Privacy Policy

California State Library Foundation (“CSLF”) Privacy Policy & Statement

This Privacy Policy and Statement was last updated on September 22, 2022

In this Privacy Policy and Statement, we explain what we do with the information we obtain about you when you visit our website at https://cslfdn.org/. We recommend that you carefully read this statement. In our processing, we comply with the requirements of privacy legislation. That means, among other things, that:

  • We clearly state the purposes for which we process personal data. We do this by means of this Privacy Policy and Statement;
  • We aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • We first request your explicit consent to process your personal data in cases requiring your consent;
  • We take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf; and
  • We respect your right to access your personal data or have it corrected or deleted, at your request. If you have any questions, or want to know exactly what data of yours we keep, please contact us.

1. Categories Of Information Collected

The following are the categories of personal information that we may collect from you:

  • A first and last name;
  • Account name or alias;
  • A home or other physical address, including street name and name of a city or town;
  • An email address;
  • A telephone number;
  • IP address;
  • Website activity information, including, but not limited to, information regarding a consumer’s interaction within this website; and/or
  • Geolocation data

2. How Your Information Is Collected

We may collect your information from the following sources:

  • Information we collect directly from you: You may provide us with your information when you use our website, register with our website, participate in our offers and programs, purchase any products or services from our website or contact customer support. You may also provide us with your information when you apply for employment either in-person or through our website.
  • Information we collect when you visit our website, use our services or view our online advertisements: We may use cookies and other technologies to collect information about you when you visit our website, use our services or view online advertisements. Cookies are small files sent to your computer as you surf the web. They store information about how you interact with the websites you visit. Cookies do not collect any information stored on your computer or device or in your files. Cookies do not contain any information that would directly identify you as a person. Cookies show your computer and device only as randomly assigned numbers and letters (e.g., cookie ID ABC12345) and never as, for example, John E. Smith. We may use cookies for a number of reasons, such as to personalize your online experience, to help us improve your experience when visiting our website, to remember your preferences, such as a language or region, so you do not need to customize the website on each visit, to identify and resolve errors and to analyze how well our website is performing. You can set your browser to refuse all cookies or to indicate when a cookie is being sent to your computer. However, this may prevent our website or services from working properly. You can also set your browser to delete cookies each time you finish browsing.
  • Information we collect from other sources: We may obtain information about you from other sources, including commercially available sources, such as data aggregators and public databases.

3. How We May Use Your Information

We may use your information for the following purposes:

  • Process and fulfill orders and transactions;
  • Process payments for donations or purchases of products and services;
  • Create and manage your online account;
  • Provide customer support;
  • Send newsletters, offers, promotions and information;
  • Customize and personalize offers and information for you;
  • Develop and provide advertising tailored to your interests;
  • Analyze the use of our products and services;
  • Develop new products and services;
  • Compile and analyze statistics for website development;
  • Protect against or identify possible fraudulent transactions; and/or
  • Comply with legal obligations

4. Sharing And Disclosure Of Your Information

We may share or disclose your information in the following circumstances:

Service Providers

We may employ other companies and individuals to facilitate our website or services (collectively, the “Service Providers”), provide the services on our behalf, perform service-related activities or assist us in analyzing how our website or services are used. These Service Providers provide us support services, such as credit card processing, website hosting, email and postal delivery, location mapping, analytics and marketing services and/or research. The Service Providers have access to your personal information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. The Service Providers are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.

Within Our Organization

We may share your personal information with our subsidiaries and affiliates in order to provide you with access to our website, products or services and take actions based on your requests, as well as for the purpose of management and analysis. For example, we may share your information with our subsidiaries and affiliated companies in order to administer our loyalty programs, process orders and requests, and expand and promote our website, products, and services.

Consent

We may disclose your personal information with your consent.

As Required by Law

We may disclose your information if we believe that the disclosure is required by law or court order, in response to a request by a law enforcement agency, if we believe that the disclosure is necessary to enforce our agreements or policies, or if we believe that the disclosure will help us protect the rights, property or safety of CSLFDN or our customers or partners.  Please note that we may disclose, without restriction, aggregated or anonymized information about our users, which is information that does not identify any specific individual.


5. How We Respond To Do Not Track Signals

Our website responds to and supports the Do Not Track (“DNT”) header request field. If you turn on DNT in your browser, those preferences are communicated to us in the HTTP request header, and we will not track your browsing behavior.


6. Cookies

Our website uses cookies. For more information about cookies, please refer to Section 2 of this Privacy Policy and Statement.


7. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected and that our security measures are regularly reviewed.


8. Third Party Websites

This privacy statement does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend that you read the privacy statements of these websites prior to making use of these websites.


9. Amendments To This Privacy Policy And Statement

We reserve the right to make amendments to this Privacy Policy and Statement. It is recommended that you consult this Privacy Policy and Statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.


10. Accessing And Modifying Your Data

If you have any questions or want to know which personal data that we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below. You have the following rights: 

10.1 Right to know what personal information is being collected about you

  • A consumer shall have the right to request that a business that collects personal information about the consumer disclose to the consumer the following:
    • The categories of personal information it has collected about that consumer;
    • The categories of sources from which the personal information is collected;
    • The business or commercial purpose for collecting or selling personal information;
    • The categories of third parties with whom the business shares personal information; and
    • The specific pieces of personal information it has collected about that consumer.

10.2 The right to know whether personal information is sold or disclosed and to whom

  • A consumer shall have the right to request that a business that sells the consumer’s personal information, or that discloses it for a business purpose, disclose to that consumer:
    • The categories of personal information that the business collected about the consumer;
    • The categories of personal information that the business sold about the consumer and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each third party to whom the personal information was sold; and
    • The categories of personal information that the business disclosed about the consumer for a business purpose.

10.3 The Right to equal service and price, even if you exercise your privacy rights 

We will not discriminate against a consumer because the consumer exercised any of the consumer’s privacy rights as described in this Privacy Policy and Statement or under applicable laws or regulations. 

10.4 The right to delete any personal information

  • A consumer shall have the right to request that a business delete any personal information about the consumer which the business has collected from the consumer.
  • A business that receives a verifiable request from a consumer to delete the consumer’s personal information shall delete the consumer’s personal information from its records and direct any service providers to delete the consumer’s personal information from their records.
  • A business or a service provider shall not be required to comply with a consumer’s request to delete the consumer’s personal information if it is necessary for the business or service provider to maintain the consumer’s personal information in order to:
    • Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’ ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer;
    • Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity; or prosecute those responsible for that activity;
    • Debug to identify and repair errors that impair existing intended functionality;
    • Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
    • Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code;
    • Engage in public or peer-reviewed scientific, historical or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent;
    • To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business; and/or
    • Comply with a legal obligation.
    • Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.

11. Selling And Disclosure Of Personal Data To Third Parties

We do not sell consumers’ personal data. We do not sell, rent or lease our client or customer list to third parties. We may have disclosed for a business purpose the following categories of consumer personal information in the preceding twelve (12) months:

  • A first and last name;
  • Account name or alias;
  • A home or other physical address, including street name and name of a city or town;
  • An email address;
  • A telephone number;
  • IP address;
  • Website activity information, including, but not limited to, information regarding a consumer’s interaction within this website; and/or
  • Geolocation data

12. California Consumer Privacy Act

This Section 12 applies only to California residents. Certain terms used in this Section 12 have the meanings given to them in the California Consumer Privacy Act of 2018 (“CCPA”), California Civil Code sections 1798.100-1798.199. Pursuant to the CCPA, below is a summary of the “Personal Information” categories, as identified and defined by the CCPA (see California Civil Code section 1798.140 (o)), that we collect, the reason we collect your Personal Information, where we obtain the Personal Information and the third parties with whom we may share your Personal Information.

Categories of Personal Information that CSLFDN may have collected from or about Consumers in the preceding twelve (12) months:

  • Identifiers (e.g. name, mailing address, email address, phone number, account name and number, IP address);
  • Characteristics of protected classifications (e.g. gender, age);
  • Commercial information (e.g. products or services purchased, purchase history);
  • Internet or other electronic network activity (e.g. browse or search history, browser type, referring website addresses);
  • Geolocation data (to the extent you have configured your device to permit us to collect such information);
  • Audio, electronic, visual, or similar information (e.g. recording of guest service calls);
  • Biometric information (behavior, characteristics, or activity patterns used to extract a template or other identifier or identifying information);
  • Inferences drawn from any of the above (e.g. preferences or characteristics);
  • Professional or employment-related information (employees and job applicants); and/or
  • Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99) (employees and job applicants).

Categories of Sources from which CSLFDN may collect Personal Information about Consumers:

  • Our website at https://cslfdn.org
  • 3rd Party Websites
  • Data Brokers

Business or Commercial purposes for which CSLFDN may have collected or sold Personal Information about Consumers in the preceding twelve (12) months:

We may collect your Personal Information for the business purposes described in Section 3 of this Privacy Policy and Statement. The CCPA defines a “business purpose” as the use of Personal Information for the business’s operational purposes, or other notified purposes, provided the use of Personal Information is reasonably necessary and proportionate to achieve the operational purpose for which the Personal Information was collected or another operational purpose that is compatible with the context in which the Personal Information was collected.

Categories of Third Parties with whom CSLFDN may have shared Personal Information about California residents in the preceding twelve (12) months:

The categories of third-parties with whom we may share your Personal Information are listed in Section 4 of this Privacy Policy and Statement.

Non-Discrimination

CSLF will not discriminate against you because you exercise your rights. For example, CSLF will not deny you goods or services or charge you a different price or rate for goods or services if you make an access, deletion or do not sell request.

You have the following rights under the CCPA.

The right to make requests as follows:

Access Request (can make a request no more than twice in a twelve (12)-month period) – Request that CSLF disclose to you the following information:

  • Categories of Personal Information that CSLF collected about you during the preceding twelve (12) months;
  • Categories of sources from which Personal Information is collected by CSLF;
  • Business or commercial purpose for collecting or selling Personal Information;
  • Specific pieces of Personal Information that CSLF collected about you;
  • Categories of Personal Information that CSLF has sold about you;
  • Categories of third parties to whom the Personal Information was sold by CSLF;
  • Categories of Personal Information disclosed by CSLF about you for a business purpose; and/or
  • Categories of third parties to whom Personal Information was disclosed by CSLF for a business purpose.
  • Request that CSLF delete Personal Information that CSLF collected from you.

Do Not Sell My Info

  • Request that CSLF opt you out of the sale of your Personal Information.

How to Submit Requests

Requests for Access or Deletion:

  1. Call us at 916-447-6331
  2. Email us at admin@cslfdn.org; and/or
  3. Write us at: CSLF, 1225 Eighth Street, Suite 345

Do Not Sell My Info Requests

  1. Call us at 916-447-6331
  2. Email us at admin@cslfdn.org; and/or
  3. Write us at: CSLF, 1225 Eighth Street, Suite 345

California Shine the Light

If you are a California resident and have an established business relationship with CSLF, you may request a notice disclosing the categories of Personal Information CSLFDN has shared with third parties, for the third parties’ direct marketing purposes, during the preceding calendar year. To request a notice, please submit your request to the contact information provided in this Section. Please allow thirty (30) days for a response.


13. CHILDREN

Our website is not directed towards children under the age of sixteen (16), and it is not our intention to collect Personal Information from children under the age of sixteen (16). We request that children under the age of sixteen (16) do not submit any Personal Information to us. In the event that a child under the age of sixteen (16) provides our website with Personal Information, we ask that a parent or guardian contact us as described above, so that we may promptly delete the child’s information from our records.

Become a Member

The California State Library Foundation relies on support from people like you who value the importance of preserving cultural history for future generations. Check out the benefits and privileges of membership!

Become a Member

The California State Library Foundation relies on support from people like you who value the importance of preserving cultural history for future generations. Check out the benefits and privileges of membership!