This explains how we protect and respect the data we collect from you
When we collect your information, we take care that it is handled securely and processed in accordance with the law. This policy explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
Who are we?
Tourism NI, the trading name of The Northern Ireland Tourist Board, with registered offices at Floors 10-12, Linum Chambers, Bedford Square, Bedford Street, Belfast BT2 7ES, hereafter referred to as Tourism NI.
Data Protection Officer
Tel: (028) 9044 1536
What type of information do we collect from you?
Most of the information we process is provided to us directly by you for one of the following reasons:
- You have made an enquiry to us
- You have requested our services
- You have subscribed to our newsletter or insights
- You have visited our website
- You wish to attend, or have attended an event
Tourism NI collects personally identifiable information, such as your email address, name, home or work address or telephone number and in some occasions, financial information.
Tourism NI also collects anonymous demographic information which is not unique to you such as your postcode, age, gender, preferences, interests and information regarding what pages are accessed and when.
There is also information about your computer hardware and software that is automatically collected by Tourism NI when you visit our website. This information can include your IP address; browser type; domain names; access times, referring website addresses and any of our cookies you have previously consented to.
A digital CCTV system operates on Tourism NI premises. It is continuously recorded for the purposes of public safety and security. Further information related to the CCTV system can be obtained from SERCO on 028 9069 8870.
Links to other websites:
The Data Protection Act 2018 & the General Data Protection Regulation (GDPR) provides rights for individuals:
The right to be informed
The right to be informed encompasses our obligation to provide ‘fair processing information’, typically through a privacy notice. It emphasises the need for transparency over how we use personal data.
The right of access
Individuals have the right to access their personal data and supplementary information. The right of access allows individuals to be aware of and verify the lawfulness of the processing.
You can request access from the Data Protection Officer by completing our Subject Access Request Form.
The right to rectification
Your personal data can be rectified if it is inaccurate or incomplete.
The right to erasure
The right to erasure is also known as ‘the right to be forgotten’. The broad principle underpinning this right is to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing for example upon the withdrawal of consent for direct marketing.
The right to restrict processing
Individuals have a right to ‘block’ or suppress processing of personal data.
The right to data portability
The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services.
The right to object to processing
Individuals have the absolute right to object to the processing of their personal data if it is for: processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.
Rights in relation to automated decision making and profiling
The GDPR provides safeguards for individuals against the risk that a potentially damaging decision is taken without human intervention. Identify whether any of your processing operations constitute automated decision making and consider whether you need to update your procedures to deal with the requirements of the GDPR.
The right to withdraw consent at any time, where relevant
We are required to make it as easy to withdraw consent as to give consent.
The right to lodge a complaint with a supervisory authority
The Information Commissioner for Northern Ireland may be contacted here:
Information Commissioner's Office
14 Cromac Place
Tel: (028) 9027 8757 or 0303 123 1114
Or online at https://ico.org.uk/concerns/
The legal basis for the processing and the purpose of the processing.
A key function of Tourism NI as defined by The Tourism (Northern Ireland) Order 1992 is to encourage tourism, provide advice and information about travelling to and holidays in Northern Ireland and to publicise or advertise holidays in Northern Ireland. The order also empowers us carry out surveys and collect statistics and information relating to the tourist industry and assist in making Northern Ireland attractive to tourists.
As such, Tourism NI collects and uses your personal information to operate Tourism NI websites and deliver the services you have requested. Tourism NI also uses your personally identifiable information to inform you of other products or services available from Tourism NI and its affiliates, where you have requested us to. Tourism NI may also contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered.
Tourism NI as defined by the by The Tourism (Northern Ireland) Order 1992 is also empowered to deliver financial assistance to the tourism industry and regulate tourist accommodation. For additional information on the Tourism (Northern Ireland) Order 1992, please use the links below:
Financial Assistance: PART III FINANCIAL ASSISTANCE TO TOURIST INDUSTRY
Tourist Accommodation: PART IV REGULATION OF TOURIST ACCOMMODATION
Consent will not be required to process personal data for these purposes alone and refusal to supply information will result in the failure to secure financial assistance or failure to be certified as a tourism establishment.
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and credit risk.
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our full cookies policy. Turning cookies off may result in a loss of functionality when using our website.
Digital Marketing, Social Media Monitoring & Advertising
As part of our marketing and communications activity, we collect technical, web and aggregated data for the purposes of digital marketing including search engine marketing and on-line advertising. We use advertising options available on social networks to target specific audiences using interest, location and demographic data made available in the social network and search engines.
To ensure compelling and integrated communications, there are occasions where we may integrate a user's activity by tracking user's behaviour with a combination of cookies and pixel tagging data on our website discovernorthernireland.com with relevant social media advertising and web site advertising channels. We also use social media listening software to surface and bring publicly available social content to our attention.
Your marketing choices
You have a choice about whether or not you wish to receive information from us. If you want to receive direct marketing communications from us then you can select your choices by ticking the relevant boxes situated on the form on which we collect your information.
We will not contact you for marketing purposes by email, post, phone or text message unless you have given your prior consent.
You can change your marketing preferences at any time by clicking the ’unsubscribe’ link on any email we send you. You can also do this by contacting us via:
Telephone: (028) 9023 1221
Online: tourismni-opt-out or discovernorthernireland-opt-out
You can change your research participation preferences at any time by contacting us via:
Telephone: (028) 9441 538
How long do we keep your information?
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity as described in our approved disposal and retentions schedule, or as long as is set out in any relevant contract or agreement you hold with us.
Who has access to your information?
We will not sell or rent your information to third parties. Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes without your prior consent.
Organisations we may share information with:
We work closely with a number of third party service providers, agents, subcontractors and other organisations for the purposes of completing public tasks and providing services to you on our behalf. When we use third party service providers, we disclose only the personal information that is necessary to deliver the service, and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
List of Organisations:
Please click here to view the list of 3rd party organisations we may share information with. We may also be required to disclose your information by law, for example, by a court order, or when we receive a Freedom of Information request, or for the purposes of prevention of fraud or other crime. Tourism NI is required to participate in the National Fraud Scheme, which requires the disclosure of financial information.
People who subscribe on tourismni.com:
When a subscription is entered we collect the personal information of the applicant. This information is used for the delivery of the service requested and for subsequent Tourism NI monitoring and reporting. When we receive a subscription request, we will notify all those persons involved that we have received their application and that we are processing their personal information for that purpose only. We will not share or use the supplied personal information for the purposes of direct marketing without your explicit consent. Where you have given consent you can withdraw it at any time.
Tourism NI will publish aggregated anonymised data on its performance on its website. We will keep personal information contained in application files in line with our retention policy. This means that information relating to subscribers will be retained for a minimum of 5 years. It will be retained in a secure environment and access to it will be restricted.
Securing your information
When you give us personal information, we take steps to ensure that it’s treated securely. All information submitted to our websites is encrypted. When you are on a secure page, a lock icon will appear on the top of web browsers such as Microsoft Edge and Google Chrome.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
16 or Under
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information, which you provide to us, may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated in September 2019.