About This Policy
Springshare LLC ("Springshare", "we," "our," or "us") is a cloud-based software and services provider (LibGuides, LibAnswers, LibCal, LibInsight, LibStaffer, and other tools, collectively referred to as "Springshare Services" or "Springshare Services and websites") to libraries, educational institutions, non-profits, and corporations worldwide ( "Customers"). The Springshare Services and websites are used by library staff, faculty and teachers, Customers' employees, library patrons, students, and other individuals ("You").
This Privacy Policy describes how we collect, use, store, disclose and transfer the information (a) you provide when you interact with Springshare Services and websites, and (b) provided by your institution when they license our Services.
Please note that our Customers may also collect, use, and disclose data that they obtain in connection with licensing Springshare Services. This Policy covers only how Springshare handles your information. For information about how our Customers handle your information, please refer to the privacy policy of the library or institution with whom you are dealing directly.
By using the Springshare Services and websites, you agree to the terms of this Policy.
Data Controller or Data Processor
Springshare is the data processor with respect to personal data submitted to and stored on the Springshare Services for hosting and processing purposes as further described below under Springshare Services-Customer Data.
Types of Information We Collect About You
Information you or your Institution may provide
When you use Springshare Services or are in contact with Springshare via other means, we may collect information such as:
- Contact details, for example your full name, institutional affiliations, phone number, email address, social media handle, and postal address
- Information about educational and professional background
- Login information used to access Springshare Services
- Professional interests and communication preferences
- Your status with Springshare (e.g., customer, prospect, vendor, partner, etc.)
- The Springshare products you use
- Comments and questions about Springshare or Springshare Services
- Any other information you choose to provide while using Springshare Services
Information collected automatically
While using Springshare Services and websites, we may also automatically collect information that does not directly identify you. This information may include your IP address, your computer & device identifiers, your general geographic location, browser cookies, and information about the devices or software you use to access Springshare Services and websites. Such information is only collected to the extent that it is necessary for us to provide Springshare Services, to optimize your user experience, and/or to make improvements to the Springshare Services and websites. Springshare does not serve third party advertising and does not share the information collected automatically with any third parties.
You may opt out of use of your personal information as outlined below under Access, Correction, and Erasure.
How We Collect Information About You
We collect information about you in three main ways:
- Information Directly Provided by You or Your Institution: When you register for services, sign up for alerts, request products or services, respond to surveys, fill out registration forms on Springshare Services and websites, register for or view webinars; create a profile, publicly post or share content, contact us, and/or otherwise interact with Springshare and Springshare Services. We may also receive and store information about you provided by your institution to the extent required to perform a contracted service.
- Information Collected Automatically Using Technological Means: As described above under Information Collected Automatically, we collect certain information automatically using technological means. We use cookies to perform and provide Springshare Services as further described below under Our Use Cookies and Similar Technologies.
- Information Collected Through Third Parties: We may receive information about you from customers and business partners for referral and reference purposes.
Our Use of Cookies and Similar Technologies
The use of browser cookies is required for successful use of Springshare Services. A cookie is a small text document that resides on your computer which usually includes certain information about the user. Springshare does not use cookies to serve advertising and we do not provide any cookie data to third parties. You can set your browser to not accept Springshare's cookies, but you may be unable to use most Springshare Services in this case.
How We Use Information About You
We may use information about you for a variety of purposes, as described below:
- To perform and deliver Springshare Services. We use information you provide us or your institution (our Customer) provides to us to deliver Services, fulfill the terms of any agreement with our Customers, or to complete a transaction you initiate with us. To be clear, we do not access or use Customer Data (as defined below) processed through the Springshare Services except for the purposes set forth in our agreement with the Customers.
- To market our products and services. We may inform you about our products, services or events and otherwise perform marketing activities. Further, we may use this information for analytics purposes.
- To respond to your questions or comments, or to provide you with requested information regarding Springshare Services.
- If you specifically signed up for it, to send you updates, newsletters, or marketing communications about topics that may interest you, including about our products and services.
- To engage in analysis and research about Springshare Services and websites.
- To support and improve our existing Services or create new Services.
- For any of the "Legal Purposes" described below in the section entitled How We Share Information with Third Parties.
We may retain this information for as long as the customer account is active or as needed to provide the Springshare Services, to comply with our legal obligations, resolve disputes, and as needed to comply with or enforce our licenses and other agreements.
How We Share Your Information With Third Parties
We may share your information with third parties for a variety of purposes, as described below.
- Affiliates. We may share your information with our corporate affiliates for any of the purposes described in this Policy.
- Third-party service providers. We use third-party service providers to help us deliver and perform Springshare Services. These service providers may use information about you to assist us in achieving the purposes discussed in this Policy. For example, we use a vendor to manage our email newsletters and other communications.
- Business partners. We may share your information with our business partners to fulfill your requests for services, complete a transaction that you initiate, or meet the terms of any agreement that you have with us or our business partners.
- Third-party plugins. Springshare Services may integrate certain third-party plug-ins. Even if you do not click on these plug-ins, they may collect information about you, such as your IP address and the pages that you view. They also may set and/or access a cookie. These plugins are governed by the privacy policy of the third-party providing them.
- Legal Purposes. We may disclose your information to cooperate with law enforcement, government or regulatory bodies, content protection organizations, or judicial processes as required by the applicable laws and regulations. We may also use or disclose information to enforce or protect the rights or safety of Springshare Services users, us, or others. We will provide notice to individuals prior to such disclosures, to the extent it is practicable to do so and allowed by law.
- To facilitate the financing, securitization, insuring, merger, acquisition, sale, assignment, bankruptcy, or other disposal of all or part of our business or assets.
When we transfer your information to third party companies, we will ensure they maintain the same level of security as us.
Keep in mind that any information you disclose publicly – either in a public profile or through message boards or other public areas – may be collected and used by others, may be indexable by search engines, and might not be able to be erased from public view to the extent they have been copied to external sites. Please be careful when disclosing personal information in these public areas.
Security
Springshare takes the security of your information and the security of Springshare Services very seriously. We take commercially reasonable measures to protect against unauthorized access to, or unauthorized alteration, disclosure or destruction of, data that you share and that we collect and store. These security measures may include practices such as keeping your data on a secured server behind a firewall, internal reviews of our data collection practices and platforms, and industry-standard encryption technologies. However, no website or service is completely secure and we cannot guarantee the absolute security of your information.
If you have reason to believe that a third-party has gained unauthorized access to your information, please contact us immediately at [email protected]. If Springshare becomes aware of any data breach, we will notify affected individuals or, with respect to Springshare Services, affected institutions as soon as reasonably possible.
Your Rights and Choices
Communication Preferences and Opt-outs
If you have subscribed to one or more of our email newsletters or are receiving marketing emails from us and you don’t want them anymore, you can unsubscribe. Follow the instructions contained in the email message to opt-out of receiving future messages of that type. However, you cannot unsubscribe from some service related messages ("operational emails") so long as you maintain an account with Springshare Services.
Access, Correction, and Erasure, Right to limit use, and to limit disclosure
You may request to review, correct or delete the personal information that you have previously provided to us through the Springshare Services. For requests to access, correct or delete your personal information, please send your request along with any details you may have regarding the method by which the information was submitted to [email protected]. Requests to access, change, or delete your information will be addressed within a reasonable timeframe.
To help protect your privacy and security, we will take reasonable steps to verify your identity, such as requiring a username or userID, or password, or other types of verification before granting access to or removing your information. In cases where we are acting as a processor of personal data for our Customer, we may first refer your request to the Customer that submitted your personal data. We will assist our Customer as needed in responding to your request, as further described below under Springshare Services-Customer Data.
In accordance with the Data Privacy Framework, EEA, UK and Swiss residents whose personal information is collected may have a right to access personal information regarding them, and to limit use and disclosure of their personal information or to object to their personal data being used for any purpose materially different from the purposes disclosed to them or stated within this Privacy Policy. Springshare will provide the said data to EEA, UK and Swiss residents upon request and will comply with any requests to limit use of their personal information.
Please contact [email protected] for more information about exercising these rights.
Data Retention and Deletion
If you request to delete your personal information, we will endeavor to fulfill your request but some personal information may persist in backup copies for a certain period of time and may be retained as necessary for legitimate business purposes or to comply with our legal obligations. Springshare's policy is to keep backups of Springshare Services data for 35 days, after which the original customer data older than 35 days is permanently deleted from Springshare servers. Springshare may retain your information for a period of time consistent with the original purpose of collection, and for a reasonable time thereafter in accordance with applicable law. We also may retain your information during the period of time needed for Springshare to conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.
Cross-border transfers of personal information
Springshare Services are hosted in data centers located in several regions around the world. Every region operates independently of one another, and we use all reasonable efforts to host the Springshare Services and Customer Data in their respective home regions. Springshare Services are currently hosted in four (4) regions - United States, Canada, Australia, and European Union. If, during the course of conducting normal business of providing Springshare Services, we transfer your information to a recipient in a country outside your respective home region, we will ensure that at least one of the following applies: (i) the transfer will be to countries deemed to provide an adequate level of protection for personal data by your respective governing body (such as European Commission); (ii) we have used specific model contracts (for example, those approved by the European Commission) intended to give personal data the same protection it has in its home region; (iii) where we use providers based in the US, we may transfer information to them if they are part of the Data Privacy Framework which requires them to provide similar protection to personal data shared between the Europe and the US; or (iv) any alternative transfer mechanism that lawfully supports the transfer under the GDPR or similar law in your home region.
Children
The Springshare Services and websites are intended for use by users aged 13 and older. We do not market to nor intentionally collect any personally identifiable information from children under thirteen (13) years of age. If you are under 13, please do not register for any of our Services or websites or provide us with any personally identifying information (such as your name, email address or phone number). If we become aware that a visitor under the age of 13 has submitted personal information without verifiable parental consent, we will remove his or her information from our Services. Please contact [email protected] if you are aware of any personal information supplied to one of Springshare Services or websites by a child under the age of thirteen (13).
Links to Other Services and Websites
Springshare Services and websites may contain links to information created and/or maintained on third-party websites. When users select a link to an outside website, they are leaving Springshare Services and are subject to the privacy and security policies of the owners of the third-party website. We are not responsible for, and we do not endorse or control, the policies or practices of any such website or services. In some cases, Springshare Services may contain an embedded content feed, video player, widget, or other application from a third party and those feeds, players, widgets, or other applications may appear to be part of the Springshare Service or website, even though they are provided or served by a third-party. If information is required for the performance of the service, the service provider is required to protect your information consistent with this privacy policy. For further information, please see the How We Share Information About You section of this policy. We encourage our users to be aware when they leave Springshare Service or website or use a third-party service embedded inside Springshare Service, and to read the privacy policies of these third party services.
Springshare Services – Customer Data
Springshare Customers submit data and information to the Springshare Services for hosting and processing purposes ("Customer Data"). Our customers are data controllers with respect to Customer Data and Springshare is a data processor. While Springshare customers decide what Customer Data to submit to the Springshare Services, depending on the particular service, the Customer Data submitted may contain personal information described in this Privacy Policy.
Springshare will not use or share any such Customer Data except as provided in its agreements with such Customers, or as may be required by law. In accordance with such agreements, Springshare may access, transfer and process Customer Data only for the purpose of providing Springshare Services, preventing or addressing service or technical problems or other purposes as set forth in such agreements or required by law.
Springshare acknowledges that you have the right to access, correct, amend and delete your personal information. If personal information pertaining to you as an individual has been submitted to us by a Springshare Customer and you wish to exercise any rights you may have to access, correct, amend, or delete such data, please inquire with the Springshare Customer directly. Because Springshare is subject to our agreements with Customers (as the data controller) with respect to your personal information stored on the Springshare Services, if you wish to make your directly to Springshare, please provide the name of the Springshare Customer who submitted your data to the Springshare Services. We will refer your request to that customer, and will support the Customer as needed in responding to your request within a reasonable time frame.
Compliance With Data Privacy Framework
Springshare complies with the EU-U.S. Data Privacy Framework and the UK extension to the EU-US DPF and Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, United Kingdom and Switzerland to the United States. Springshare is committed to the principles of the Data Privacy Framework and has certified to the Department of Commerce that it adheres to the Data Privacy Framework Principles. If there is any conflict between the terms in this privacy policy and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/
In cases of onward transfer to third parties of data of EU or United Kingdom or Swiss individuals received pursuant to the EU-US Data Privacy Framework and UK Extension to the EU-US DPF or Swiss-U.S. Data Privacy Framework, Springshare remains liable.
In compliance with the Data Privacy Framework Principles, Springshare commits to resolve complaints about our collection or use of your personal information. EU and United Kindgom and Swiss individuals with inquiries or complaints regarding our Data Privacy Framework policy should contact Springshare using the contact information listed at the bottom of this page.
Springshare LLC is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Updates to Our Privacy Policy
From time to time, we may revise this Privacy Policy. If we make material revisions to the way we collect or use your information, we will provide you with notice of those changes by either: (1) notifying you directly, (2) announcing the change on the Springshare Services and websites. This page will always contain the most up to date version of our Privacy Policy. You can determine when this Privacy Policy was last revised by referring to the "Last Updated" section below. By continuing to use Springshare Services and websites after such updates, you affirm your agreement with the terms of the revised Privacy Policy. If you do not agree with changes please request that we delete your information as set out in the Your Rights and Choices section above.
Questions, Dispute Inquiries
For any questions or dispute inquiries on this Privacy Policy or our data practices, please '
contact us electronically at [email protected] or in writing to:
Springshare LLC
Attn: Data Privacy
801 Brickell Ave, Floor 8
Miami, FL 33131
If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, you can also submit your complaint (free of charge) to Privacy Trust, an independent third party. Springshare has contracted with PrivacyTrust IRM to serve as an independent third party in resolving any privacy complaints from EU individuals.
Raise a data privacy Framework complaint with PrivacyTrust
Finally, as a last resort and in limited situations, EU individuals may seek redress from the Data Privacy Framework Panel, a binding arbitration mechanism. Despite the measures outlined in this Privacy Policy, Springshare cannot guarantee the security of any information that is disclosed online. To the extent permissible under law, Springshare shall not be liable for any direct, indirect, special, incidental, consequential or punitive damages relating to this Privacy Policy.