Privacy Policy

1) Who We Are & Contact

Controller: Brooklyn Digital Library

Contact email: support@brooklyndigitallibrary.app
Postal address:

2) Scope

This policy applies to data processed through our Android application and any in-app features, such as account creation, library card linking, search, reservations/holds, checkouts, downloads, notifications, and support.

3) Information We Collect

A. Information You Provide

• Account & Profile: name, email, password (hashed), profile photo (optional).
• Content & Activity: favorites, reading lists, reservations/holds, ratings/reviews (if enabled).
• Support: messages and attachments you send to customer support.

B. Information Collected Automatically

• Usage data: app interactions, taps, screens viewed, search queries (minimized and/or de-identified where feasible).
• Device & diagnostics: device model, OS version, app version, language, crash logs, performance data.
• Approximate location: if you enable location to find nearby branches or events (can be disabled in device settings).
• Cookies/Local storage: tokens and preferences stored on your device to keep you signed in and personalize your experience.

C. Information from Third Parties

• Library partners & consortia: to verify card status, process holds/checkouts, and sync circulation records.
• Authentication providers: if you sign in with Google or Apple, we receive your basic profile (name, email, ID).

4) How We Use Your Information

• Provide, operate, and improve the Services and core library features.
• Authenticate you, link and manage your library account, and sync your activity.
• Process transactions (e.g., fines/fees), reservations, checkouts, and downloads.
• Personalize content, recommendations, and search results.
• Communicate with you about account activity, holds, due dates, updates, and service announcements.
• Monitor performance, debug issues, prevent fraud/abuse, and enhance security.
• Comply with legal obligations and enforce our terms.

5) Legal Bases for Processing (EEA/UK users)

• Contract: to deliver the Services you request.
• Legitimate interests: security, analytics, service improvement.
• Consent: optional features like push notifications, location, and certain analytics where required.
• Legal obligation: to meet regulatory or law enforcement requirements.

6) Sharing of Information

We do not sell your personal information.

• Service providers: cloud hosting, analytics, crash reporting, customer support, and payment processing—bound by confidentiality and data-processing terms.
• Library systems: your home library/consortium to fulfill holds, checkouts, and account maintenance.
• Legal & safety: to comply with law, respond to lawful requests, or protect rights, safety, and property.
• Business transfers: in a merger, acquisition, or asset sale, subject to this Policy’s protections.

8) Third-Party Services

We may use third-party services to support the app. These providers process data on our behalf under contractual safeguards:

• Google Firebase (Analytics, Crashlytics, Cloud Messaging)
• Authentication providers (Google Sign-In, Sign in with Apple)
• Map services (e.g., Google Maps) for branch locations
• Error monitoring (e.g., Sentry)

These services have their own privacy policies. Where required, we will obtain your consent before enabling them.

9) Data Retention

We retain personal information for as long as your account is active or as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. We also retain de-identified or aggregated data for analytics and service improvement.

10) Data Security

We implement technical and organizational measures designed to protect your data, including encryption in transit, access controls, and regular monitoring. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

11) International Transfers

Your information may be processed and stored in countries other than your own. Where applicable, we use appropriate safeguards (such as standard contractual clauses) to protect your information.

12) Your Rights & Choices

Access, Correction, Deletion

Subject to applicable law, you may request access to, correction of, or deletion of your personal information.

Consent & Preferences

• Manage permissions (Location, Camera, Notifications) in your device settings.
• Opt out of non-essential analytics where offered in the app settings.

GDPR (EEA/UK) Rights

Where applicable, you have the right to object to processing, restrict processing, and request data portability, and to lodge a complaint with your local supervisory authority.

California (CCPA/CPRA)

We do not sell or share personal information for cross-context behavioral advertising. California residents may exercise their rights to know, delete, or correct personal information, and to limit use of sensitive information where applicable.

13) Children’s Privacy

The Services are not directed to children under 13. If we learn that we have collected personal information from a child without verifiable parental consent, we will take steps to delete it. Library youth accounts may be managed through a parent/guardian and the library’s policies.

14) Changes to This Policy

We may update this Privacy Policy from time to time. We will post the new policy in the app and update the “Effective date” above. Material changes will be notified in-app or by email when appropriate.

15) How to Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at support@brooklyndigitallibrary.app.