Tourism NI Privacy Notice

The UKGDPR provides several lawful bases for the use of personal data that bodies such as Tourism NI use. We apply the following to cover our extensive engagement with visitors, industry, and our relationships with stakeholders and partners, that is necessary for us to carry out our remit. Also to fulfil legal obligations we are subject to.

Should we intend to use personal data for any new purpose other than communicated in this privacy policy, we will inform you and, where required, ask for your consent.

• When you reach out to us through our Contact us form on our website or via phone, we collect certain personal information to assist you effectively by responding to your enquiry. This includes your name, your contact details, along with how you prefer us to contact you, by phone or email.
• If the service that your enquiry relates to is provided by another public body, such as a Local Authority, we will advise you and provide their contact details.
• We will not share your details with a third party if you have made a complaint, without first asking your permission.
• For our business clients and stakeholders, we operate a Customer Relationship Management System (CRM), so we have a central record of your engagement with us, including when you meet or speak with us, and as this client relationship evolves. This enables us to track the development of business opportunities with you.

When you visit our premises

• A digital CCTV system operates on Tourism NI premises. It is continuously recorded for public safety and security. Further information related to the CCTV system can be obtained from SERCO on 028 9069 8870.

• When you visit a website, it is common for the site to collect certain technical information to help improve your browsing experience. We collect your Internet Protocol (IP) address which can indicate your general location; the type of browser you are using which can affect how pages are displayed; and the domain names and access times, which help in understanding peak usage times.
  
  
• We use 'cookies', and similar technologies such as pixels that track and analyse how the site is being used. Cookies are small text files that you save onto your computer or mobile device when you visit our websites. They cannot access your device to read any other information you may have stored there.
  • Some cookies are essential or necessary for our websites to function and cannot be switched off in our systems. They do not gather information about you that could be used for marketing purposes. You may select essential cookies only; but you should be aware that may limit your full experience of our sites such as interactive features they offer.
  • We use performance cookies to measure how you move around our websites, which helps us to know which pages are most popular. These do not identify you, and any information they gather is ‘aggregated’ that is added or grouped together to give us a means to measure how well our site is performing.
  • We use marketing cookies on our site, including advertising from partners, that may be delivered to you based on the pages you visit and your search activity. The intention is to display advertisements and information that you may find relevant, helpful, and engaging.
    
    
• You have the right to exercise your choice over your cookie preferences. You will be alerted to your options when you use our websites for the first time. You can return at any time to change your cookie settings after your first visit.
  
  
• We have links to social networking sites on our website pages, which may place cookies should you click on these. We advise you to read the privacy policies of these sites to find out how they use your data and to choose your preference. Additionally, adjusting your browser settings to manage cookies can enhance your privacy. For more information, see our cookie policy in full.

As a consumer should you choose to sign up to our marketing newsletter, to hear about inspiration and travel tips in Northern Ireland, we will ask for your name and contact details and your preferences, including your country of residence, to better inform the information we send you.

• You can unsubscribe from receiving marketing at any time by clicking the unsubscribe button at the bottom of the marketing email you receive.
• If you opt to take part in a competition or similar promotion, we will only share your details with the supplier (or suppliers) of the prize should you win. We will provide you with a separate opt-in if you wish to consent to receive marketing from Tourism NI.
• We do not share your personal data with a third party for marketing their services, without your explicit consent. Tourism NI does not sell your personal data.

Advertising through Digital and Social media channels

• Tourism NI promotes tourism in Northern Ireland through digital and social media channels including Instagram, YouTube, Facebook, and X (formerly Twitter). If you do not wish to see our advertising, you should unsubscribe through the options provided in the privacy policies, and cookie policies of the media channels you have accessed.
• When you engage with Tourism NI through those channels, we will offer you the opportunity to sign up to our marketing newsletter.
• You have the option to upload images or videos of your experiences, and we will contact you via direct message to ask your permission. Please be aware that if you upload content including images of people, you have obtained the necessary permissions and have their consent.
• On occasion Tourism NI’s uses social media listening software companies to better understand consumer interests and preferences. This information is grouped and analysed into reports to provide feedback to us to improve our marketing and does not identify you as an individual.

On-line booking platform for tourist services

• We are committed to highlighting Northern Ireland’s accommodation, attractions, and visitor experiences. Through our partnership with Tourism Exchange Great Britain (TXGB) we offer an on-line booking platform that connects you to a wide range of tourism services.
• It is important to note that when making a booking or purchase through TXGB you will be redirected from the Tourism NI website, and TXGB will handle your personal and financial details. For your privacy and data protection please review TXGB’s privacy and cookie policies. Additionally, TXGB will seek your consent for any marketing communications either from them or their partners.
• Tourism NI receives only anonymous statistical information from TXGB, ensuring your personal information remains confidential, to help us measure the performance of the service, and for feedback on products visitors are interested in.
• When navigating our website, please note that not every offer is accessible through TXGB. You may be redirected to our industry partners’ websites. Processing of your personal data will be governed by the privacy policy of the service provider or their booking platform, especially if a direct booking is made.

Children’s Data

• We do not knowingly collect, use, or disclose personal information from children under 16. We only recruit adults (over 18) when we undertake consumer research.
• If you believe that we have inadvertently collected any personal information from a child, please contact us immediately so we can take appropriate action.

It is illegal to offer tourist accommodation in Northern Ireland without a certificate from Tourism NI. 

• The process for accommodation certification means we collect essential details from you as a proprietor including contact details and addresses (and to allow for when the accommodation address is different from that of the proprietor). These details will include payment information. They are collected solely for certification.
• Certified properties may choose to promote their offering on our consumer website www.discovernorthernireland.com. You will find further details on growing your accommodation offering here.
• Maintaining a visitor register is required by the Tourism Order, this is to be kept securely and to note it is not to be used for any other purpose.

• When you sign up to our industry news and mailing list we will keep you updated with tourism reserach and insights, business development programmes, marketing opportunities, and event information delivered by Tourism NI in conjuction with our tourism partners. You can amend your preferences about the mailings you receive from us at any time or unsubscribe following the links provided in each ezine.
• If you are a tourism business or looking to enter the industry, we encourage you to open an account with us at Sign up to TourismNI.com as this offers the opportunity to build a business profile, to promote your offering on our website, to take part in industry events, training, and to contribute your knowledge to tourism research. Should you choose to do so, we will collect your name, company name, job title, contact details, and your type of business. You may amend your mailing preferences at any time or unsubscribe following the links provided in each ezine.

When you register for an event such as a conference, webinar, workshop, or training seminar we will collect your personal information, including your contact details and if applicable payment details to process any fees. If we are holding the event in partnership with other organisations this will be communicated at registration, and we will share your registration information with our partners.

• We will use the information you provide solely for event administration. If you wish to hear of other such events in the future, we will separately ask for your permission.
• We may require you to provide us with sensitive personal information to meet any of your dietary, access, or support requirements during the event.
• We may require additional information such as passport details for travel arrangements we make on your behalf.
• We will on occasion include a list of attendees as part of the event's information pack, as this will provide a networking opportunity for participants.
• We will ask for your consent for feedback that will help us assess how relevant our services are to you, and how we may improve the range and type of support we offer.

Publicity for business events or tourism projects

• Our commitment to promoting events and activities ensures speakers and attendees receive exposure through social media platforms, ezines, publications or broadcast media.
• With a focus on safeguarding your personal data, we take careful measures (either by announcement or signage) for you to make it known that you do not wish to be photographed. Should your image appear, and you wish to withdraw your permission for its future use, please let us know via our Contact us form.
• Our use of personal quotes and profiles is always subject to individual consent, so we respect your privacy while promoting our vibrant tourism sector offerings.
• On occasion we create a 'pen pic' profile of tourism industry members or stakeholders to management or ministers. This information may have been provided by you, or we may use data from publicly available business-related sources and social media platforms.

• Our funding schemes are promoted through our website, newsletters, and media advertising channels and interested parties are invited to provide details to register an expression of interest. As applicants advance, further business information is required for comprehensive due diligence. An applicant screening form is provided at that point. For collaborative programmes, partner details are also necessary. If you fail to provide this data when requested, we may not be able to proceed with your application.
• Auditing entities, including Tourism NI, Department for the Economy (DfE), the Managing Authority, the Paying Authority, the Northern Ireland Audit Office and the European Court of Auditors, and their agents may access financial claims.
• The terms of financial offers are detailed in your Letter of Offer and may request metrics and commercial information for evaluation.
• Tourism NI acting as Investment Decision Maker for tourism projects on behalf of the Department for the Economy (DfE) processes data on behalf of DfE, governed by a Memo of Understanding.

Consumer insights

• Tourism NI values the privacy and confidentiality of individuals who consent to take part in our research initiatives. We appoint research agencies to recruit consumers to participate in surveys and consumer focus groups on our behalf. We ensure that our agencies comply with all data protection legislation in how they contact consumers and process their information.
• Should you choose to take part, the information you will be asked to provide will include your contact details, your travel preferences, travel history, or leisure purchases. We may also ask for further personal information such as age and gender. Data collected is used solely for segmenting customer groups to improve visitor experiences and develop our marketing campaigns.
• All data is anonymized in reports (no individual is identifiable) and deleted post-analysis ensuring your identity remains confidential throughout the process. Video recordings from focus groups are also securely handled and destroyed after analysis.
• We receive data from third party data companies that help us understand consumers’ interests, only if they are lawfully able to share that information with us. These provide insights into visitor experiences, visitor movement, accommodation occupancy and rates and on spending. All data we receive is anonymized.

Tourism industry insights

• We undertake industry surveys regularly into tourism business performance outlook and current trends including issues impacting on competitiveness. The views and experience of the tourism industry are invaluable to us. When you open an account with us at Sign up to TourismNI.com, we may contact you to offer you the opportunity to take part in our tourism industry-related research. Participation will only be undertaken with your consent.
• We request additional feedback from businesses who receive financial support to obtain views on the success or relevance of such schemes and help inform future opportunities. This will be in the form of a survey. Should we wish to publish comments by you, we will only do so with your permission.

We work extensively with third-party service providers, agents, subcontractors, and tourism-related organisations to deliver our remit. We only disclose personal information that is necessary, with agreements for security and confidentiality. Third party service providers are not permitted to use your details for their own marketing purposes. Nor do we sell your personal information.

• Agencies involved in tourism development activities (such as NI Local Authorities, other government bodies, public agencies, tourism agencies and tourist boards, sectoral representative bodies).
• Organisations that deliver tourism services on our behalf (such as conference planners, events’ management, webinars hosts; tourism training bodies including those who provide a managed service on behalf of training providers; those facilitating and hosting educational or familiarisation trips).
• Collaborative projects such as with Tourism Ireland and Fáilte Ireland for our Digital Asset Management (DAM) system (Northern Ireland's Content Pool) for sharing images of Northern Ireland. Where we commisision photography posed by models' use of their images is subject to contractual arrangements. 
• We share insights into tourism opportunities and tourism trends with Planning Authorities who contact us to assist them with applications for tourism accommodation, similarly from Local Authorities for tourism amenities and tourism signage applications. The application documents may include personal data such as names and addresses.  
• To access professional expertise including agencies undertaking research on behalf of Tourism NI; agencies specialising in marketing campaigns, marketing performance, advertising; IT specialists; and those supporting TNI’s data management systems.
• For effective public goverance and accountability purposes, including assessment of financial assistance, the Department for the Economy, the Department of Finance, legal advisors, auditors, and accountants including for assessment of financial assistance.
• As a public body Tourism NI is subject to the Freedom of Information Act (2000). Should Tourism NI receive a request for information under FOI, we will only use personal information to comply with our legal obligation. For full details see our dedicated Freedom of Information section.

When we are required to share your information by law

As required by law, we may disclose information to government bodies and law enforcement agencies for their enforcement purposes.

• We share details of accommodation premises with the Northern Ireland Fire Service (NIFS). All premises offering tourist accommodation are ‘relevant’ as defined in Article. 50 of The Fire and Rescue Services (Northern Ireland) Order 2006 and therefore The Fire Safety Regulations (Northern Ireland) 2010 also applies to these premises.
• Tourism NI is required to participate in the National Fraud Scheme working in collaboration with the Northern Ireland Audit Office (NIAO). The NIAO is empowered by the Serous Crime Act 2007, to scrutinize financial records and identify discrepancies that may indicate fraudulent activities.
• As part of this initiative, Tourism NI is required to submit detailed financial information, including payments made to companies, individuals, and beneficiaries of funding programs, and which may include staff salaries and expenses. This comprehensive approach to data analysis and data matching by the NIAO is a critical step in safeguarding public funds and maintaining transparency in financial operations. For details on how NIAO process your information please see their privacy statement here.
• We will share your information with the Public Record Office of Northern Ireland (PRONI) where required for statutory archival purposes. Personal data which PRONI receives under the Public Records Act (NI) 1923 may be archived in the public interest, in line with the Data Protection Act and the UKGDPR.

Transferring your information outside of the UK

• As part of the services offered to you the information you provide us may be transferred to countries outside of the UK and outside of the European Union ("EU"). By way of example, this may happen if the systems we store data on are in a country outside of the UK or EU, our suppliers process information there, or we use technical support from technicians based across the world.
• If we transfer your information in this way, we will take appropriate security measures. Also, standard contractual clauses are implemented in contracts as an appropriate safeguard for the international transfer of personal data.

• We will hold your personal information on our systems for as long as is necessary, for the relevant activity as described in our approved disposal and retentions schedule, or for as long as set out in any relevant contract or agreement you hold with us. In some cases, we are required to hold information to fulfil our statuatory or legal obligations. Please see Tourism NI's Records Retention and Disposal Schedule.
• Internet data transmission, including personal information, cannot be guaranteed as completely secure. When we receive personal information steps are taken including physical and technological security measures to secure it against unauthorised access, loss, or breach.
• Where we have given (or where you have chosen) a password, you are responsible for keeping this confidential. We ask you not to share your password with anyone.
• Information submitted to our websites is encrypted and secure pages are indicated by a lock icon in the top corner of the web browser. You should take precautions against viruses and malicious code when accessing websites and downloading from the internet. Running an anti-virus program is recommended.
• We limit access to personal data to those that require it to operate, develop or improve the services that we provide. We require our service providers to implement adequate security measures when we outsource processes on behalf of Tourism NI.
• Emails sent through our Contact Us page are transferred through a cloud-based email management system hosted in the EU and the UK by Microsoft.
• Records are retained in secure cloud services hosted in the UK and Ireland, notably the Microsoft 365, the Microsoft Azure, and the Amazon Web Service Clouds.
• We use other on-line technologies to deliver tourism services such as SurveyMonkey, Censhare, SimpleView, Optimizely, GetGot, and Cognito Forms. Access to these is across secure channels and is restricted to those who require access.
• To minimise any potential risk to you resulting from misuse or loss of your image, Tourism NI ensures appropriate safeguards for the processing and storage of images either held by us or appointed contractors, and when releasing to third parties for publication. 

This section advises you of your rights and the circumstances in which they apply about the personal information we process about you. To find out more about your data protection rights see advice provided for the public by the Information Commissioner’s Officer here.

The right to be informed

Being open and clear about information that is held about you and the use of your personal data is a key requirement of data protection law. This privacy notice is designed to provide you with how and why Tourism NI uses your data, at each stage of your engagement with us.

The right to access data we hold about you

To ask and receive a copy of the personal data we hold about you and to allow you to verify the lawfulness of its processing. To protect your privacy, we may ask you to verify your identity when you contact us. You can request access from Tourism NI's Data Protection Officer by completing our Subject Access Request Form. 

The right to rectification of your data if it is inaccurate

You have the right to correct information that we hold that you believe is inaccurate, or to ask us to update information that is incomplete.

The right to erasure (right to be forgotten)

You have the right to ask us to delete your personal information in certain circumstances, for instance when it is no longer needed for the purpose it was collected, there is no legal reason for using your information, or where you have withdrawn your consent or ‘unsubscribed’ for direct marketing. Please note we may not be allowed to delete your data when we must hold it by law or a legal obligation.

The right to restrict processing of your data 

You have the right to ask us to restrict the processing of your information or to suppress it (put it on hold) in certain circumstances. When processing is restricted, we may store your personal data, but not use it. We may need to restrict the processing of your data while we consider its accuracy or grounds for using the data in question.

The right of data portability

You have the right to ask that we transfer personal information you have provided to us from one organisation to another or to give it to you. The right only applies if we are processing information based on your consent, or for the performance of a contract, and you are processing it by automated means (i.e., excluding paper files). 

The right to object

You have the right to object to the processing of all or some of your personal data, or for a particular purpose, and you must give reasons why you are objecting. In certain circumstances, when there is a compelling legitimate reason why we need to process your data.

The absolute right to object to direct marketing

You have the right to stop your data being used by us for marketing our services to you. As described in this privacy notice, we will not send you marketing without your explicit consent, and you can withdraw your consent or amend your preferences by choosing the ‘unsubscribe’ option in every mailing we send.

Your rights in relation to automated decision making and profiling

The UK GDPR provides safeguards for individuals against the risk that a potentially damaging decision is taken without human involvement. Tourism NI does not undertake automated decision making. Profiling of customer behaviours and trends is undertaken for marketing planning only using anonymized data that does not identify an individual.

Contacting us about data protection

To contact Tourism NI with an enquiry regarding the processing of your personal data, to exercise any of your rights noted in this privacy policy, please contact our: 

Data Protection Officer

Brian Gillanders
Contact us
Tel: 02890441536

If you are dissatisfied with how Tourism NI has used your personal information you may contact the Information Commissioner's Office at:

Information Commissioner's Office - Northern Ireland 

10th Floor
Causeway Tower
9 James Street South
Belfast
BT2 8DN
Telephone: 03031231114
Email: ni@ico.org.uk