CRLL PRIVACY POLICY and COOKIE POLICY

Who we are

Our website address is: https://crystalroselendinglibrary.com.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

Contact forms

If you send a message via the contact form, your name, email, and message content are delivered to the site’s admin area. That message is kept indefinitely for clerical purposes.

Direct Email Messages

If you email the CRLL librarian, that message and your email address is delivered to the website’s admin area. That message is kept indefinitely for clerical purposes.

Borrower’s Information

Users must provide a valid email address and a physical mailing address in order to borrow zines. The list of zines borrowed is retained in the user’s account. This information is viewable and editable by the user through the user’s profiel. Borrowers may delete their accounts and all the accumulated data at any time.

Order status messages are kept in the borrower’s account. For clerical purposes, a copy of the last zine order sent out is kept in an admin file until the zines are returned.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have a borrower’s account and you log in to The Stacks, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

This site uses Google Fonts which requires a cookie to be set on the user’s computer. Without Google Fonts, the site would not be as pretty! You can read Google Fonts privacy policy on their website. It is GDPR complaint.

External Links

The footer of this website contains links to other fan sites. Posts on this site may contain links to other fan sites or to YouTube videos. The CRLL promises to never link to questionable sites, however these websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaciton with that embedded content, including tracking your interaciton with the embedded content if you have an account and are logged in to that website (YouTube, for example).

Anaylytics

Who we share your data with

Askimet (our anti-spam service) is an automated service that checks email addresses against know spam addresses.

Wordfence (our internet security provider) receives and tracks live traffic, meaning visitor IP addresses and page views. This is not personally identifying information and only security-related information is relayed to the admins. The main purpose of the Wordfence tracking is to monitor for hacking attempts.

Statcounter (our page-view tracking service) collects visitor ips and activity.  This is not personally identifying information, but lets the admins know how visitors travel around the site. Page views scroll off the admin’s display after 500 lines (about 1 week).

The CRLL does not share its users’ data with anyone else, period. There is no newsletter published, so there is no need for a third party mailing service.

No ads are served on the CRLL site, so there is no data-sharing going on there either.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (in The Stacks), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Any zines you have borrowed will be listed in your account. Website administrators can also see and edit that information. At the current time, that is two people: the librarian and the library’s technical advisor, also a member of our fandom family.

 

What rights you have over your data

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service (Askimet).

Wordfence Security collects visitors’ IP addresses and monitors page views in order to safeguard the site against hackers.

Borrowers may pay for zines wiht Paypal, however that transaction is NOT handled by the CRLL. Users go to Paypal directly – the CRLL does not collect and send data to Paypal. Users should read Paypal’s privacy policy. Borrowers may elect to send snail-mailed check and avoid internet payment transactions altogether.

Our contact information

Questions, concerns, requests for export of data, or requests for deletion of data should be directed to:

TNLlibrarian@crystalroselendinglibrary.com

Additional information

How we protect your data

This site is protected with an ssl certificate that encrypts data entered into the site’s forms.

Wordfence provides brute-force protection for the site, which in turn protects your data.

The CRLL does not ask for credit card numbers, so that is not an issue.

What data breach procedures we have in place

If Wordfence or the site’s hosting service, SiteGround, notifies us of a security breach, we will take all recommended actions and will notify everyone affected immediately.

What third parties we receive data from

Wordfence notes the live traffic to the site and identifies visitors as bots or humans. Wordfence notes the browser used to visit the site. Otherwise the information is not personally identifying and scrolls off after 2000 page views.

What automated decision making and/or profiling we do with user data

Askimet is an automated spam detection service. All comments and messages deemed safe are delivered to our admin area; others go to a spam folder. There is no other automated decision-making going on here. No profiling occurs.