Tourism NI Privacy Notice

The UKGDPR sets out several lawful bases for using personal data. Tourism NI applies these to support our engagement with visitors, industry members, partners, and stakeholders to deliver our remit, and to meet our statutory or legal obligations. 

If we plan to use your personal data for any purpose not outlined in this privacy notice, we will notify you in advance and seek consent where required. 

• When you Contact us, we collect your name, contact details, and your preferred method of communications so we can respond to your enquiry. 
• If your enquiry relates to a service provided by another public body, such as a Local Authority, we will direct you to the appropriate organisation.
• If you make a complaint, we will not share your details and information with a third party without your permission.
• For business clients and stakeholders, we record interactions in our Customer Relationship Management System (CRM), to maintain a central record of engagement and to support the development of business opportunities.

• A digital CCTV system operates on Tourism NI premises. It is continuously recorded for public safety and security. Further information related to the CCTV system can be obtained from SERCO on 028 9069 8870. 

• When you visit our websites, we collect certain technical information such as your Internet Protocol (IP) address which can indicate your general location; browser type, which can affect how pages are displayed; and the domain names and access times, which help in analysing our traffic, such as peak usage times.
• We use cookies and similar technologies (e.g., pixels) to analyse site usage. Cookies are small text files stored on your device and cannot access any other information on it. Cookies that are required for the website to operate properly are allowed to be set without your permission. All other cookies need to be approved before they can be set in the browser. 
  • Strictly necessary cookies: Required for our sites to function and cannot be switched off. They do not collect information for marketing purposes.
  • Performance cookies: Used to understand how you navigate the site, helping to identify which pages are popular. Any data they gather is ‘aggregated’ that is grouped together to measure how well our site is performing and does not identify you.
  • Targeting cookies: Targeting cookies are used to identify visitors between different websites, e.g. content partners, banner networks. They are used to deliver relevant advertising, including advertising from partners, based on the pages you visit and your search activity that you may find relevant, helpful, and engaging.
  • Functionality cookies: Are used to remember visitor information on the website, e.g. language, time zone, enhanced content.
  • Unclassified cookies: are cookies that do not belong to any other category or are in the process of grouped categorisation.
• You have the right to choose your cookie preferences when you first visit the site (see cookie banner) and can change them at any time.
• Our sites include links to social networking platforms, which may place cookies if you click on them. We encourage you to review their privacy notices and choose your preferences. Additionally, adjusting your browser settings can enhance your privacy.

If you to sign up to our marketing newsletter, to hear about inspiration and travel tips in Northern Ireland, we collect your name, contact details and preferences, (including your country of residence), so we can tailor the information we send you.

• You can unsubscribe from receiving marketing at any time by clicking the unsubscribed link at the bottom of each email.
• If you enter a competition or similar promotion, we only share your details with prize suppliers if you win, and we will offer a separate opt-in if you wish to consent to receive marketing from Tourism NI.
• We do not share your personal data with third parties for their marketing without your explicit consent, and we do not sell your personal data.

Advertising through Digital and Social media channels

• Tourism NI promotes Northern Ireland on platforms like Instagram, YouTube, Facebook, and X (formerly Twitter). If you prefer not to see our advertising, you can change your advertising or cookie settings directly in those apps.
• If you interact with us on social media, we may invite you to sign up for our marketing newsletter.
• You may choose to share photos or videos with us of your experiences or visit. If you do, we will contact you by direct message to ask for your permission before we use them. Please make sure that anyone featured in your content has agreed to be included.
• We sometimes use social media listening tools to understand consumer general trends and interests. The insights we receive are grouped into reports and are anonymous; they do not identify you.

On-line booking platform for tourist services

• Tourism NI partners with Tourism Exchange Great Britain (TXGB) to provide an online booking platform for Northern Ireland’s accommodation, attractions, and visitor experiences.
• When you make a booking or purchase through TXGB, you will be redirected from the Tourism NI website. TXGB manages all personal and financial information, and you should review their privacy and cookie policies. They will also request your consent for any marketing communications, or from their partners.
• Tourism NI receives only anonymous statistical data from TXGB to assess service performance and understand visitor interests.
• Not all offers are available through TXGB. You may be redirected to industry partners’ websites, where your personal data will be processed under their privacy policies, particularly when making direct bookings.

Children’s Data

• We do not market to children under 16. We recruit adults (over 18) when we undertake consumer research. On occasion Tourism NI may run competitions, e.g. through schools. Participation requires parental consent.
• If you believe that we have inadvertently collected any personal information from a child, please contact us immediately so we can take appropriate action.

It is illegal to offer tourist accommodation in Northern Ireland without a certificate from Tourism NI.

• To certify your accommodation, we collect essential proprietor details, including contact and address information (including where the accommodation address differs) along with payment details. These are used solely for certification.
• You must maintain a register of visitors as required by the Tourism Order. You must keep it secure and use it only for this purpose. 
• Certified properties may promote their offering on discovernorthernireland.com. You will find further details here.  

• When you sign up to our industry news and events mailing list we will update you on tourism research, insights, business development programmes, marketing opportunities, and event information delivered by Tourism NI and our partners. You can update your preferences or unsubscribe at any time using the links in each ezine. 
• If you are a tourism business or looking to enter the industry, you can create an account at Sign up to TourismNI.com to build a business profile, promote your offering, take part in events, training, and tourism research. We will collect your name, company name, job title, contact details, and business type. You can update your preferences or unsubscribe at any time using the links in each ezine  

• When you register for an event (conference, webinar, workshop, or training seminar), we collect your personal information, including contact details and, if required, payment information to process fees. If an event is hosted with partner organisations, we will share your registration details with them. We use your information solely for event administration. If you wish to receive details of future events, we will ask for your permission separately.
• Where TNI facilitates accredited training on behalf of a partner or third party, we may need to request additional details for verification (e.g., gender, date of birth) as part of the qualification process. TNI will not use this information for any other purpose.
• We may collect sensitive information (e.g., dietary, access, or support requirements) to meet your needs during the event. For travel arrangements made on your behalf, we may also need additional personal information, such as passport details.
• A list of attendees may be included in the event information pack to support networking. After the event, we may ask your consent to provide feedback to help improve our services and support.

• To promote events and activities, we may share images of speakers and attendees through social media, ezines, publications or broadcast media, including with tourism partners, agencies, and statutory bodies.
• We take measures such as announcements or signage to allow you to indicate that you do not wish to be photographed. If your image is used and you wish to withdraw consent for future use, please Contact us.
• Personal quotes or profiles are only used with your explicit consent.
• At times we prepare short 'pen pic' profiles of industry members or stakeholders for senior management or government department ministers or elected representatives. This may be based on information you provide or drawn from publicly available business sources and social media.

• Our funding schemes are promoted through our website, newsletters, and media advertising channels and interested parties are invited to provide details to register an expression of interest. As applicants advance, further business information is required for comprehensive due diligence. An applicant screening form is provided at that point. For collaborative programmes, partner details are also necessary. If you fail to provide this data when requested, we may not be able to proceed with your application.
• Auditing entities, including Tourism NI, Department for the Economy (DfE), the Managing Authority, the Paying Authority, the Northern Ireland Audit Office and the European Court of Auditors, and their agents may access financial claims.
• The terms of financial offers are detailed in your Letter of Offer and may request metrics and commercial information for evaluation.
• Tourism NI acting as Investment Decision Maker for tourism projects on behalf of the Department for the Economy (DfE) processes data on behalf of DfE, governed by a Memo of Understanding.

• Tourism NI values the privacy and confidentiality of individuals who take part in our research. We appoint research agencies to recruit participants for surveys and focus groups and ensure they comply with all data protection requirements.
• If you participate, you may be asked for contact details, travel preferences, travel history, leisure purchases, and, where relevant, additional personal information such as age and gender, or accessibility requirements. This data is used only to segment customer groups to improve visitor experiences and marketing.
• All data is anonymised for reports and deleted after analysis. Video recordings from focus groups are securely handled and destroyed once analysis is complete.
• We may receive anonymised data from third-party data companies to help us understand consumers’ interests, such as visitor behaviour, spending, and accommodation occupancy.

Tourism Industry research

• We regularly survey the tourism industry on performance, trends, and competitiveness. If you create an account at Sign up to TourismNI.com, we may invite you to take part in industry research and will only do so with your consent. If you participate in our surveys on a regular basis, we will ask your consent each time we contact you. You may unsubscribe from our contact list at any time.
• Tourism NI supports the industry through training, events, and financial schemes. If you receive such support, we may contact you for feedback to help inform future opportunities.

  Publication of Insights

• We publish Industry and Consumer Analysis reports on tourismni.com. This may be supplemented by anonymised third-party consumer and industry data from verified, GDPR-compliant data sources.

• Tourism NI provides an on-line library of free promotional images, videos, and other marketing assets to encourage promotion of Northern Ireland.  Access is granted through a registration process, where we request your name, email address, organisation, country of residence, and industry sector to help us understand interest from visitor markets and the tourism industry.
• When you access the portal for the first time, you will be asked to set your cookie preferences, including options for marketing and analytics, and you can update these at any time. The platform also uses necessary cookies required for the site to operate.

The Content Pool is a collaboration between Tourism NI, Fáilte Ireland, and Tourism Ireland. It is hosted by Orange Logic and compliant with the UKGDPR and the EUGDPR. Where photography includes models, usage is governed by contractual arrangements, including parental consent for images of children.  

• Tourism NI collects the names, job titles, contact details, and relevant experience of personnel within organisations that bid for or deliver services, to manage contracts and assess suitability for procurement exercises. Tourism NI’s Microsoft Finance System also holds supplier information, including contact details, bank details, and payment records. Tourism NI may seek evidence of security checks for supplier personnel.

• Tourism Northern Ireland staff must declare gifts or hospitality offered to them in relation to their official duties, whether accepted or declined. If you offer a gift or hospitality, the name of the organisation you represent and, where relevant, your own name, will be entered on TNI’s Corporate Gifts and Hospitality Register, along with the name of the receiving Tourism NI official.
• The register is updated regularly and shared within Tourism NI for monitoring and reporting to Tourism NI’s Board. A version covering Senior Management (Grade 5 and above) is published on our corporate website here. The lawful basis for this processing is compliance with the UK Bribery Act (2010) and guidance DAO (DFP) 10/06 on the acceptance and provision of gifts and hospitality.  

We work with third-party service providers, agents, subcontractors, and tourism-related organisations to deliver our remit. We only share the personal information necessary for each task, under agreements that ensure security and confidentiality. Third parties cannot use your information for their own purposes, including marketing, nor do we sell personal data.

• Agencies involved in tourism development activities (e.g., Local Authorities, government bodies, public agencies, tourism boards, and sectoral representative groups).
• Organisations that deliver tourism services on our behalf, such as conference and event planners, webinars hosts, tourism training bodies and providers, and those facilitating familiarisation or educational trips.
• Collaborative partners, including Tourism Ireland and Fáilte Ireland, for projects such as Northern Ireland’s Content Pool.
• We may share personal data with specialist providers who support our work, including research agencies, marketing and advertising specialists, IT providers, providers of legal services, and recruitment agencies and associated services. Those who maintain our data management systems, financial systems, and records storage.
• For public governance and accountability, personal data may be shared with the Department for the Economy, the Department of Finance, legal advisors, auditors, and accountants involved in assessing financial assistance.
• Planning authorities who request insights into tourism opportunities, accommodation, amenities, for planning applications requiring a tourism perspective, also applications for tourism signage, may include personal information such as contact details.
• As a public body, Tourism NI may use personal information to comply with the Freedom of Information Act (2000). We will only disclose personal data where required to meet this legal obligation. For full details see Freedom of Information .

As required by law, we may disclose information to government bodies and law enforcement agencies for their enforcement purposes.

• We share details of tourist accommodation premises with the Northern Ireland Fire Service (NIFS), as these premises are classified as ‘relevant’ as defined in Article 50 of The Fire and Rescue Services (Northern Ireland) Order 2006 and the Fire Safety Regulations (Northern Ireland) 2010.
• We also share details of accommodation premises with local councils, under established Data Sharing Agreements, as these are classified as ‘relevant’ by the Planning Act (Northern Ireland) 2011 (“the 2011 Act”).
• Tourism NI participates in the National Fraud Scheme with the Northern Ireland Audit Office (NIAO), which is empowered by the Serous Crime Act 2007, to review financial records. As part of this, we must provide detailed financial information, including payments to companies, individuals, and beneficiaries of funding programs, which may include staff salaries and expenses. For details on how NIAO process your information please see their privacy statement here.  
• We will share information with the Public Record Office of Northern Ireland (PRONI) for statutory archival purposes. Personal data transferred under the Public Records Act (NI) 1923 may be archived in public interest, in line with the Data Protection Act and the UKGDPR.

• Your information may be transferred outside of the UK and the EU, for example where our system or suppliers operate abroad or where technical support is provided from those based in other countries.
• When transferring data internationally, we apply appropriate security measures and use Standard Contractual Clauses to safeguard your personal information.

• We retain your personal information only for as long as necessary for the relevant activity in line with our disposal and retention schedule, or any applicable contract. In some cases, we must keep information to meet statutory or legal obligations.
• While internet data transmission cannot be guaranteed completely securely, we apply physical and technological security measures to protect personal data from unauthorised access, loss, or breach.
• If we issue you with a password (or you create one), you are responsible for keeping it confidential. We ask you not to share your password with anyone. 
• Information submitted through our websites is encrypted, and secure pages are indicated by the lock icon in your browser. We recommend using anti-virus software and taking precautions when accessing websites and downloading from the internet.
• Access to personal data is restricted to those who need it, and our service providers must implement appropriate security measures when handling information on Tourism NI’s behalf.
• Emails sent through our Contact Us page are processed via a cloud-based email management system hosted in the EU and in the UK by Microsoft.
• Records are stored in secure cloud services hosted in the UK and Ireland, including Microsoft 365, the Microsoft Azure, and Amazon Web Services.
• Financial Assistance programmes are managed through a Tourism NI bespoke Flexigrant Grant Management system.
• We also use secure on-line technologies such as SurveyMonkey, Censhare, SimpleView, Optimizely, GetGot, and Cognito Forms with access limited to authorised users.
• To minimise risk, we apply appropriate safeguards when processing and storing images, whether held by Tourism NI or appointed contractors, including when releasing them for publication.

This section outlines your data protection rights when they apply. For further guidance see advice provided for the public by the Information Commissioner’s Officer here.

Right to be informed

You have the right to clear information about the personal data we hold and how we use it. This privacy notice explains how Tourism NI processes your data at each stage of your engagement with us.

Right of access

You may request a copy of the personal data we hold about you and verify that it is processed lawfully.To protect your privacy, we may ask you to confirm your identity. Access requests can be made using the Subject Access Request Form.

Right to rectification

You have the right to ask us to correct inaccurate data about you, or update information that is incomplete. 

Right to erasure (right to be forgotten’)

You may request deletion of your personal data in certain circumstances, such as when it is no longer needed for the purpose it was collected, when there is no lawful reason for processing, or when you withdraw consent, such as for marketing. We may be unable to delete data that must be retained by law.

Right to restrict processing

You may ask us to restrict the processing of your information or to suppress it (put on hold), in certain circumstances. While restricted, we may store personal data but not process it until such issues such as accuracy or lawful use are resolved.

Right to data portability

You may ask us to transfer your personal data to you, or to another organisation. This applies when processing information is based on consent, or contract; and carried out by automated means (i.e., excluding paper files).

Right to object

You may object to the processing of all or some of your personal data, or for a particular purpose, giving reasons. In some cases, we may demonstrate legitimate grounds to continue processing.

Absolute right to object to direct marketing

You may stop us from using your data for direct marketing at any time. As described in this privacy notice, we only send marketing communications with your explicit consent, and you can unsubscribe using the link in each mailing.

Rights regarding automated decision- making and profiling.

Tourism NI does not make automated decisions. Also, any profiling of customer behaviours and trends uses anonymised data and cannot identify you.

Contacting us about data protection

To contact Tourism NI with an enquiry regarding the processing of your personal data, to exercise any of your rights noted in this privacy notice, please contact our:

Data Protection Officer  
Contact us
Tel: 028 9023 1221

If you are dissatisfied with how Tourism NI has used your personal information you may contact the Information Commissioner's Office at:

Information Commissioner's Office - Northern Ireland

10th Floor 
Causeway Tower
9 James Street South
Belfast
BT2 8DN
Telephone: 03031231114
Email: ni@ico.org.uk