Why we collect personal data
We collect and store personal information that is necessary to provide the services we offer or that supports our legitimate interests as providers of those services. For example, some of our services require that we be able to identify you and contact you or keep track of payments you have made to us. Other services require that we save and store information about books we have reported to you as being for sale; books that you have clicked on; book descriptions you may want to save for future reference; other types of information you give us that may be helpful in identifying items that you may be interested in buying or learning about.
In order to provide our search service we also collect a certain amount of data on the individual booksellers that list books for sale. The data we store is listed below.
What personal information do we collect?
For normal users of the website we may collect:
- Your name
- Login name and password
- Email address
- Phone number
- IP address
- Preferred currency
- Preferred language
- Pages you have visited on our website
- Search queries you have submitted
- Details of books you have clicked on or saved for future reference
- VAT number
- Credit card details
- Details of your subscription, including associated invoices and payments
- ID numbers from authorised payment processors, such as PayPal
- A list of ads you have viewed and clicked on
- Any other information you provide to us directly
For booksellers we may also collect:
- Your business name
- Website address and other contact details
- Details of the books you have listed for sale, currently and in the past
- Catalogues you have submitted details of
- Your association memberships
- Whether you exclusively sell print-on-demand books
- Whether your images should be hidden in search results (e.g. if you only use stock photos)
- If we have excluded your books from search results entirely (e.g. if we do not believe that you own the books you are listing)
And for LibriDirect users we also collect:
- Orders submitted to your website
- User IDs and access details for your Dropbox, Stripe and PayPal accounts
For normal users all data we hold on you will have been provided directly by you. We do not purchase or acquire data from third parties about you. We do, however, receive information about booksellers from third parties such as bookseller associations or book listing websites.
All server activity on our website is recorded in log files which are used for analysing and correcting errors that may occur. These files necessarily include IP addresses and details of your web browser. In some very rare cases they may also include other personal data that you have provided to us. This data will not be used for any other purpose and will be deleted after two to six months.
You may ask us to send information about a product listing to a third party. To do this we will need personal information for the third party, including their name and email address, that you will provide to us. This information will only be used for providing the specific service you have requested and will not be stored on our server or passed on to anybody else.
The personal information we collect from you may be used in the following ways:
- We may need to contact you in order to maintain your account or to inform you of any changes that have been made to your account. For example, we may need to contact you if your Premium Service account subscription has expired or been renewed, or if a subscription payment has been refused by one of our payment processors.
- We may write to you to inform you of new or changed features or services that we offer.
- Our Libribot service will, at your request, regularly search for items that you have asked us to find. With your agreement we will notify you, by email, of items we have found that match your search criteria. We will also make available, on the viaLibri website, a list of all the items we have found that match your submitted wants.
- We will not sell, rent or share your personal information with any other parties. Specifically, we will not provide to third parties your email address, wants, IP address or other unique information that can be used to identify you, except when required by law or necessary for site testing and analytics undertaken for us by independent service providers.
- In the future we may use your search history, and details of books you have clicked on, to recommend to you books you might be interested in.
- We may share anonymised search data with other users of our site. This will never include personal data such as IP address, email address or name. It will not be possible to link your searches back to you.
What we do to secure your personal data on our site
- The data you enter into our site is transmitted using industry standard Transport Layer Security (TLS).
- Access to the data stored on our server is strictly controlled by limited and secure password access.
- Data on our database, and all backups of this data, are protected by strong encryption.
Data shared with third parties
We use a number of third party services behind the scenes and some of your personal data may be shared with these services. We use third party services for managing our servers, sending emails, processing payments, providing customer service, analysing website usage, and preparing company accounts. They have access to personal information needed to perform their functions, but may not use it for other purposes. We have verified that they will process your data in accordance with the GDPR.
Advertisers that buy banners on viaLibri do not have access to your personal data and we do not currently target these advertisements using your personal data.
Cookies are small files that we place on your computer’s hard drive using your web browser. Among other things, they enable the browser to identify you, remember your personal preferences and to store your program settings for repetitive use.
Retention of your personal data
We hold onto your data for as long as it is needed to provide you with the service you expect from us. In practice this means most data is kept until your account is deleted. Some pieces data, such as the IP addresses you’ve used or the pages you’ve visited on our site, are only kept for diagnosing errors and are deleted after a few months.
Details of books you have listed for sale in the past may be kept in our database after the deletion of your account. These too can be removed upon request.
Certain regulations require us to keep some information longer, for example details of payments you’ve made to us are kept for seven years after your last payment. If you’ve made payments to us then we will store your contact details for this extended period too.
Control of your personal information
- Some of the personal information that we have received from you will be displayed on your account page. This data is required in order for us to properly manage your data and your relationship with us and may be edited and corrected by you on your accounts page. If you need to amend or remove any other information we hold about you that is not editable on your account page then please contact us.
- Details of your personal information that we have stored in our database is available on request by writing to us.
- You may have your account closed or deleted. To do this you must write to us by email at email@example.com and include the subject “Account Closure Request.” After we have verified your identity we will close your account and remove from public accessibility all your personal data. Removal requests will be processed as quickly as possible, and will be completed in no more than 2 weeks. If you have made any payments to us then we are required to keep historical information about your account for at least seven years.
- Public information about you and items you may have offered for sale can be copied from our website by third parties who have visited and copied data from our site. For example: Google, The Wayback Machine and other similar search engines and internet archive sites may scrape data from our pages and use it with their own search results. Data that has been copied from us in this way is no longer under our control and cannot be removed or edited by us. Requests to remove or update this information must be directed to the website where the data is being displayed. If the url of the page displaying data you want to edit or remove does not begin with “https://vialibri.net” or “https://www.vialibri.net ” then it is not coming from us and we cannot change it.
International transfers of data
viaLibri Limited is a UK corporation, but our servers are based in the USA. As a result all personal data we store is located in the USA. All facilities we use in the US comply with the EU-US Privacy Shield regulations which provide strong safeguards for your data.
Data protection office
Our DPO is Jim Hinck. He may be contacted at firstname.lastname@example.org.