Data protection at the Swiss National Library

The Swiss National Library (NL) respects and protects its users’ rights in respect of data protection and privacy.

Data protection at the NL is governed by the Swiss Confederation’s general provisions on data protection, with specific details and additions as set out in this policy.

Why does the NL collect and process personal data?

Collecting and processing users’ personal data is essential for the NL to fulfil its statutory mandate, and in particular to provide certain services offered within the scope of that mandate. The NL has put in place the measures required by law to protect personal data.

These services include, in particular, the administration of user accounts for borrowing publications listed in the NL’s catalogue (Helveticat), the provision of various types of information to the public via the NL’s websites and applications, and additional information services to which users can subscribe.

NL websites are generally hosted by the Confederation, in the form of the Federal Office of Information Technology, Systems and Telecommunication (FOITT).

Exceptions include:

What personal data must be provided when opening an NL user account?

When opening a user account for borrowing purposes, the following personal data must be supplied: last name, first name and title, date of birth, home and e-mail addresses and preferred language for correspondence. These data are stored in Helveticat for as long as the user account is maintained (though only the year of birth rather than the full date of birth is retained).

A copy of an official identification document (and BibliOpass, if available) is also required during the registration process. This is used for a one-time check of the correctness of the information supplied and is destroyed immediately the check is complete. 

What personal data are created when documents are borrowed in Helveticat?

When a document is borrowed in Helveticat, the user account is linked to the selected document. This link is maintained only during the loan period and is automatically and irreversibly anonymised immediately after the document has been duly returned, so that it cannot in any way be recreated.

What information is automatically stored when accessing the NL’s websites and applications?

When accessing the NL’s websites and applications, the following data are stored in log files: IP address, date, time, browser request and general information on the operating system and browser. These data form the basis for anonymous statistical evaluations to identify trends and so enable the federal authorities to improve the services they offer. The evaluations serve, among other things, to protect the intellectual property and personality rights of third parties associated with the services and documents used. 

What does the NL use cookies for?

Cookies are small text files that are placed on the user’s computer to facilitate the use of websites and applications or enable certain functions. For example, they are essential to the provision of certain services such as search and order functions in Helveticat (shopping cart, search history, etc.). Most of the cookies used by the NL are deleted from the user’s hard drive at the end of the browser session.

Users can set their browser to notify them in advance that cookies are being placed on their computer and decide whether or not to accept them, or to prevent cookies from being placed at all. However in the latter case not all functions of the websites and applications will be fully usable.

What data are processed when using additional NL information services such as newsletters, invitations to cultural events, text alerts for special opening times, etc.?

When users voluntarily contact the NL, for example to subscribe to a newsletter or leave feedback using the web form provided for that purpose, their e-mail address is added to a separate database that is not linked to the anonymous log files. Users may cancel their registration at any time.

In order to use certain NL information services, users must supply the personal data necessary for those services to be provided. These may vary depending on the nature of the service, and may include the e-mail address, name, title and language when ordering electronic newsletters, the e-mail address and name when requesting information about events, or the mobile phone number and name for alerts regarding special opening times. These data will be used by the NL only to provide the requested service and will only be retained until the user terminates their use of the service. 

Under the Federal Act on Data Protection (FADP), users have the right to be informed free of charge of the data stored about them and to have incorrect data corrected. Requests to this effect, as well as any further questions about the collection, processing or deletion of personal data, can be sent to the following address: