Legal & Privacy Terms


Effective date of April 23, 2004

This page was last updated February 28, 2019.

Sirsi Corporation and its affiliated companies dba SirsiDynix (“SirsiDynix”)—with subsidiary EOS International—are committed to protecting your privacy. This privacy policy covers the collection, use and disclosure of information collected through our site ,the products and the associated online services including but not limited to Symphony, Enterprise, Portfolio (Enterprise + Digital Content), E-Resource Central, Horizon, HIP, ERC PAC, BLUECloud, and EOS.Web we provide to Customers (“Customers”) (collectively “Services”). It also describes the choices you have regarding our use of your personally identifiable information (PII) and how you can access and update such information. The use of information collected through our Services shall be limited to the purpose of providing the services for which clients have engaged SirsiDynix. We recognize the need to protect any PII shared with us, including but not limited to PII of our customers (“Customer(s)”) and our Customers’ patrons (“Patron(s)”). PII is singular or collective information that identifies an individual; for example, a person’s name, mailing address, telephone number, e-mail address, or other such information. PII does not include aggregated data from which the personally identifiable information has been removed.

SirsiDynix’s Privacy Policy identifies the care taken to protect, manage and use your PII. This Privacy Policy incorporates principles awareness, choice, notice, accuracy, access, security, data integrity, enforcement, and oversight.

In order for SirsiDynix to provide services or products, collection of or access to PII may be required. The information provided to SirsiDynix will be protected by reasonable means from disclosure to third parties.

Please read the complete SirsiDynix Privacy Policy. If you provide us with PII, you are accepting the practices described in this Privacy Policy.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at


SirsiDynix may obtain or gain access to PII in a number of ways. We may, for example, ask our Customer for PII about its employees including name and address for the purpose of registering for conferences, surveys, ordering e-mail news or information, joining limited-access sites (such as forum or list servers), signing up for an event or training, or purchasing and/or registering SirsiDynix products.

SirsiDynix may collect information about Customer’s computer hardware and software, if it was not supplied by SirsiDynix. This information may include: Customer IP address, browser type, operating system, domain name, access times and referring Web site addresses. This information is used for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of SirsiDynix. We do not link this automatically collected data to other information we collect about you.

If a Customer has selected a service or product that requires payment, we may request PII necessary for billing and/or shipping, such as: name, address, telephone number, and credit card number. SirsiDynix uses a third-party payment processing provider for these functions and does not store financial information used in such payment processing.

SirsiDynix also collects information about the pages visited within SirsiDynix websites.

SirsiDynix processes 3rd party PII under the direction of our Customers. Our Customers collect PII from their Patrons. For example, our Customers may collect the name, address, phone number, and other Patron information in order to issue a library card. Customers also may collect information about its Patrons activities related to circulation of books and other materials. We have no ownership of this information or any direct relationship with individuals whose PII may be processed as part of providing our Services.

Name of Third Party PartnerWhat Info is Shared With or Collected by This PartnerPartner's Purpose Applicable to Children Under 13
MarketoProspect name and contact information may be collected for marketing when volunteered by that individual.Marketing research and service platform
HirebridgeProspect name and contact information may be collected for hiring when volunteered by that individual.Employment application processing

Children’s Privacy

We process certain information on behalf of our Customers about children under the age of 13 (“Children”) within the services we provide. We take children’s privacy seriously, and encourage parents to play an active role in their children’s online experience at all times. These policies and guidelines are applicable to the Children’s PII only to the extent we operate or maintain such Children’s PII on behalf of Customers and collect, host or store any PII of their users. Each of our Customers who collect Children’s PII may have their own data collection and use practices and policies, including those applicable to children under 13 years of age. In addition to our privacy policy, Customers may have their own privacy requirements for which they are responsible regarding the collection and use of information from children under the age of 13. Parents may have the right to consent to the collection and use of personal information collected by our Customers through our Services; parents should contact our Customers with questions about consent requirements. Please note that we process PII on behalf of our Customers as part of providing our Services; therefore, if you do not consent to the collection and use of personal information for certain Services, you may not be able to use such Services.

The U.S. Children’s Online Privacy Protection Act (“COPPA”) may require that our Customers inform parents and legal guardians about how they collect, use, and disclose personal information from children under 13 years of age and that Customers may need to obtain the consent of parents and guardians in order for children under 13 years of age to use the Services we provide on behalf of Customers.

We make no representations, warranties or guarantees that Children’s information will be completely safe or insulated from inappropriate use by external parties, and we do not represent, warrant or guarantee that other users will not attempt to circumvent the rules, features or aspects of the Services. We do not assume any obligation, liability or responsibility associated with such behavior. Because we act as a service provider for our Customers with respect to any Children’s PII, you may be contacted by the Customer or their representatives for consent to collect or otherwise use information from your children. If required by COPPA, that consent allows us to collect and use information on behalf of that Customer to provide the Service.

Additional safeguards with respect to personal information collected about children

If required by COPPA, our Customers should not collect personal information from children under the age of 13 in the United States unless they register in person with the Customer and with verifiable parental consent. Some of our Customers collect birth dates to validate the ages of their patrons, including children. Our Customers may also collect an e-mail address from a parent for the purpose of sending a child e-mails related to the child’s account.

How do we notify and obtain consent from parents for the collection of information from their children?

Our U.S. Customers to whom COPPA applies should require a parent’s verifiable consent to the collection of their child’s PII when their child registers in person to create an account for our Services. If the parent refuses to allow the registration, Customers should not create the account as directed by our Customer. Once a parent provides verifiable consent to the collection of their child’s PII, we will, on behalf of our Customer, create the child’s account and provide the child access to the membership areas of the Services. We perform these Services on behalf of our Customers and therefore such Customers may request your consent.

How can parents access, change or delete personally identifiable information about their children?

If COPPA applies, at any time parents should be able to refuse to allow Customers to process PII from their child and can request that any PII we have collected on behalf of or from our Customers be deleted from the records in our Services; this would be performed by our Customers through our Services. Due to the nature of long-term backup media it is not possible to delete all instances of an individual’s PII from all backup media, but this media is protected by robust physical security measures and is disposed of securely when the media is retired. For certain Customers, a parent has certain editorial access to each of his or her children’s accounts through the parent’s master account on our Customers’ sites. Parents may access, change, or delete the PII that our Customers have collected from their children by logging on to the child’s account through the user interface of the applicable Service. The parent will need to have their child’s username and password to log into their child’s account. Instructions are available via links on each of the Services’ home pages provided by our Customers explaining how to recover a password if the user has forgotten it.

If you have any inquiries regarding our Customers’ privacy practices or how they use your child’s personal information, please contact them directly.

If COPPA applies, Parents have the right to consent to the collection and use of PII from a child without also consenting to its disclosure to third parties as we do not share any of this information with third parties outside of the Customer-approved components of our Services provided by third party vendors.

Upon request SirsiDynix will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging in to your account or contacting us at We will respond to your request within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.

SirsiDynix acknowledges that you have the right to access your personal information. An individual who seeks access to their data, seeks to correct, amend or delete inaccurate data or wishes to opt-out of communications from a Customer should direct his/her query to the Customer with whom he/she directly interacts (the data controller). Patron PII could reside locally with the Customer or in a Cloud environment hosted by SirsiDynix. In either case, SirsiDynix may have access to such PII. For example, when providing support to our Customer for SirsiDynix products and services, SirsiDynix may be granted access to patron PII by our Customers for the purpose of troubleshooting. SirsiDynix may also have access to patron PII for the purpose of aggregating and analyzing non-personally identifiable data. Whenever SirsiDynix is granted access to Customer patron PII it is handled according to the principles of this Privacy Policy. If a SirsiDynix Customer requests that we modify or remove Patron PII on their behalf, we will respond to their request within a reasonable timeframe.

SirsiDynix may transfer personal information to other companies that help us provide our Services. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our Customers.

SirsiDynix will retain personal data we process on behalf of our Customers for as long as needed to provide services and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Customers who use the services offered on our Site may submit the personal information of other individuals at their organization to register them as authorized users. It is the Customer’s obligation, as the data controller, to inform its authorized users about the purposes for which information about them is collected and may be used on this Service. Authorized users can update or remove their account information at any time by logging into the Site and editing their account information, or by contacting their administrator.



SirsiDynix adheres to the American Library Association’s Code of Ethics’ guidelines for privacy protection, including the obligation to protect each library patron’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.

Customer information collected by SirsiDynix will be stored and processed in the United States or in other locations that may be required by SirsiDynix’s Customers or by applicable laws. Customer patron information collected by Customers for use with SirsiDynix products and services will be processed and stored at either a local Customer-hosted SirsiDynix site or a regional SirsiDynix hosting facility.

Notification of Changes

We may update this privacy statement to reflect changes to our information practices including any material changes to how we use PII collected from children under age 13. If we make any material changes we will notify you by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.


PII will not be collected, sold, leased, or otherwise distributed or disclosed for commercial purposes and will not be distributed or disclosed to outside parties unless required by law.

PII will not be sold, leased or otherwise distributed or disclosed out of line with this policy without notice being given to the individual. At that time, the individual can request the PII not be shared. PII will not knowingly be collected directly by SirsiDynix from children.

What information may be collected on our website(s) without user registration:

  • The domain name (e.g. of the visitor.
  • The IP address of the computer or Internet provider.
  • The date/time you accessed the site.
  • Name
  • Email Address
  • Address
  • Phone number
  • Company Information

How the collected information is used:

  • Measuring traffic flow and volume.
  • Diagnosing server problems.
  • Determining which parts of the site users are visiting.
  • Delivering services, for example press releases, events information, training or software, which the user requested or purchased.
  • To notify our users of product upgrades, special offers, updated information and other services.
  • To allow user access to limited-entry Websites.


SirsiDynix may send out periodic e-mails to its Customers about services or security issues related to a product or service. The user will not be able to choose to use the automatic unsubscribe feature to disable these mailings, as they are considered an essential part of the service the user or customer selected during registration. Users or customers may opt out of such mailings by closing the associated account, contacting SirsiDynix according to the process described in the Opt-Out Features section, below.

Disclosure of PII

No attempt is made to identify individual website users unless illegal behavior is suspected.

Network traffic is monitored to identify unauthorized attempts to upload or change information, or otherwise cause damage to the SirsiDynix’s web services. PII may be disclosed:

If required to do so by law, such as to comply with a subpoena, or similar legal process, or in the good-faith belief that such action is necessary to protect our rights, protect your safety or the safety of others, to investigate fraud, or respond to a government request, when it is believed that disclosing the information is necessary to identify, contact or bring legal action against someone who may be violating this Privacy Policy or to protect and defend the rights or property of SirsiDynix.

To act in urgent circumstances to protect the personal safety of SirsiDynix employees, users of SirsiDynix products or services, or members of the public or when someone may be causing injury to or interfering with SirsiDynix’s rights or property, other users, or anyone else who could be harmed by such activities.

To conform to the edicts of the law or comply with legal process served on SirsiDynix.

If SirsiDynix is involved in a merger, acquisition, or sale of all or a portion of its assets, a prominent notice will be displayed on our Web site of any change in ownership or uses of PII, as well as any choices you may have regarding your personal information, will be posted

SirsiDynix may occasionally hire or use other parties to provide limited services on our behalf, including packaging, mailing/delivering purchases, answering questions about products or services, sending postal mail and processing event registration. We will only provide those companies the information they need to deliver the service, and they are prohibited from using PII for any other purpose.

Tracking Technologies

SirsiDynix and its partners use cookies or similar technologies to analyze trends, allow access to certain functions such as the online catalog and electronic resources to better help manage content on our site, administer the website, track users’ movements around the website, and gather demographic information about our user base as a whole. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service.

We partner with a third party to display advertising on our website or to manage our advertising on other sites. Our third party partner may use cookies or similar technologies in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click here or if located in the European Union click here. Please note you will continue to receive generic ads.


SirsiDynix’s website(s) may contain links to other sites. SirsiDynix is not responsible for the accuracy, currency, and content of any other sites to which SirsiDynix provides hyperlinks or access. SirsiDynix is not responsible for the privacy practices of other sites. SirsiDynix cannot be responsible for an individual’s privacy when a patron discloses information to outside web sites.

SirsiDynix encourages users to be aware when they leave SirsiDynix’s site(s), to read the privacy statements of each and every web site that collects PII. It is the individual’s responsibility to protect their PII, including user name and password information. SirsiDynix’s Privacy Policy applies solely as described herein.

Our Web site includes Social Media Features, such as the Facebook Like button and links to our various social media pages. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.


Credit card transactions for SirsiDynix offerings are almost always completed through third-party payment processors without SirsiDynix having any access to related PII. Such processors use industry-standard technology to safeguard the confidentiality of the individual information. This technology includes use of firewalls, secure socket layers (SSL), and/or encryption. In instances where SirsiDynix takes credit card information directly, such information is processed through a third party payment processor as described above, and SirsiDynix does not retain a copy of the credit card information provided.

In order to further protect individual information, Customers and their patrons should always log out and close the browser when finished using a shared or public computer.

SirsiDynix takes reasonable steps to prevent the introduction of viruses, worms, or other destructive materials into or through its systems. However, SirsiDynix does not guarantee or warrant that materials downloaded from SirsiDynix do not contain viruses, worms, or other destructive materials. SirsiDynix is not liable for any damages or harm attributable to such materials. Usage of materials available via download from SirsiDynix is solely at the user’s own risk. No security system is impenetrable. SirsiDynix cannot guarantee the absolute security of its database. SirsiDynix cannot guarantee that the information supplied by the user will not be intercepted while being transmitted to SirsiDynix over the Internet. Depending on our Customers’ security feature selection, information collected through our service is processed via secure socket layers (SSL).

Customer User Access and Choices/Opt-Out

Upon request SirsiDynix will provide you with information about whether we hold any of your personal information. To request this information please contact us at

If our Customers’ personal information changes, they may correct, delete inaccuracies, update, amend, remove, or ask to have it removed by making the change on the user account settings page, by emailing our Customer Support at or by contacting us by telephone or postal mail at the contact information listed below. If you no longer desire our Services, please contact us directly. We will respond to your request within a reasonable timeframe.

We will retain Customer information for as long as an account is active or as needed to provide Customers with services. Due to the nature of long-term backup media it is not possible to delete all instances of an individual’s PII from all backup media, but this media is protected by robust physical security measures and is disposed of securely when the media is retired. We will retain and use Customer information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Website users may discontinue receiving some of the communications from SirsiDynix, such as e-mail newsletters announcing new features, contests, and new content, by sending an e-mail to Website users may also discontinue receiving some of the communications from SirsiDynix by editing account settings.

Customer Patron User Access and Choices/Opt-Out

If a Customer Patron’s personal information changes, they may correct, delete inaccuracies, update, amend, or remove it by making the change on the user account settings page, or by contacting a Customer representative. If requested to remove data we will respond within a reasonable timeframe.

We will retain Customer Patron information on live systems for as long as an account is active or as needed to provide the Customer Patron with Services. Due to the nature of long-term backup media it is not possible to delete all instances of an individual’s PII from all backup media, but this media is protected by robust physical security measures and is disposed of securely when the media is retired. SirsiDynix retains data on systems for no longer than one year. Additionally, we will retain and use Customer Patron information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Enforcement of this Privacy Statement

If an individual has questions regarding this statement, individuals should first contact SirsiDynix by e-mail at Should you not receive acknowledgement of your inquiry or if the inquiry has not been satisfactorily addressed, the individual should then contact the Legal Department.

Contact Information

SirsiDynix welcomes comments regarding this privacy policy, please contact us by e-mail or:

SirsiDynix Legal Department

address icon


3300 North Ashton Blvd Suite 500 Lehi, UT 84043 United States

address icon