Privacy Policy

Privacy.

When we collect your information, we take care that it is handled securely and processed in accordance with the law. This policy explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure.

Who are we? 

Visit Derry, the official tourist organisation for the city and region, with registered offices at 1-3 Waterloo Place, Derry~Londonderry, N.Ireland, BT48 6BT. 
For the purposes of this privacy policy Visit Derry is the data controller. 

Data Protection Officer 

Odhran Dunne
Email: corporate@visitderry.com 
Tel: 028 7137 7577 

What type of information do we collect from you?

Most of the information we process is provided to us directly by you for one of the following reasons:

• You have made an enquiry to us
• You have requested our services
• You have subscribed to our newsletter 
• You have visited our website
• You wish to attend, or have attended an event

Visit Derry collects personally identifiable information, such as your email address, name, home or work address or telephone number and in some occasions, financial information.

Visit Derry also collects anonymous demographic information which is not unique to you such as your postcode, age, gender, preferences, interests and information regarding what pages are accessed and when.

There is also information about your computer hardware and software that is automatically collected by Visit Derry when you visit our website. This information can include your IP address; browser type; domain names; access times, referring website addresses and any of our cookies you have previously consented to. 

A digital CCTV system operates on Visit Derry’s premises. It is continuously recorded for the purposes of public safety and security. 

Links to other websites:

Our website and electronic communications may contain links to other websites, both those of government departments and of other organisations. This privacy policy applies only to our site, so you should always be aware when you are moving to another site and read the privacy statement of any site that collects personal information. 

The Data Protection Act 2018 & the General Data Protection Regulation (GDPR) provides rights for individuals: 
The right to be informed 

You have the right to be informed about how and when we may process personal data.  
This is typically done via a privacy notice.  

The right of access 

You have the right to ask us for copies of your personal information. This right always applies, there are some exemptions which means that you may not always receive all the information we process.

You can request access from the Data Protection Officer by contacting corporate@visitderry.com
The right to rectification 
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

The right to erasure

The right to erasure is also known as ‘the right to be forgotten’. 
You have the right to ask us to erase your personal information in certain circumstances where there is no compelling reason for its continued processing, for example; upon the withdrawal of consent for direct marketing.

The right to restrict processing 

You have the right to ask us to restrict the processing of your information in certain circumstances.

The right to data portability 

This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. This right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.

The right to object to processing 

You have the right to object to the processing of your personal data if it is for: processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.

Rights in relation to automated decision making and profiling. 

The GDPR provides safeguards for individuals against the risk that a potentially damaging decision is taken without human intervention. You have the right not to be subject to a decision based solely on automated processing, including profiling.

The right to withdraw consent at any time, where relevant 

We are required to make it as easy to withdraw consent as to give consent.

The right to lodge a complaint with a supervisory authority 

The Information Commissioner for Northern Ireland may be contacted here:
Information Commissioner's Office 
3rd Floor 
14 Cromac Place 
Belfast 
BT7 2JB 
Tel: 028 9027 8757 or 0303 123 1114 
Map and directions
Or Online at https://ico.org.uk/concerns/ 
 
The legal basis for the processing and the purpose of the processing. 
A key function of Visit Derry is to encourage tourism, provide advice and information about travelling to and holidays in the city and region and to publicise or advertise holidays. We may carry out surveys and collect statistics and information relating to the tourist industry and assist in making Derry~Londonderry and region attractive to tourists. 
 
As such, Visit Derry collects and uses your personal information to operate Visit Derry’s website and deliver the services you have requested. Visit Derry also uses your personally identifiable information to inform you of other products or services available from Visit Derry and its affiliates, where you have requested us to. Visit Derry may also contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered.  
Profiling 
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and credit risk. 
Like many other websites, our website uses cookies. 'Cookies' are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. For example, we use cookies to store your country preference. This helps us to improve our website and deliver a better, more personalised service.  
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our full cookies policy. Turning cookies off may result in a loss of functionality when using our website. 
Digital Marketing, Social Media Monitoring & Advertising 
As part of our marketing and communications activity, we collect technical, web and aggregated data for the purposes of digital marketing including search engine marketing and on-line advertising.  We use advertising options available on social networks to target specific audiences using interest, location and demographic data made available in the social network and search engines. 
To ensure compelling and integrated communications, there are occasions where we may integrate a user's activity by tracking user's behaviour with a combination of cookies and pixel tagging data on our website discovernorthernireland.com with relevant social media advertising and web site advertising channels. 
We also use social media listening software to surface and bring publicly available social content to our attention. 
Your marketing choices 
You have a choice about whether or not you wish to receive information from us. If you want to receive direct marketing communications from us then you can select your choices by ticking the relevant boxes situated on the form on which we collect your information. 
We will not contact you for marketing purposes by email, post, phone or text message unless you have given your prior consent.
You can change your marketing or research preferences at any time by clicking the ’unsubscribe’ link on any email we send you. You can also do this by contacting us via:
Post
‘Contact Us’ form on the website
Telephone: (028) 7137 7577
How long do we keep your information? 
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity as described in our approved disposal and retentions schedule, or as long as is set out in any relevant contract or agreement you hold with us. 
Who has access to your information? 
We will not sell or rent your information to third parties. 
Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes without your prior consent.
Organisations we may share information with:  
We work closely with a number of third party service providers, agents, subcontractors and other organisations for the purposes of completing public tasks and providing services to you on our behalf.
In order to arrange events, workshops, familiarisation trips, webinars etc, we will also share your information with our tourism partners, such as Tourism Northern Ireland and Tourism Ireland, and with tourism product and service providers e.g. accommodation providers, event organisers. 
When we work with or use third party service providers, we disclose only the personal information that is necessary to deliver the service, and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. 

List of Organisations:
The list of 3rd party organisations we may share information with is included in Annex A of this document.
We may also be required to disclose your information by law, for example, by a court order, or when we receive a Freedom of Information request, or for the purposes of prevention of fraud or other crime. 
People who subscribe on VisitDerry.com
When a subscription is entered we collect the personal information of the applicant. This information is used for the delivery of the service requested and for subsequent Visit Derry monitoring and reporting. When we receive a subscription request, we will notify all those persons involved that we have received their application and that we are processing their personal information for that purpose only. We will not share or use the supplied personal information for the purposes of direct marketing without your explicit consent. Where you have given consent you can withdraw it at any time. 
Visit Derry will publish aggregated anonymised data on its performance on its website. We will keep personal information contained in application files in line with our retention policy. This means that information relating to subscribers will be retained for a minimum of 5 years. It will be retained in a secure environment and access to it will be restricted.
Securing your information 
When you give us personal information, we take steps to ensure that it’s treated securely. We restrict access to personal data to employees, contractors and agents who need to know such personal data in order to operate, develop or improve the services that we provide. We ensure that we have appropriate physical and technological security measures to protect your information; and we ensure that when we outsource any processes that the service provider has appropriate security measures in place.
 
We will implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks that are presented by the processing of your personal data. In particular, we will consider the risks presented by accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.
All information submitted to our websites is encrypted. When you are on a secure page, a lock icon will appear on the top of web browsers such as Microsoft Edge and Google Chrome. 
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. 
16 or Under 
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information. 
Transferring your information outside of Europe 
As part of the services offered to you through this website, the information, which you provide to us, may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. 
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services. 
Review of this Policy 
We keep this Policy under regular review. This Policy was last updated in April 2021.
Annex A
Visit Derry – 3rd Party Organisations we may share Information with.
Derry City and Strabane District Council
Tourism Northern Ireland
Tourism Ireland
Visit Derry members
Please note: This list may change regularly – Visit Derry will ensure it is kept as accurate and up to date as possible.