 217, 60101 Seinäjoki, tel. 044 4255 447

3 Name of the register

Customer register of Eepos Libraries.

4 Grounds for maintaining the register

The customer register of Eepos Libraries is used for monitoring loans, the compilation of statistics and communication.

5 Data content of the register The following data of the registered person is recorded in the register:

 personal identity number  first names  last name  age  date of birth  gender  choice of language  address  telephone number  email address  library card number and customer registration number  encrypted PIN code  event data of loan monitoring, information on current loans and reserved items  loss of borrowing rights  unpaid fees  further information (e.g. Celia customer)  the personal data of a person who acts as a guarantor for a child under 15 years of age are registered correspondingly

The customer can use a valid photo ID as a parallel identifier for borrowing. The customer can update his/her customer data (name, address, choice of language, telephone number, email address) into the register at the web library.

The last two borrowers of a specific item can be checked from the database. The data concerning the personal loan history for the customers of the book home delivery service is registered for two years. Concerning other customers the loan history is registered only if the customer has given a separate consent.

OPENNESS AND CONFIDENTIALITY OF INFORMATION: The information is confidential (The Act on the openness of government activities 621/1999 24 §). The information will not be connected with the information of other person registers.

6 Regular information sources of the register The data is received from the customer or from his/her guarantor. The information for monitoring the loans is received from the library system. The data can be verified from the population register system in case of debt collection.

7 Regular releasing of personal data Details of an unreturned loan as well as the name, address and personal identity number of the customer may be transferred from the register for invoicing to the library unit or the firm that takes care of the invoicing.

If invoicing of library material that has not been returned or has been damaged leads to debt collection, the details of the invoice and the customer´s personal and contact details can be disclosed to the debt collection agency. Information about the customer´s password may be transferred to the reservation system for booking computers at libraries or the software running in the lending machines for customer verification. If a customer uses library´s digital services, the library card number and the password attached to it will be transferred to the service provider.

Information will not be disclosed for other purposes without the customer´s permission, unless it is legislated otherwise.

8 Transfer of data outside EU or EEA

No data from the register is transferred outside EU or EEA.

9 Protection of the register

A. Manual material

Library card application forms filled in by the customers are stored in locked cabinets in the libraries.

B. Data recorded in the library system

The supplier of the library system user service is responsible for the technical protection of the data. To use the system requires a user name and password. The data is treated in confidence and the staff is bound by professional secrecy.

The customer can use his/her library card number and PIN code to view the data related to him/her as well as to define and change his/her user settings and profile in the Eepos Web Library.

10 Right of inspection

The registered person can check his/her data in the customer register when he/she has proved his/her identity. The registered person can present a request for the right of inspection in person or in writing to the library staff. In case incorrect personal data is noticed in the register, the mistake will be immediately corrected by the library staff. The registered person can present a demand for the amendment of data to the contact person in the register issues. In case the demand for the amendment of data is not approved, the registered person will receive a written statement of the refusal. After that the registered person can bring the matter for the handling of the Data Protection Ombudsman.

11 Right to demand amendment of data

In case incorrect personal data is noticed in the register, the mistake will be immediately corrected by the library staff. The registered person can present a demand for the amendment of data to the contact person in the register issues. In case the demand for the amendment of data is not approved, the registered person will receive a written statement of the refusal. After that the registered person can bring the matter for the handling of the Data Protection Ombudsman.

12 Other rights concerning the handling of personal data The personal data of the registered customers will not be used for any purpose other than mentioned above.