In this section
Failte-ID Web Anchor-buttons Contact-us 72ppi

Get in touch

Contact us

Business services privacy statement

  • About Fáilte Ireland, The National Tourism Development Authority

  • Established as a statutory body under the National Development Authority Act, 2003, Fáilte Ireland works to sustain Ireland as a high-quality and competitive tourism destination, growing Ireland’s tourism economy.

    We provide a range of practical business supports and services to help a wide range of people working tourism businesses, sectors, communities, tourism bodies and destinations develop, market and sell better, more compelling leisure and business tourism experiences domestically and internationally. 

    We also work with other government bodies to implement and champion positive and practical strategies that will benefit Irish tourism and the Irish economy.

  • About this privacy statement

  • This Privacy Statement relates to the personal data collected by us in respect to the services we provide. It explains our legal basis and your rights. It describes how we collect, share, store and retain your data.


    Any information that we process about you will be held in accordance with the General Data Protection Regulation (GDPR), the Data Protection Acts, 1988 to 2018 and other Irish or EU Data Protection legislation.

    Please read the following carefully to understand our views and practices regarding your personal data and how we treat it.


  • Processing your personal data in order to provide you with important tourism services

  • We offer those operating within the tourism sector a range of business and tourism supports and services, in line with our mandate. 

    This requires us to collect and process data about businesses and people operating within tourism businesses, stakeholder bodies, communities, trade bodies, buyers, etc., all of which are relevant to tourism economic development. 

    In some instances, personal data is provided directly to us by the data subject concerned (e.g., business owner or sole trader). We may also indirectly receive personal data about a data subject; for example, a tourism employer may provide their employees’ personal data for the purposes of participating in relevant training (e.g., first name, surname, work email address, training progress and results). We will always check that the person providing this personal data has a valid lawful basis for doing so.

    We are the Data Controller of all the personal data you provide to us, and we are fully committed to transparency and to ensuring your privacy is protected and respected.


  • Who this statement applies to

  • ·  People operating in the tourism industry in Ireland:

    For instance, tourism & hospitality businesses, sectoral bodies, stakeholders, community groups and individuals such as tour guides and ‘local experts’ operating within the leisure and business tourism economy. Tourism businesses refers to any type of business entity (sole trader, corporate) operating within the leisure and business tourism economy covering tourism, hospitality, sales, marketing and supply chain operators and 

    intermediaries.

    This includes, but is not limited to, businesses which:

    ·  Supply or facilitate leisure and business tourism hospitality and tourism experiences (attractions, activities, festivals/events, accommodation

    ·  Provide tourism information

    ·  Provide tourism development expertise and services 

    ·  Buyers

    · Touring and guiding

    ·  Travel service providers, transport, venues, conference and meeting organisers, and supply chain operators and intermediaries

    Other tourism organisations such as Tourism Ireland and relevant government bodies.

    ·  People operating in the tourism industry Overseas: Buyers, and Supply Chain/Channel Intermediaries:

    Leisure and Business Tourism Buyers, channel intermediaries and operators recruited by Tourism Ireland to participate in business generating/sales & marketing activities such as Trade platforms and Familiarisation Trips. These trips are facilitated by Fáilte Ireland and involve visiting different locations and venues for the purpose of growing tourism.

    ·  People operating in Media and Communications Industry

    Journalists such as Social Media Vloggers, Bloggers, Influencers, Print, TV, and Radio are recruited by either Fáilte Ireland or Tourism Ireland to participate in publicity generating activities such as Familiarisation Trips and other events. These trips are facilitated by Fáilte Ireland and involve visiting different locations and venues for the purpose of publishing content and promoting Ireland.

     

     


  • Lawful basis and the purpose of processing personal data

  • Fáilte Ireland uses a number of lawful bases in processing personal data of a range of subject groups. The largest group of subjects are those who operate within the tourism sector, including other public bodies, with whom Fáilte Ireland work and to whom Fáilte Ireland deliver its services in line with its statutory obligations. Fáilte Ireland uses its Legislative Mandate as an Official Authority under the National Tourism Development Authority Act, 2003 (NTDA Act, 2003) as the lawful basis to process personal data for the purposes of ‘the promotion of tourism and the development of tourism facilities and services’ in Ireland. Where legislative mandate cannot apply, Fáilte Ireland uses the most appropriate lawful basis including purpose of a contract and legal obligation.

    Legislative Mandate: Is used when sending you Ezines and communications to advise you of our Business Services. These Business Services and Supports include, but are not limited to, training & skills, finance, mentoring, guidelines, insights, business and destination development, sales and marketing, business services campaigns to drive awareness and grow sales including attending platforms, events and committing to charters. If you are a registered user of the Fáilte Ireland Trade Portal you can update your personal information held on the Fáilte Ireland Trade Portal at any time and change your stated interests and whether or not you wish to receive correspondence from us.

    Legislative Mandate: when you register to use our Services by establishing an Account on our Trade Portal, we will collect Personal Data as necessary to offer and fulfil the Service you request. Depending on the Services you choose, we may require you to provide us with your name, postal address, telephone number, email address and identification number to establish an Account via the Fáilte Ireland Trade Portal. We may require you to provide us with additional Personal Data as you use our Service. This information is used to communicate with you about our services. Additionally, we may collect financial records in order to process grants, and business performance details for the purposes to improve your business. This means we collect employee numbers, finance, etc., We collect business performance data which is retained for 5 years.

     
    Legislative Mandate: You may contact us because you have a query for example, you have questions about your grant application. Customer Service Telephone Recordings may only be used for the specified purposes, i.e., to monitor the quality of call handling and customer service that they deliver. Staff training, coaching and support. To verify what was said during a phone call if there is a dispute or complaint. To protect staff from abusive behaviour. Recordings of calls will be disposed of after 6 months. However, if there is a justified need to retain a specific recording for a longer period, this may be reviewed, and the retention period amended.

    Legislative Mandate: When we take audio, photographs and digital footage of you attending an event we do so to highlight the publicly funded business services, you received. These services include training of business employees and management, professional business advise, mentoring and supports, upskilling certificates and grant funding. We will hold your data for 5 years and you can withdraw your consent at any time.

    Legal Obligation: when you register your statutory accommodation under the Tourism Traffic Acts 1936 - 2016 businesses which use certain prescribed terms to describe themselves must register with Fáilte Ireland. These are known as the Statutory Accommodation sectors. This information is retained for 10 years.

    We collect the following financial information from you because we have a Legal Obligation, as we must fulfil our statutory obligation under the Revenue Commissioners to verify that there has been a valid claim.

    Legal Obligation: when you pay us or we pay you (i.e., financial transaction) for a service we collect bank details information about the transaction, as well as other information associated with the transaction such as amount paid. In addition, in order to manage risk and protect the Sites, the services and you from fraud by verifying your identity and helping to detect and prevent fraud and abuse of the Sites or Services.

    Legal Obligation: when Fáilte Ireland provides you with financial support and grants all grantees must have a Tax Reference Number (TRN). Sole Traders' PPS Number is their TRN. We retain that data as per the required legislation, for example, as per State Aid Rules we hold all data related to grant schemes for 10 years. Capital Grant records must be retained for the longer of (a) 10 years from the date of the final payment of a grant (b) The expiry of that project’s full operative period (c) 3 years from date of programme closure (where a programme closure date exists).

    Additionally, if you submit personal data relating to other people – such as your colleagues and/or companions – in connection with the Services, you are also deemed to be representing that you have the authority to do so and permit us to use their personal data for the purposes described in this Privacy Statement.

    If you would like more information about how long Fáilte Ireland holds your data, please e-mail dataprotection@failteireland.ie.

  • Children's data

  • We do not knowingly collect personal information from children without proper parental consent. If you are aged 16 or under, please get your parent/guardian’s permission before you provide any personal information to us. Users without this consent are not allowed to provide us with personal information. If you believe that we may have collected personal information from someone under the age of 16 without parental permission, please let us know using the methods described in the ‘Contact Us’ section and we will investigate and address the issue promptly.

  • Use of our websites

  • Fáilte Ireland’s website collects specific information automatically and stores it in log files. The information may include Internet Protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system, and other usage information about the use of Fáilte Ireland website, including a history of the pages you view. We use this information to help us design our site to suit our users’ needs better. We may also use your IP address to help diagnose problems with our server and to administer our websites, analyses trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. See the Cookie Policy on our websites for more details.

  • Sharing your data

  • To provide our services and to comply with legal obligations imposed on us, it may be necessary from time to time for us to disclose personal data to third parties, including without limitation to the following:

    · Our suppliers and third parties who provide services to us to help us administer and audit our services.

    Where we need to share your personal information, we will do so in line with this Statement and our legal obligations, including ensuring that the third party we are sharing it with has appropriate technical and organisational measures and processes in place to keep your personal information secure, and that they only use it in accordance with our instructions.

    · Regulators & Statutory Bodies:

    We share your information with regulatory, public and statutory bodies for a variety of 

    reasons, including where necessary to provide services to you and where required in 

    order to comply with a legal or regulatory obligation. 

     · Legal & Safety Reasons:

    · Detect, investigate, prevent and address fraud (i.e., we must comply with anti-money laundering) and other illegal activity, security or technical issues.

    · Protect our rights, property or safety.

    · Enforce our contracts we have with you. 


  • Linked services, third-party sites and content

  •  

    In some of our articles, videos, and blogs, we may reference other websites and provide links which are outside of our control. This Privacy Statement does not cover these other websites and links. Fáilte Ireland does not accept any responsibility or liability for other sites’ privacy notices, statements, or policies. If you access other websites using the links provided, please read their specific notices before submitting any of your personal information. Please refer to YouTube’s Terms of Service and Google's Privacy Policy.

     

     


  • Your rights

  • Right of access – you have the right to request a copy of the information that we hold about you in accordance with Section 86 of the Data Protection Act, 2018.


    Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete in accordance with Section 87 and Section 89 of the Data Protection Act, 2018.

     

    Right of erasure – in certain circumstances, you can ask for the data we hold about you to be erased from our records in accordance with Section 87 and Section 89 of the Data Protection Act, 2018.

     

    Right to restriction of processing – where certain conditions apply to have a right to restrict the processing in accordance with Section 87 and Section 89 of the Data Protection Act, 2018.


    Right to portability – subject to certain restrictions, you have the right to have the data we hold about you transferred to another organisation where we hold it in electronic form. This right to data portability applies to: (i) personal data that we process automatically (i.e., without any human intervention) (ii) personal data provided by you; and (iii) personal data that we process based on your consent on to fulfil a contract.


    Right to object – you have the right to object to certain types of processing such as, direct marketing. 

  • To access what personal data is held, identification will be required

  •  

    To access a copy of your personal data that is held by Fáilte Ireland, please complete the Personal Data Access Request Form available here.

    For your protection, we will only implement requests with respect to personal information about you and we will need to verify your identity before we act on your request. We will comply with your request as soon as reasonably practicable and in accordance with applicable law. 

    You will need to provide some photographic identification (i.e., passport or driver's licence) together with proof of address (i.e., utility bill or official letter). These will need to be returned to the Data Protection Officer (DPO), please see section “Complaints, Questions and Assistance”. 


  • Data transfers outside of the European economic area

  • Where we transfer your information, we do so in accordance with EU data protection law. We only transfer personal information to these countries when it is necessary for the services we provide you, or it is necessary for the establishment, exercise or defence of legal claims or subject to safeguards that assure the protection of your information. We may rely on different legal mechanisms to ensure the transfer is lawful. If the recipient is in a country that is not deemed 'adequate' by the European Commission, we may enter into 'Standard Contractual Clauses (SCCs) with the recipient. These contracts contain standard commitments approved by the European Commission protecting the privacy and security of the information being transferred.

  • How do we protect your information

  • Fáilte Ireland will take appropriate legal, organisational, and technical measures to protect your personal information. Fáilte Ireland takes it obligations very seriously and we take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure, or destruction and have several layers of security measures in place, including:

    · SSL;

    · Restricted Access;

    · IT Authentication;

    · Firewalls; &

    · Anti-Virus/Malware

     

    We adopt the strongest lines in relation to misuse of your information by any of its staff. Any breach of trust regarding the confidentiality of information is treated as serious misconduct under the Disciplinary Code and can lead to dismissal.

     

  • Where the data subject does not provide their personal data

  • If we cannot collect or process certain personal data, we may not be able to provide a grant or other supports or services. If you have any queries in respect of the consequences of not providing information, please contact us (see the section Complaints, Questions and Assistance).

  • Changes to this privacy statement

  • We reserve the right to modify this Privacy Statement at any time. You shall be bound by the then-current Privacy Statement and accordingly, you should review the Privacy Statement periodically. If we make material changes to our Privacy Statement, we will provide you with notice of amendments and update the ‘Last Updated’ date at the top of this Privacy Statement.

  • Complaints, questions and assistance

  • If you have any comments, concerns, or complaints about our uses of your personal data, we ask that you contact us first to try and resolve the matter.

    You are encouraged to raise any issues with Fiona Buckley (DPO): dataprotection@failoteireland.ie

  • Complaining to the data protection commission (DPC)

  • If you wish to make a complaint about how Fáilte Ireland processes your personal data or how your complaint has been handles, you have the right to lodge a complaint directly with the Data Protection Commission (DPC) or to the Statutory Authority in your country of residence, who will be able to liaise with the DPC.

    The Data Protection Commission can be contacted at:

    Post: Data Protection Commission (DPC), Canal House, Station House, Portarlington, Co. Louth.

    Telephone: +353 (0) 57 8684800

    Telephone: +353 (0) 76 1104800

    Lo-Call Number: 1890 252 231

    E-mail: info@dataprotection.ie


    Schedule 1

    We have set out below a list of third parties with whom we share your data.

    • 3Rock Eco  -Signage for approved accommodation providers.

    • Advertising Agencies - Used to create TV adverts, etc., 

    • Aramark - Cleaning, Catering, Shredding, CCTV and Security

    • BandA - Research

    • Big Marker - Online webinar platform

    • BigO - Taking photos and video footage for webinars

    • Byrne Wallace - Solicitors Legal Services

    • Capita Customer Solutions Ltd - Customer service support and assessment, registration & classification services for tourism businesses.

    • Celtrino - Fáilte Ireland must comply with EU e-invoicing Directives and must therefore, have the e-invoicing facility in place.

    • CenShare - The platform provider for Ireland’s Content Pool Cevent Online inquiry system Consarc Design Group Delivery of Visitor Experience & Management Masterplan for Glendalough and Wicklow Mountains National Park and Visitor Orientation.

    • Converve - Online webinar platform e.g., Meitheal

    • Creative Technology - Audio Visual

    • CookieBot - Manages the Cookie Banner and Policy

    • Culinary Tourism Alliance - Consultants on food trails. 

    • Curated Place Limited - Púca Festival Marketing, the website, competitions and Mailchimp

    • Custodian - Delivering the Covid-19 Safety Charter to businesses.

    • Deloitte - Processing financial grants

    • Educational Establishments - Apprenticeships Mentorships 

    • Ergo - ICT Staff and ClickDimensions 

    • Exceed Global Learning PTY Limited - Provides online courses via eHotelier

    • First Direct Couriers Courier Service

    • First Western Training Ltd. - Trainers and keep the Directory of Tour Guides up to date. Managed training Services. Mentoring services for tourism industry. Online training – Flow Hospitality Training. Booking software – Calendly. 

    • Huskies Instagram – User Generated Content Inspired Days Ireland Ltd T/A

    • InspireMe Ireland - The collection and collation of events. Monitoring national events email. Publication and maintenance of event listings

    • Insurance Brokers / Agencies and Companies

    • IPSOS Research - Conducting surveys with overseas delegates

    • Kantar - Research

    • Kefron - Storage of hard copies of records

    • Kosi - Process grant applications

    • Marsh Ireland - Insurance Broker

    • MaxMedia - Evaluating the Large Grants Scheme

    • Microsoft - Cloud Services Provider

    • Moulden Marketing - Database of UK Buyers

    • PFH Technology - IT Outsourced Service Provider

    • PwC - External auditors

    • Photographers and Videographers -Taking imagery of events and workshops. 

    • Razor Social - Online webinar platform

    • ROI Local Authorities

    • Sport Ireland

    • Sport Northern Ireland

    • Strategic Marketing - Conducting research

    • Tourism Ireland

    • Tourism Northern Ireland

    • Wilson Hartnell - Online platform