Privacy Policy

Last updated 22 September 2018.

Overview

SumWare Consulting trading as Athenaeum Library Software is committed to protecting the privacy of clients and associates as practically as possible.

Athenaeum as mentioned here refers to the Athenaeum app, web access and associated utilities.

This document describes how or when we collect, store and use personal and certain other information.

This document will be updated from time to time.

We take all reasonable technical and organisational precautions to protect personal information we hold about individuals, however we can not guarantee the security of the internet nor the actions of other parties outside of our control.

Personal Information

Personal information is data that can be used to identify or contact a single person. You are entitled to request details of your personal information that we hold.

If you wish to know what personal information we hold, please send an email to [email protected] including your full name and the details of your request. We may request further evidence of your identification.

We may charge - at commercial rates - for providing such information.

Collection of Personal and other Information

Personal Information

When you register an interest or purchase a product or service from Athenaeum Library Software, we collect and store your contact information such as name, organisation name and details, email address, phone numbers in order do business with you.

This information will be provided by you, or collected from your organisation's public information (e.g. web site), or other public information (e.g. government listings), or any third party authorised by you, or a combination of these.

We do not collect financial information such as credit card details from you nor third party suppliers used for payment services.

We may disclose your personal information:

  • to third parties where that disclosure is related to the services or products we supply to you
  • to any person authorised by you
  • where we are required by law.

Other information

Our software on your computers may interact with our servers to provide technical information about your computing environment for licensing, diagnostic and support purposes. For example, our web servers collect and store your connection information such as IP address, time of access and details of the connection agent. Athenaeum may from time to time submit to our servers your registration detail (IP address, registration number, organisation name, contact name) to confirm your user licence as well as information about your computing environment (software versions, operating system information, computer display dimensions).

Third party software used with Athenaeum may provide certain information to the relevant third parties. For example, FileMaker Pro - used to access Athenaeum - will provide to FileMaker Inc. certain technical information as described in FileMaker Inc.'s privacy policy https://www.filemaker.com/company/legal/privacy.html.

Accounts and Passwords

Our systems use at the minimum 1 layer of protection using accounts and passwords known only to us and selected and trusted partners (e.g. our web consultants might know the passwords to our web servers required to accomplish their work).

We provide you with initial "standard" accounts and passwords for accessing both the Athenaeum app and web search and we strongly advise you to change those passwords, as some standard passwords are known to others. We do not ask you to disclose your username and/or password, except occasionally for support reasons (when we encourage you to change your passwords again after the fact). Nor do we store nor share any such revealed data. You are responsible for keeping your personal information in your control secure at all times.

Authorisation and protection

When you use Athenaeum, you or your third party agents provide to Athenaeum personal information such as patron names, contact details, ethnicity, gender and transactional information such as library borrowings. By doing so, you attest that you are authorised to store such information and it is implied that you are authorised to allow us access to this data for the purposes described in this document.

This information is password protected. We provide you with initial passwords as mentioned above and it is your responsibility to change those and store them in an appropriate manner. We cannot tell you your passwords and we can only reset your passwords when we are given access to your Athenaeum. When you supply accounts and passwords to other parties, we have no control over what they may do with the information that those accounts have reasonable access to.

We also have administrative accounts and passwords that allow us access to your data for the purposes of providing support and additional features to you.

Self hosted Athenaeum

When your Athenaeum is self-hosted in your or third party facilities, you may grant us access to your Athenaeum for support purposes. When providing support services, we may

  • log in with you or on your behalf using our passwords for the purposes of providing said support
  • request copies of your data that we keep only as long as is necessary to provide those services.

"Cloud" hosted Athenaeum

When your Athenaeum software is hosted on our servers, you provide to Athenaeum personal information such as patron names, contact details, ethnicity, gender and transactional information such as library borrowings. In doing so, you attest that you are authorised to do so and grant Athenaeum Library Software and any authorised third parties permission to access such data for operational and support purposes only.

We also create backup copies of your data that are stored on third party "cloud" servers such as BackBlaze in encrypted form. You are not identified to such third parties. You are provided with unique initial passwords and it is your responsibility to change these and store them in an appropriate manner.

Data Breaches

Should we be made aware of your personal information under our control being accessed by unauthorised parties, we will:

  • investigate to the best of our ability to find out what happened and why
  • do our best to ensure this does not occur again
  • advise you and other known affected parties of the same as soon as practicable

Responsible Disclosure

Should you become aware of such a data breach we expect you: - to advise us of the same with sufficient detail of the circumstances to take action - to allow reasonable time for resolution before taking any other action. - if necessary, to assist us with our investigations and mitigations in what is sometimes known as "responsible disclosure" https://en.wikipedia.org/wiki/Responsible_disclosure.

This is to allow practical mitigation of the effects or further effects of data breaches.

Further Questions

Please address any further questions to [email protected].

© 1996-2018 Athenaeum Library Software (SumWare Consulting) Contact Us