Privacy Policy — The Library Navigator

Last updated: 18 January 2026

This Privacy Policy explains how personal data is processed when you use The Library Navigator (the “Service” or “Navigator”). The Navigator is provided by Raylab Oy under the Biblioworks.ai internal unit.

We designed the Navigator with data minimisation in mind: it aims to work without identifying you as a named person and without using tracking cookies.

1) Who is responsible for your data?

Responsibility depends on who decides why and how your data is processed in a given deployment.

A. Library deployment

(Library = Controller, Raylab Oy = Processor)

When the Navigator is provided as part of a library’s services (e.g., integrated in library websites/catalogues), the library typically decides the purposes and means of processing.

  • Data Controller: the relevant Library / Consortium (details provided by that library)
  • Data Processor: Raylab Oy (Biblioworks.ai)
    Address: Ilmattarenkuja 22 – 00610 Helsinki – Finland
    Privacy contact:  loading…

In this model, Raylab Oy processes personal data only on documented instructions from the library under a Data Processing Agreement (DPA).

B. Direct Biblioworks/Raylab deployment

(Raylab Oy = Controller)

In some cases, Raylab Oy may operate the Navigator directly (for example, demos, pilots, or deployments where Raylab decides the purposes and means of processing).

  • Data Controller: Raylab Oy (Biblioworks.ai)
    Address: Ilmattarenkuja 22 – 00610 Helsinki – Finland
    Privacy contact:  loading…

2) What data we process

Depending on configuration, the Navigator may process:

A. Data you provide

  • Chat messages you type into the Navigator
  • Feedback you submit (e.g., thumbs up/down and optional text)
  • Support requests if you contact us directly

B. Library data (only if enabled and only when needed)

If the deployment enables it, the Navigator may access:

  • Current loans and Loan history

C. Technical and security data

  • Timestamps, service events, error details
  • Security/audit data for abuse prevention and reliability
  • Limited device/browser metadata (e.g., user agent)

About identifiers and “anonymity”

The Navigator is designed to avoid stable identifiers:

  • We do not use a stable patron identifier as a long-lived identifier in the Navigator.
  • Where library integrations require a technical token to retrieve loan-related information, it is used session-scoped and not retained as a stable identifier.

3) Why we process data (purposes) and legal basis

PurposeExamples of datalegal basis
Provide the chat service and answersChat messages, session/security eventsContract, legitimate interests, or public task (depends on Controller)
Provide library-personalised features (if enabled)Current loans; (optionally) loan historyOften public task for loans; consent is commonly used for loan history
Security and abuse preventionSecurity logs, rate limiting signalsLegitimate interests / public task
Quality improvement & debuggingError logs, feedbackLegitimate interests / public task

Loan history: In deployments where loan history is used, the Controller will ensure an appropriate legal basis. Your consent is recorded and stored for this purpose.

4) AI model use and human review

The Navigator generates responses using AI. The Service:

  • does not perform automated decision-making that produces legal or similarly significant effects on you.
  • may be reviewed by authorised staff only where needed (e.g., support, security incidents, debugging), and subject to access controls.

5) Where data is processed (data residency)

Data is processed EEA-only. Storage and processing are configured to remain in the EU/EEA.

  • Hosting: Google Cloud, Finland region (EEA)

6) Who we share data with (sub-processors)

Raylab Oy uses the following categories of service providers (“sub-processors”) to operate the Navigator:

  • AI model providers: OpenAIAnthropic
  • Cloud hosting: Google Cloud (Finland)

We ensure appropriate contractual safeguards are in place (including DPAs/sub-processor terms as required). In library deployments, sub-processor use is covered by the DPA with the library.

7) International transfers

We aim for EEA-only processing, and the Service is configured accordingly. If a deployment ever required processing outside the EEA, we would implement appropriate safeguards (e.g., EU Standard Contractual Clauses) and update this policy and/or the relevant deployment documentation.

8) Data retention

Your stated retention settings are:

  • Chat content: 1 year
  • Technical/security logs: 1 year
  • Feedback events: 1 year
  • Consent records (for loan history and similar features): stored as long as needed to demonstrate consent and comply with legal obligations, and at least for the retention period of the related feature usage (typically aligned to the 1-year period unless a longer compliance need exists).

In library deployments, the Controller may specify different retention rules contractually; where so, Raylab Oy follows the Controller’s documented instructions.

9) Cookies and tracking

The Navigator does not use cookies for tracking.

10) Your rights (GDPR)

Depending on who is the Controller (Section 1), you may have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Delete data (in certain cases)
  • Restrict or object to processing (in certain cases)
  • Data portability (in certain cases)
  • Withdraw consent at any time (where consent is the legal basis)
  • Lodge a complaint with a supervisory authority

How to exercise your rights

  • If the Navigator is provided by a library: contact the library / consortium (they are typically the Controller).
  • If Raylab Oy is the Controller for your deployment: contact [privacy@biblioworks.ai].

If you contact Raylab Oy about a library-controlled deployment, we will direct/route your request to the Controller where appropriate.

11) Security

We apply organisational and technical measures designed to protect data, including:

  • Encryption in transit (TLS)
  • Access controls and least-privilege
  • Monitoring and incident response procedures
  • EU/EEA-only processing configuration

12) Changes to this policy

We may update this Privacy Policy periodically. Updates will be published on this page with a new “Last updated” date.

13) Contact details

Raylab Oy (Biblioworks.ai)
Address: Ilmattarenkuja 22 – 00610 Helsinki – Finland
Email:  loading…
Business ID: 3105533-8