Resources

All Trust Center files & documents

image GDPR Addendum

Download the Ex Libris GDPR addendum regarding compliance with the General Data Protection Regulation

Download now
Filter by
Topic
Product
RESET

GDPR

Data Processing Addendum

The EU General Data Protection Regulation (GDPR) became applicable on 25 May 2018.

Icon

Availability - Data Centers

System down procedure and contact information

Relevant procedures and hub contact information.

Policy - Security

Ex Libris Risk Management Policy

The purpose of the risk management policy is to provide guidance regarding the management of risks and to ensure that all risks are controlled or mitigated.

Policy - Security

Ex Libris Asset Management Policy

The purpose of this policy is to describe the activities related to managing devices and software assets.

Policy - Security

Ex Libris Password Management Policy

This policy establishes a standard for the protection, appropriate use and creation of strong passwords, to protect customer information, and to maintain data privacy by defining the frequency with which passwords should be changed.

Policy - Security

Ex Libris Service Disruption Communication Policy

This policy defines a consistent way to handle, avoid and communicate any service disruption.

Policy - Security

Ex Libris Cloud Services BCP

The BCP is a plan of actions to be taken in the event of a disaster in order to resume critical operations in a pre-defined time frame.

Advisories - Security

Google Chrome Browser Version 80 Updates and Ex Libris Products and Services

Google Chrome Browser version 80 Updates and Ex Libris products and services - January 22, 2020

Advisories - Security

Security Advisory – Google Chrome Browser version 80 Updates and Ex Libris products and services - January 30, 2020

Security Advisory – Google Chrome Browser version 80 Updates and Ex Libris products and services - January 30, 2020

Icon

Advisories - Security

Ex Libris RefWorks integration with Shibboleth Security Vulnerability Updated: February 11, 2020

Ex Libris RefWorks integration with Shibboleth Security Vulnerability Updated: February 11, 2020

Icon

Advisories - Security

Security Advisory – Google Chrome Browser Version 80 Updates and Ex Libris Products and Services - February 13, 2020

Security Advisory – Google Chrome Browser Version 80 Updates and Ex Libris Products and Services - February 13, 2020

Icon

Advisories - Security

Deprecation of Obsolete TLS 1.0 and TLS 1.1 Versions

Security Update - Deprecation of Obsolete TLS 1.0 and TLS 1.1 Versions – Updated April 16, 2019

Advisories - Security

Ex Libris Patron Directory Services (PDS) Security vulnerability

Security Update - Ex Libris Patron Directory Services (PDS) Security vulnerability Updated: April 3, 2019

Advisories - Security

Deprecation of Obsolete TLS 1.0 and TLS 1.1 Versions

Security Update - Deprecation of Obsolete TLS 1.0 and TLS 1.1 Versions – Updated April 16, 2019

Advisories - Security

Meltdown and Spectre vulnerabilities

Updated January 7, 2018 - Ex Libris is aware of the recently reported security vulnerabilities known as 'Meltdown' and 'Spectre' that affect computer processors (CPUs.)

Policy - Data Center

Welcome to the Ex Libris Cloud

This document provides the benefits of using the Ex Libris Cloud services together with general instructions for new customers joining the Ex Libris Cloud.

Policy - Data Center

Accesibility

Ex Libris, a ProQuest Company, is committed to providing an experience that is fully accessible to everyone.

Policy - Security

Ex Libris Security And Privacy Incident Response Policy

The aim of this policy is to ensure that Ex Libris reacts appropriately to any actual or suspected security incidents relating to Ex Libris cloud systems and data.

Certification - Security

ISO 27017

Ex Libris certification: ISO 27017:2015

Icon

GDPR

Addressing Data Subject Rights in Urlich's XML Data Service

This paper describes tools and capabilities of the Ulrich’s XML Data Service to assist your organization in addressing data subject rights under the GDPR.

Icon

GDPR

Addressing Data Subject Rights in RefWorks

This paper describes the tools and capabilities built into RefWorks that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in RefWorks.

Icon

GDPR

Addressing Data Subject Rights in Pivot

This paper describes the tools and capabilities built into Pivot that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Pivot.

Icon

GDPR

Addressing Data Subject Rights in Alpehino

This paper describes the tools and capabilities built into Alpehino that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Alpehino.

Icon

GDPR

Primo Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in Primo system, the privacy impact of this, and the measures ExLibris is taking in order to manage the risks involved.

Icon

GDPR

360 Services Privacy Impact Assessment

This Privacy Impact Assesment includes a brief description of the data processed in 360 Services, the privacy impact, and the measures Ex Libris is taking in order to manage the risks identified.

Icon

Policy - Data Center

Ex Libris IT Security Policy

The purpose of this document is to define clear rules for the use of the information systems and other information assets in Ex Libris.

Policy - Data Center

Customer Appropriate Usage Statement

This policy defines the required customer cooperation and appropriate use for Ex Libris customers with access rights to Ex Libris Cloud infrastructures.

Policy - Data Center

Ex Libris Data Classification Policy

This policy ensures that Ex Libris information assets are classified so that they receive the appropriate level of protection.

Policy - Data Center

Ex Libris Security Patches and Vulnerability Assesments Policy

Ex Libris continually seeks to ensure that its solutions do not contain vulnerabilities that may compromise the security of its products

Policy - Data Center

Ex Libris Information Security Policy

The purpose of this policy is to provide a security framework based on ISO 27002 that will ensure the protection of Ex Libris information from unauthorized access, loss or damage.

Policy - Data Center

Ex Libris Data Retention Policy

The purpose of this Policy is to ensure that necessary records and documents are adequately protected and maintained and to ensure that records that are no longer needed by Ex Libris or are of no value are discarded at the proper time.

Policy- Data Center

Ex Libris Establishes New Second Data Centers in Three Regions

Establishment of a second data center in each of the following regions: the United States, Europe, and Asia Pacific, in addition to the existing regional data centers.

Policy- Data Center

Ex Libris Access Control Policy

This document defines the Ex Libris policy regarding Access Control. It is Ex Libris’ goal to ensure that personnel are positively authenticated and authorized prior to being granted access to information resources.

Policy - Security

Ex Libris Change Management Policy

The purpose of change management is to ensure that the system components used to deliver services are identified, recorded, and monitored so that only authorized changes are applied.

GDPR

RapidILL Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in RapidILL, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

Rosetta Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in Rosetta, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

Addressing Data Subject Rights in bX

This paper describes the tools and capabilities built into bX that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in bX.

Icon

GDPR

Addressing Data Subject Rights in Alma

This paper describes the tools and capabilities built into Alma that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Alma.

Icon

GDPR

Addressing Data Subject Rights in Aleph

This paper describes the tools and capabilities built into Aleph that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Aleph.

Icon

GDPR

Summon Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in Summon, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

SFX Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in SFX, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

SFX Hosted Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in hosted SFX, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

Leganto Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in Leganto, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

Addressing Data Subject Rights in Intota & 360 Services

This paper describes the tools & capabilities in Intota & 360 that can assist you in addressing data subject rights & requests under the GDPR as a controller of personal data processed in Intota & 360.

Icon

GDPR

campusM Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in campusM, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

Aleph Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in Aleph, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

Alma Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in Alma, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

Pivot Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in Pivot, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

Research Professional Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in Research Professional, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

RefWorks Privacy Impact Assessment

This Privacy Impact Assessment includes a brief description of the data processed in RefWorks, the privacy impact, and the measures Ex Libris is taking in order to manage the risks involved.

Icon

GDPR

Addressing Data Subject Rights in campusM

This paper describes the tools and capabilities built into campusM that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in campusM.

Icon

GDPR

Addressing Data Subject Rights in Esploro

This paper describes the tools & capabilities in Esploro that can assist you in addressing data subject rights & requests under the GDPR as a controller of personal data processed in Esploro.

Icon

Policy - Security

Cloud Security and Privacy Statement

This policy describes the Ex Libris security procedures and the privacy practices of Ex Libris Ltd. and Ex Libris (USA) Inc. and their respective subsidiary companies.

GDPR

Addressing Data Subject Rights in RapidILL

This paper describes the tools & capabilities in RapidILL that can assist you in addressing data subject rights & requests under the GDPR as a controller of personal data processed in RapidILL.

Icon

Policy - Security

Statement of Applicability

This document describes the relevant and applicable controls adopted by Ex Libris.

Policy - Security

Ex Libris Software Development Life Cycle (SDLC) Policy

This policy defines the development and implementation requirements for Ex Libris products.

Certification - Business Continuity

ISO 22301

Ex Libris certification: ISO 22301

Icon

Certification - Security

ISO 27001

Ex Libris certification: ISO 27001:2013

Icon

Certification - Privacy

ISO 27018

Ex Libris certification: ISO 27018:2014

Icon

GDPR

Addressing Data Subject Rights in Voyager

This paper describes the tools and capabilities built into Voyager that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Voyager.

Icon

GDPR

Addressing Data Subject Rights in USTAT

This paper describes the tools and capabilities built into USTAT that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in USTAT.

Icon

GDPR

Addressing Data Subject Rights in Ulrichsweb

This paper describes the tools and capabilities built into Ulrichsweb that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Ulrichsweb.

Icon

GDPR

Addressing Data Subject Rights in Summon

This paper describes the tools and capabilities built into Summon that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Summon.

Icon

GDPR

Addressing Data Subject Rights in SFX

This paper describes the tools and capabilities built into SFX that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in SFX.

Icon

GDPR

Addressing Data Subject Rights in Rosetta

This paper describes the tools and capabilities built into Rosetta that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Rosetta.

Icon

GDPR

Addressing Data Subject Rights in Primo

This paper describes the tools and capabilities built into Primo that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Primo.

Icon

GDPR

Addressing Data Subject Rights in MetaLib

This paper describes the tools and capabilities built into MetaLib that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in MetaLib.

Icon

GDPR

Addressing Data Subject Rights in Leganto

This paper describes the tools and capabilities built into Leganto that can assist your organization in addressing data subject rights and requests under the GDPR as a controller of personal data processed in Leganto.

Icon

GDPR

Ex Libris and the General Data Protection Regulation

This paper is aimed at informing Ex Libris customers about the various GDPR compliance activities of Ex Libris (company, products and services.)

Icon

Policy - Security and Privacy

Security and Privacy Statement

Ex Libris is committed to providing its customers with a highly secure and reliable environment, and have developed a multi-tiered security model that covers all aspects of hosted and cloud-based Ex Libris systems.