Who we are
Our website address is: https://crystalroselendinglibrary.com.
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you send a message via the contact form, your name, email, and message content are delivered to the site’s admin area. That message is kept indefinitely for clerical purposes.
Direct Email Messages
If you email the CRLL librarian, that message and your email address is delivered to the website’s admin area. That message is kept indefinitely for clerical purposes.
Users must provide a valid email address and a physical mailing address in order to borrow zines. The list of zines borrowed is retained in the user’s account. This information is viewable and editable by the user through the user’s profiel. Borrowers may delete their accounts and all the accumulated data at any time.
Order status messages are kept in the borrower’s account. For clerical purposes, a copy of the last zine order sent out is kept in an admin file until the zines are returned.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have a borrower’s account and you log in to The Stacks, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Who we share your data with
Askimet (our anti-spam service) is an automated service that checks email addresses against know spam addresses.
Wordfence (our internet security provider) receives and tracks live traffic, meaning visitor IP addresses and page views. This is not personally identifying information and only security-related information is relayed to the admins. The main purpose of the Wordfence tracking is to monitor for hacking attempts.
Statcounter (our page-view tracking service) collects visitor ips and activity. This is not personally identifying information, but lets the admins know how visitors travel around the site. Page views scroll off the admin’s display after 500 lines (about 1 week).
The CRLL does not share its users’ data with anyone else, period. There is no newsletter published, so there is no need for a third party mailing service.
No ads are served on the CRLL site, so there is no data-sharing going on there either.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (in The Stacks), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Any zines you have borrowed will be listed in your account. Website administrators can also see and edit that information. At the current time, that is two people: the librarian and the library’s technical advisor, also a member of our fandom family.
What rights you have over your data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service (Askimet).
Wordfence Security collects visitors’ IP addresses and monitors page views in order to safeguard the site against hackers.
Our contact information
Questions, concerns, requests for export of data, or requests for deletion of data should be directed to:
How we protect your data
This site is protected with an ssl certificate that encrypts data entered into the site’s forms.
Wordfence provides brute-force protection for the site, which in turn protects your data.
The CRLL does not ask for credit card numbers, so that is not an issue.
What data breach procedures we have in place
If Wordfence or the site’s hosting service, SiteGround, notifies us of a security breach, we will take all recommended actions and will notify everyone affected immediately.
What third parties we receive data from
Wordfence notes the live traffic to the site and identifies visitors as bots or humans. Wordfence notes the browser used to visit the site. Otherwise the information is not personally identifying and scrolls off after 2000 page views.
What automated decision making and/or profiling we do with user data
Askimet is an automated spam detection service. All comments and messages deemed safe are delivered to our admin area; others go to a spam folder. There is no other automated decision-making going on here. No profiling occurs.