3. Data processing for the library management system and KatalogPlus
General regulations can be found in the data privacy statement of the University of Münster.
We collect and use the personal data of our users insofar as necessary to provide the requested service or as legally required. If you want to use library services, registration for library use is usually required, during which we process personal data.
a) Scope of data processing
The library management system of the ULB is the central administration software with which the processes in the library are managed. This includes, among other things, searching the ULB's media holdings and managing the data of library users in the context of media lending.
Searching for media and user access to the associated lending services is done via KatalogPlus, the user interface of the library management system. Searching in KatalogPlus is possible without logging in. The use of advanced services, especially in the context of media lending, requires registration for library use. As a registered user, you can borrow, renew, and request books, journals, or other media, as well as make use of interlibrary loans. In addition, you can save titles and search queries in watch lists in KatalogPlus to access them again in the future.
Using KatalogPlus to search the ULB's holdings generates the following data, which is processed and stored in the system:
- Search terms and search fields used,
- History of the search process,
- Watch list with titles bookmarked from the list of search results, if used.
When registering for library use, the following data are processed:
- Personal data: Title, first and last name, date of birth, gender, home address, email address(es), university ID, Student ID Number (if available), work address (if available), user number, user group.
- Borrowings: Items on loan, requested items , returned items , open charges, paid charges.
- Administrative data: Date of first registration, date of last borrowing activity, date and reason of account locks (if applicable), temporary validity of the account (if applicable), notebook entries.
b) Purpose of data processing
The purpose of processing the search data from the KatalogPlus is to carry out the search queries requested by the users and to simplify the use of the catalog.
The purpose of data processing in the context of registration for library use is the organization of lending operations as well as communication with users when borrowing, returning and providing requested media, exceeding lending periods or in case of questions. Furthermore, the processing is necessary for the reminder of fees, for example, if lending periods are exceeded, as well as for the enforcement of claims in the event of loss or damage to media. Loan data is used in anonymized form to create internal statistics for collection management, in particular for acquisitions, removals and relocations.
c) Legal basis for data processing
The legal basis for processing of personal data as listed above is provided by the user’s explicit consent granted to the University of Münster in accordance with Art. 6 (1, 1 a) GDPR, in particular the acceptance of the Terms of Use of the University and State Library of the University of Münster. By registering for library use, the user consents to the collection and processing of his/her data.
d) Further recipients of your personal data
Personal data are forwarded to the following recipients within and outside the University of Münster:
Recipients within the University of Münster:
For the settlement of fees that have not been paid for a longer period of time (approx. 3 months), the user number, title, first and last name, private address as well as the affected fee items will be forwarded to the Cash Office of the University of Münster.
Recipients outside the University of Münster:
For interlibrary loan orders placed by users, the title, first and last name, user group, email address, university ID, and the metadata of the requested media are forwarded to the Hochschulbibliothekszentrum des Landes Nordrhein-Westfalen (hbz), Jülicher Straße 6, 50674 Köln.
In the case of data processing by external parties (especially in the context of technical support), a corresponding contract on commissioned processing pursuant to Art. 28 GDPR has been concluded.
e) Duration of storage of personal data
Searching in KatalogPlus: The search history and the watch list are deleted when you end the session and close the browser. Permanent storage beyond the session only takes place if you have logged into KatalogPlus with your personal user ID. In this case, the data is stored in your user profile, and you can delete it any time.
Registration for library use: Your personal data mentioned above will be stored for as long as it is needed for the purposes mentioned above. If you withdraw your consent, the data will be deleted within a few days.
Data justifying payment (fees, claims, and the usage transactions justifying them) must be kept for 10 years due to other legal regulations.
Personal data on loans, reservations, interlibrary loans and user-initiated orders that are not related to payments will be anonymized after 180 days to the extent that there is no longer any reference to a specific person.
User and contact data will be deleted as follows, provided that no claims (loans or fees) are still open on the part of the library:
- Students of the University of Münster: 6 months after De-registration
- Scientists of the University of Münster: 6 months after leaving the University of Münster
- Temporary user accounts: 6 months after expiration of the temporary validity of the account
- other accounts: 3 years after the last borrowing activity
