This policy has been updated and is effective as of May 25, 2018. The previous version may be found here.
These terms apply to users of LibraryThing.com, and its associated domains, such as LibraryThing.nl and LibraryThing.es. They also apply to TinyCat (LibraryCat.org).
We take reader privacy very seriously. Reader privacy enjoys special Constitutional protections under US law, and LibraryThing will not cooperate with US law enforcement unless compelled to do so. LibraryThing will not cooperate with non-US law enforcement unless compelled, or if we are convinced the law is at least as just, and applied as justly, as US standards. If you are using LibraryThing from a foreign country with an oppressive government, LibraryThing urges you not to put yourself at risk.
As of May 25, 2018, we have never received a National Security Letter, FISA order, or any other classified request for user information.
No sale of personal information
LibraryThing will not sell or give personally-identifiable information to any third party. This would be evil, and we are not evil. Yes, still.
There is one exception to this rule, described below (see Reviews under Sharing and Transfer of Information). Review sharing is entirely optional and member-controlled.
We reserve and currently exercise the right to sell or give away anonymous or aggregate information.
See Sharing and Transfer of Information, below, for more on this topic.
Emails from LibraryThing
LibraryThing membership does not require an email address.
LibraryThing respects your inbox. We do not sell your email address to authors, publishers, marketing companies, or anyone else.
By default, most new members who provide their email address are subscribed to our "State of the Thing" newsletter. Members who join from the EU after May 25, 2018 are not subscribed automatically, and will have to consent explicitly to receive the State of the Thing.
By default, members who provide their email address receive profile comments by email. This can be disabled in the Privacy Center. LibraryThing reserves the right to send profile-comment emails for GDPR-exempt system notifications, and customer support.
See LibraryThing Early Reviewers and Member Giveaways, below, for terms surrounding those optional programs.
Member Privacy Center
All LibraryThing members have access to their own Member Privacy Center, where they can see and then update:
LibraryThing allows "private" libraries—libraries that others can't see. We cannot give an absolute 100% guarantee of privacy. After all, even Amazon had a day when all their "anonymous" reviewers were exposed by mistake. If the public disclosure of your library would really damage you, by all means don't post it online.
LibraryThing has a "private books" feature, marked as a "beta" feature. It is not fully functional, and does not guarantee security.
Individual accounts are designed for personal collections. Couples and families are fine too. Organizations, like churches, companies, schools, and museums, can also join, with some restrictions. (See organizational accounts.)
In event of dispute, account ownership is determined as follows: If a paid account—from when LibraryThing charged a modest membership fee for accounts with over 200 books—ownership belongs to the party that paid for the membership. For all other accounts, ownership is determined by the email address linked to the account. If there is no email address linked to the account, LibraryThing staff will make a good faith effort to determine ownership. Our decisions are final.
Freedom of discussion and personal attacks
How to deal with abuse
How LibraryThing deals with abuse
Early Reviewers and Member Giveaways
LibraryThing Early Reviewers ("LTER") gives LibraryThing members the chance to receive and review advanced reader editions of upcoming books from select publishers.
LibraryThing Member Giveaways ("LTMG") are an informal way for LibraryThing members and authors to give away books. LTMG reviews may be requested, but not required.
The mailing address and email information you provide for either program will only be used to send you books.
Recipients of books who submit reviews to LibraryThing hereby grant LibraryThing, the book's publisher, and its author perpetual non-exclusive permission to use of the review, together with their first name and city/town of residence, for purposes of entertainment, advertising, promotion, or publicity without additional compensation, except where prohibited by law. LibraryThing, the publisher, and the author reserve the right to edit reviews for clarity or language or to use only excerpts from them. Neither LibraryThing nor the publisher is under any obligation to publish a review.
For more rules and conditions see your profile.
In adding a Member recommendation to any given work page, you are expected to make good-faith, disinterested recommendations. You can only make three recommendations per book, and cannot recommend the same book more than five times overall. Recommending your own book is strictly forbidden. Members can rate the validity of other member recommendations from the Rate Recommendations page. You are free to recommend books already listed by others or by LibraryThing itself.
Terms of Service
EU Members and the General Data Protection Regulation (GDPR)
LibraryThing abides by US law. We also intend to voluntarily follow the provisions of the General Data Protection Regulation (GDPR), which applies to EU citizens and residents. We must therefore identify who is and who is not covered by the GDPR.
As of May 25, 2018, LibraryThing has assigned EU status to members based upon their IP address at sign-up, or, where that is not available to us, recent usage. This status does not change unless changed by the member.
To change your EU status, go to your Member Privacy Center. Choosing the incorrect legal status is a violation of LibraryThing's Terms of Service.
Data Protection Officer
Per the GDPR, LibraryThing's Data Protection Officer (DPO) is Tim Spalding. Our DPO can be reached at firstname.lastname@example.org.
The GDPR's Defined Roles and the Handling of Data in LibraryThing and TinyCat
Under the terms of the GDPR, LibraryThing operates as either data controller or data processor, depending on whether the service is provided to users directly, or to organizations which have their own users.
For TinyCat customers—excepting free, personal members—LibraryThing is assumed to be in the position of data processor, and the customer in the position of data controller, managing the data of their data subjects. The same may apply to LibraryThing customers using LibraryThing's "lending" feature or otherwise providing LibraryThing to others.
It is the data controller's ultimate responsibility for controlling their patron or student (i.e., data subject) data, and ensuring GDPR compliance for their data subjects, including collecting consent, managing consent-revocation, enabling access, etc.
By posting content to LibraryThing, you grant—and you represent and warrant that you have the right to grant, represent and warrant—LibraryThing a non-exclusive, perpetual, irrevocable, worldwide, omnipotent, royalty-free, fully-transferable and sublicenseable right to display, use, analyze, aggregate, modify, adapt, publish, translate, transform, create derivative works from and perform in any venue or media, online or offline, as well as
"In Painting, Sculpture, and rapt Poesy, / And arts, though unimagined, yet to be." (Shelley, Prometheus Unbound)
We do NOT assert copyright over the things you post to LibraryThing. The phrase "non-exclusive" above means you can post your content elsewhere. By posting something to LibraryThing you let us use it, but you do not restrict what you can do with it. We love it when people post their reviews on their blog, on Amazon and other sites!
As stated above, LibraryThing will not sell any personally-identifiable information to any third party.
You can control whether your reviews will ever be made available to libraries or others. Click here to edit your profile and change your preference.
Get off my lawn, you kids!
The Children's Online Privacy Protection Act (COPPA) severely restricts what information can be collected from children under 13. The EU's General Data Protection Regulation (GDPR) also severely restricts what information can be collected from children under 16. For these reasons, all children under 13 are prohibited from using LibraryThing, and, unfortunately, all European Union children under 16 are prohibited from using LibraryThing. Au revoir mes petits choux!
LibraryThing's age minimum does NOT apply to TinyCat customers providing TinyCat to others. TinyCat libraries are, in this case, the data controller/s and are responsible for ensuring GDPR compliance for their patrons. TinyCat does not provide messaging or social networking features to patrons.
LibraryThing is a warm and welcoming community, and almost everyone is nice. But younger members, and members of all ages, are warned not to provide profile information without weighing the risks and benefits, and never to provide their phone number, address, or other critical personal data online.
If you believe that your copyrighted work has been copied in a way that constitutes copyright infringement, please notify LibraryThing as set forth in the Digital Millennium Copyright Act of 1998 ("DMCA"). For your complaint to be valid under the DMCA, you must provide the following information in writing:
The above information should be submitted to the following designated agent:
Tim Spalding LibraryThing, Inc. Attn: DMCA Notice 286 Spring Street #2, Portland, ME 04102 Phone: 207-899-4108 Email: infolibrarything.com
UNDER FEDERAL LAW, IF YOU KNOWINGLY MISREPRESENT THAT ONLINE MATERIAL IS INFRINGING, YOU MAY BE SUBJECT TO CRIMINAL PROSECUTION FOR PERJURY AND CIVIL PENALTIES, INCLUDING MONETARY DAMAGES, COURT COSTS, AND ATTORNEYS' FEES.
Please note that this procedure is exclusively for notifying LibraryThing and its affiliates that your copyrighted material has been infringed. The preceding requirements are intended to comply with LibraryThing's rights and obligations under the DMCA, including 17 U.S.C. §512(c), but do not constitute legal advice. It may be advisable to contact an attorney regarding your rights and obligations under the DMCA and other applicable laws.
Please also note that we laugh off requests to remove books you don't like on DMCA grounds. Book titles and author names are not copyrightable. That's not how this works. That's not how any of this works.
HIPAA Compliance and Patron Privacy
Consider these tips to maintain patron privacy within TinyCat and LibraryThing:
What information do we collect?
This section covers the Personally Identifiable Information (PII) LibraryThing collects, as defined by the General Data Protection Regulation (GDPR).
Personally Identifiable Information (PII) we collect for all site users may include:
Personally Identifiable Information (PII) we collect from TinyCat customers may include:
Personally Identifiable Information (PII) TinyCat customers and other data-controller customers may collect from patrons may include:
What do we use this information for?
LibraryThing collects Personally Identifiable Information (PII) for these purposes:
The EU General Data Protection Regulation (GDPR) includes certain rights for certain covered individuals, concerning their personally identifiable information. We intend to voluntarily comply with these provisions, except as limited under applicable law. These rights include:
LibraryThing has created a Member Privacy Center (see above) which allows you to set preferences and exercise these rights. See Member Privacy Center section above for a full listing of what options are available.
If you have any questions about your rights under the GDPR, and how they relate to your LibraryThing data, please contact email@example.com, making clear your question and your status under the GDPR.
Third Party Cookies
LibraryThing uses third-party cookies from Google to anonymously track web usage and analytics (Google). These cookies are not essential to site functionality.
When users are not signed in, some LibraryThing pages include Google Adsense advertisements, which set cookies. These cookies are not involved in any site operation, and are not visible to LibraryThing. Google has some new privacy tools for this, debuting soon. For now, out of an abundance of caution, LibraryThing has decided to exclude all Google Adsense advertisements for users determined to be visiting from the EU. These cookies are not essential to site functionality.
We use our own domain-specific cookies to store:
These cookies are not essential to using LibraryThing overall, but are essential to LibraryThing's "logged in" site functionality. Disabling them may prevent an individual from signing into the service, from seeing the content they want to see, from changing content, etc.
In addition to Google Analytics (above), LibraryThing and TinyCat also collect and analyze their own usage data, to track usage and oversee the Terms of Service.
Sharing and Transfer of Information
LibraryThing provides Enrichment Services, including LibraryThing for Libraries (https://www.librarything.com/forlibraries) and Syndetics Unbound (https://proquest.syndetics.com), which dynamically enrich library catalogs and other book sites with data from LibraryThing and LibraryThing members. LibraryThing also provides access to the same information via data feeds.
Our Enrichment Services include aggregate, anonymous and anonymized metadata, such as popularity, average ratings, and tags. No personally-identifiable information is shared with this data.
Our Enrichment Services also include some member-provided reviews. Such sharing includes member names and the content of user reviews. Members can change their settings for the sharing of reviews (see Privacy Center, above), including options to share with no outside entity, with just libraries, or with all entities. Changing these settings in no way affect members' ability to use the site.
Third Party Links
LibraryThing may contain links to other sites (such as Amazon, for example). If you click on a third-party link, you will be directed to that site and subjected to their own terms and policies. Note that these external sites are not operated by LibraryThing.
LibraryThing values your trust in providing us your personal information, thus we are striving to use industry-standard means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and LibraryThing cannot guarantee its absolute security.
Protection of Information
We use the following security measures and technologies to protect your data:
LibraryThing's primary payment process is PayPal. LibraryThing does not receive, process, or store any payment information from PayPal, such as credit card numbers or PayPal receipt numbers.
Members can also pay for LibraryThing services with checks or money orders. We keep this information safe too.
Breach of Information
Despite our efforts, no security measure can be absolute, and there can be no guarantee that Your personal information will not be accessed through malicious means, inadvertent disclosure, or mistake.
In the case of a breach of data, as defined in the GDPR, we will notify affected members within 72 hours of our discovery, describing the breach in all appropriate detail, along with our mitigation actions.
Mobile Apps (Android and iOS)
This section covers the policies for the following apps: LibraryThing, LibAnywhere, FCPL Mobile, LINKcat, MtLaurelLib, and Unisa Library. These services are provided to the user as is.
This page is used to inform website visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Services.
Information Collection and Use
For a better experience while using our Service, LibraryThing may require you to provide us with certain personally identifiable information, including but not limited to location information and access to pictures/camera on your device. The information that LibraryThing requests is retained on your device and is not collected by LibraryThing in any way, except if specifically uploaded by you (example: book cover photos uploaded to your books).
LibraryThing wants to inform you that whenever you use our Services, in case of an error in the apps we collect data and information which is transmitted directly to our server in the form of Log Data. This Log Data may include information such as your devices's Internet Protocol ("IP") address, operating system version, configuration of the app when utilising the Service, the time and date of your use of the Service, and possibly other anonymous statistics.
Cookies are files with small amount of data that is commonly used an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your devices's internal memory.
LibraryThing services may use "cookies" to provide automatic sign-in for certain features (example: the LibraryThing app). You have the option to set up your device to accept or refuse these cookies, and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of this Service.
LibraryThing values your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and LibraryThing cannot guarantee its absolute security.
Links to Other Sites
See the COPPA section.
LibraryThing allows members to connect to various apps, like Facebook and Twitter, that require application authorization. We will not use this for any purpose other than explicitly agreed to. The data we collect from these apps is used only for authentication purposes, and to post to the services as directed. It is not displayed, transferred, or shared in any way.
LibraryThing does not store any information for Facebook and Twitter except the keys necessary to perform API requests. In other words, all that stuff that Facebook gave companies like Cambridge Analytics, and which they misused, we have never stored and don't store now. We reserve the right to store your Facebook "name."
We take it all back
These terms and conditions are subject to the usual change-at-any-time rule that websites put on their terms and conditions and which seem so unfair. ("What, I have to submit a DNA sample?") We have edited them as new situations have come up, but we promise not to change any of the core principles, particularly with regard to sale of information, copyright and death rays. We promise to make all changes openly, with tracking and with the opportunity for users to withdraw their accounts.
4/15/20. Updated "Member accounts" section to reflect free memberships.
3/27/20. Added clarifying language to the section "Freedom of discussion and personal attacks."
12/16/19. Added clearer language that "flagging is not a weapon."
9/18/19. Added to picture-uploading rules.
5/29/19. Added personal groups rule.
6/8/18. Changes related to the Member Privacy Center going live.
6/6/18. Additions and minor changes integrating TinyCat-specific provisions into the LibraryThing TOS.
5/24/18. Considerable changes, especially relating to the General Data Protection Regulation (GDPR). See here for previous version.
5/14/18. Added Account ownership section.
1/11/18. Added Mobile Apps section.
11/30/16. Added HIPAA Compliance and Patron Privacy section.
09/8/16. Added DMCA section.
06/25/15. Added "topics" to Other Rules section on "pointless" groups.
8/12/14. Added equal opportunity employer statement.
5/1/14. Added suggestive images of minors bullet.
1/27/11. Major design changes to page. No textual changes.
5/27/10. Added plagiarism bullet.
12/15/08. Added "Disclaimers/Attributions" section.
3/25/08. Added "Review integrity" section.
10/31/08. Fixed a spelling error.
3/2/08. Fixed a spelling error.
2/29/08. Added italics, capital letters.
2/28/08. Clarified posting rules, which have been on and off this document and elsewhere on the site. Edited don't-dos to include impersonating someone else.
8/11/07. Reordered a bit; clarified that authors promoting their books is commercial.
7/12/07. Added prohibiton against duplicative or nonsense groups.
7/1/07. Added prohibition against reposting flagged content.
1/2/07. Added "Participating in Translation" link. Reordered items a bit.
12/17/06. Added "sock puppets" to "shell accounts." Edited some of the "don't be a jerk," for brevity not content.
12/11/06. Added "Participating in Talk and Groups." Removed "Intellectual Property and Reverse Engineering" clause.
9/11/06. Added part about use by booksellers to "Individual accounts".
8/21/06. Updated "Individual accounts" section to link to information about organizations.
4/3/06. Added section on "Automated Input and Retrieval," and second paragraph of "Individual accounts."
11/8/05. Added IP and reverse engineering clause.
11/8/05. Made it clearer that your username can't be an insult, general or specific, or use a term that suggests you run the website.
10/3/05. Added rule about empty libraries.