Privacy Statement

This privacy statement was last updated in June 2024.

ABOUT FÁILTE IRELAND

Fáilte Ireland is the National Tourism Development Authority, set up by the National Development Authority Act, 2003, with our main office located at 88-95 Amiens Street, Dublin 1, Ireland. Referring to ourselves below as the "Authority", "we", "our", or "us". When you share your personal data with us, we act as the Data Controller, which means we are responsible for how your data is processed. At the end of this Privacy Statement, you will find some definitions of certain key concepts used in this Statement and which are capitalised (Data Controller, Data Processor and Processing).

Our main goal is to support the tourism industry and to help promote Ireland as a tourist destination. We respect your privacy and are committed to protecting your personal data, aiming for transparency in how we handle it.

SUMMARY

This Privacy Statement outlines how we collect, use, and store your data, our legal reasons for doing so, and how long we keep your data. It also covers your rights regarding your personal data. We handle your information in compliance with the General Data Protection Regulation (GDPR), the Data Protection Act, 2018, and other relevant Irish or EU data protection laws. This statement is meant to give you a clear understanding of our data processing practices and how we treat your personal data.

RETAINING YOUR DATA

We will only store personal data for as long as necessary for the purposes for which it was obtained. The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship and/or provide our services.
  • Whether there is a legal requirement to which we are subject; and
  • Whether the retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

We will keep personal data contained in application files in line with our Retention Schedule. It will be retained in a secure environment and access to it be restricted.

INFORMATION THAT WE COLLECT

Activity: CCTV Images

Type of personal data: your image

What we use your data for: It is installed for the purposes of crime prevention at some of the venues we work in/operate. Where this is used, we will display appropriate notices.

Lawful basis: Legitimate Interest (Article 6(1)(f)).

Retention: Recorded images will be stored for a period of 1 month, following which they will be deleted, except in a case where the recording forms part of a report made to the Health and Safety Authority following the occurrence of a reportable accident or dangerous occurrence in the workplace, in which case the recording will be retained for a period of 10 years.

Activity: Photos and videos of you

Type of personal data: first name, surname, email address and mobile number.

What we use your data for: Fáilte Ireland and Tourism Ireland will be using photographs and/or digital recordings including images of you to promote Ireland as a tourism destination.

Lawful basis: Lawful Basis is Consent (Article 6(1)(a)).

Retention: Adults: We will retain your personal data for a total of 7 years or until you withdraw your consent, whichever occurs first. Children (under 16):  We will retain your personal data for a total of 5 years or until you withdraw your consent, whichever occurs first.

Activity: Communicating with you to answer your tourism related queries

Type of personal data: first name, surname, email address and mobile number and telephone recording.

What we use your data for: Customer Service Telephone Recordings may only be used for the specified purposes, i.e., to monitor the quality of call handling and customer service that they deliver. Staff training, coaching and support. To verify what was said during a phone call if there is a dispute or complaint. To protect staff from abusive behaviour.

Lawful basis: Legislative Mandate

Retention: Recordings of calls will be disposed of after 6 months. However, if there is a justified need to retain a specific recording for a longer period, this may be reviewed, and the retention period amended.

Activity: Photographic images of members of the public and children

Type of personal data: As per the Imagery Consent Form, your first name, surname, signature email address and mobile number will be recorded.

What we use your data for: We collect and process photographic images where relevant to the public services we provide in our role as the National Tourism Development Authority, for example, to demonstrate and evidence the events that Fáilte Ireland runs and supports and largely involving members of the public. The posting of photographs online and through social media is necessary as it is the best way to attract a user’s attention and to reach a wide-ranging audience.

Please see:

Lawful basis: Lawful Basis is Consent (Article 6(1)(a)). Your participation is entirely voluntary and there is no obligation on you to consent to have your voice or image captured. No fee will be paid to you for taking part.

Retention: 7 years or until the individual withdraws their consent (whichever occurs first). The retention for minors (i.e., under the age of 16) is 5 years or until consent is withdraws (whichever occurs first).

Activity: Sending you marketing emails and SMS

Type of personal data: (required) first name, last name, email address, country of residence; (optional) mobile number, county (on island of Ireland)

What we use your data for: To send you Fáilte Ireland’s Discover Ireland and Visit Dublin marketing communications, like emails, related to travel and activities in Ireland.

Lawful basis: Lawful Basis is Consent (Article 6(1)(a)), when you sign up to marketing communications you will give consent by checking the tick box acknowledging you have read this Privacy Statement and clicking the submit button.

Retention: If you do not continually open / engage with our email or SMS for 2 years, we will automatically anonymise your personal data. 

If you unsubscribe from our email, we place your personal data in a holding area for a period of 1 year. 

You can manage your marketing permissions by clicking the link at the bottom of the emails, or opt-out of SMS marketing directly by replying STOP to any message you receive from us. 

Additionally, if you submit Personal Data relating to other people – such as your friends and/or family – you are also deemed to be representing that you have the authority to do so and permit us to use their Personal Data for the purposes described in this Privacy Statement.

INFORMATION THAT WE COLLECT (EMAIL NEWSLETTERS)

We collect your information in the ways set our below:

  • The email sign-up forms on our websites;
  • At events or gatherings organised by Fáilte Ireland;
  • When you sign-up to be surveyed about our newsletters; and
  • The sign-up forms on our social media pages.

When you provide your e-mail address to receive our newsletter, or your mobile number to receive messages, some information is collected about when/if the message was opened and what links were clicked. This information is used to assess the engagement and success of the campaign. Clicking on a link in any of these messages may cause you to be personally identified on our site and may cause some part of your past browsing history on our site to be available to our personnel for performance measurement purposes. This is so that we may more effectively engage with you and improve our site. If you do not wish this tracking to occur, you can unsubscribe from our mailings or choose not to accept browser cookies to avoid tracking.

In our email newsletters we use invisible 1x1 pixel tags, known as ‘clear pixels’. We use these clear pixels to send our messages in an easy-to-read format and to tell us whether our e-mail has been opened or not. We also use this information in aggregated form to give us an indication of the popularity of content and to help us make decisions about future content and formatting. For more information on our use of clear pixels, please see Cookie Policy.

We use third-party providers, Microsoft Dynamics & Bloomreach to deliver our email newsletter. As a part of Microsoft Dynamics & Bloomreach services, they collect statistics around e-mail opens and clicks using industry-standard technologies.

INFORMATION COLLECTED FOR PERSONALISATION & INTEREST BASED ADVERTISING

We may use the information collected from the consumer websites to improve and personalise our services on the aforementioned websites. This ensures content from our platforms is presented in the most effective manner and allows us to make recommendations to you and other users of our platforms about content that may interest you or them.

Personalised Advertising

Fáilte Ireland uses third-party ad-serving companies, such as Google and Facebook, to display personalised advertising. Personalised ads, also sometimes referred to as Interest-based ads or targeted ads, are displayed to you based on information gathered from your interactions with us or your interactions with third-party websites and services.

We may use your personal data such as your email address, mobile phone number and other information collected in accordance with this Privacy Notice to provide personalised ads to you on third-party websites, or to ensure that you do not see advertising or offers from Fáilte Ireland that are not relevant to you. This is necessary to achieve our legitimate interest in ensuring recommendations offered are appropriate.

When you accept our cookie policy, you are automatically opted into Fáilte Ireland's personalised advertising. Consent for personalised advertising is tied to your cookie consent. You can update your preferences on our cookie policy page. Please note, opting out might result in seeing more online ads and less relevant content for you.

You can also find out more about how your personal data may be used in connection with advertising on the third-party websites and options for opting out through the individual privacy policies of each third-party. These privacy policies are available on their respective websites

 Fáilte Ireland is not responsible for consent you may have provided to these third-party entities and any issues should be reported directly to the respective service provider.

CHILDRENS’ DATA

We do not knowingly collect personal information from children without proper parental consent. If you are aged 18 or under, please get your parent/guardian’s permission before you provide any personal information to us. Users without this consent are not allowed to provide us with personal information. If you believe that we may have collected personal information from someone under the age of 18 without parental permission, please let us know using the methods described in the ‘Contact Us’ section and we will investigate and address the issue promptly.

USE OF OUR WEBSITES

Our website uses certain cookies, please see below:

Website NameCookie Policy
https://www.discoverireland.ie/https://www.discoverireland.ie/cookie-policy
https://www.visitdublin.com/https://www.visitdublin.com/cookies-policy
https://nyfdublin.com/https://nyfdublin.com/cookie-policy/ 
https://www.pucafestival.com/https://www.pucafestival.com/cookie-policy/

BEHAVIOURAL MARKETING

We may from time-to-time use Meta Advertising, Meta Pixel Re-Marketing and communications. This tool allows us to understand and deliver ads and make them more relevant to you. The collected data remains anonymous, and we cannot see the personal data of any individual user.

Please note however, that the collected data is saved and processed by Meta. Meta may be able to connect the data with your Meta account and use the data for their own advertising purposes, for example, to auto-fill forms for ads. Please see Meta's Data Policy for more info. Meta has ultimate control of the information gathered through Meta Advertising, Meta Pixel Re-marketing and communications. You can opt out of Meta’s use of Cookies and Meta Pixel Re-marketing through settings on your Meta Account.

This tracking code monitors user behaviour on our website, which allows us to use the Google Ads and Meta advertising platforms to send targeted personalised ads to website visitors on the Google and Meta network of advertising partner websites after they leave our site.

The privacy policies and guidance published by the Social Media Networks apply to your use of Fáilte Ireland’s social media channels and we encourage you to read the one that is published on each social media network that you use, as these make important disclosures about how the social media networks separately from Fáilte Ireland collect, hold and may use your content and information. This Privacy Statement explains how Fáilte Ireland may use the information that you provide when using Fáilte Ireland’s social media channels.

Fáilte Ireland uses third-party service providers to help deliver its marketing communications. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your data for their own purposes and only permit them to process your personal data for specified purposes in accordance with our instructions. Our third-party service providers access our system for the purposes of providing you with our newsletter. When we use third party service providers (digital agencies), we disclose only the personal information that is necessary to deliver the service. If you would like to know more about our suppliers, please feel free to e-mail us at dataprotection@failteireland.ie.

LINKED SERVICES, THIRD-PARTY SITES AND CONTENT

In some of our articles, videos, emails and blogs, we may reference other websites and provide links which are outside of our control. This Privacy Statement does not cover these other websites and links. Fáilte Ireland does not accept any responsibility or liability for other sites’ privacy notices, statements, or policies. If you access other websites using the links provided, please read their specific notices before submitting any of your personal information. Please refer to YouTube’s Terms of Service, Google's Privacy Policy  and Meta's Data Policy.

SOCIAL MEDIA

Fáilte Ireland also receives personal data through its social media interactions on X (formally known as Twitter), LinkedIn, Instagram and Meta. Fáilte Ireland operates social media accounts on these platforms in support of its functions under Section 8 (1) (a) of the National Tourism Development Authority Act, 2003 is to “encourage, promote and support…the development of tourist traffic within and to the State” and “to encourage, promote and support…the development and marketing of tourist facilities and services in the State.” Under Section 8 (2)(a)(i) Fáilte Ireland is permitted to engage in advertising and sponsorship and any other form of publicity for the purposes of Section 8 (1)(a). Messages or posts received by Fáilte Ireland on these social media platforms are viewed by Fáilte Ireland, but the personal data contained in the messages/posts is not logged or stored other than on the relevant social media platform, and no further processing of such personal data is carried out by Fáilte Ireland.

YOUR RIGHTS

Right of access – you have the right to request a copy of the information that we hold about you in accordance with Article 15 GDPR. 

Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete in accordance with Article 16 GDPR. 

Right of erasure – in certain circumstances, you can ask for the data we hold about you to be erased from our records in accordance with Article 17 GDPR. 

Right to restriction of processing – where certain conditions apply to have a right to restrict the processing in accordance with Article 18 GDPR. 

Right to portability – this cannot be facilitated because there is only one National Tourism Authority in the Republic of Ireland.  

Right to object – you have the right to object to certain types of processing such as, direct marketing in accordance with Article 21 GDPR.  

TO ACCESS WHAT PERSONAL DATA IS HELD, IDENTIFICATION WILL BE REQUIRED

To access a copy of your personal data that is held by Fáilte Ireland, please complete the Personal Data Request Form.

For your protection, we will only implement requests with respect to personal information about you and we will need to verify your identity before we act on your request. We will comply with your request as soon as reasonably practicable and in accordance with applicable law.

You will need to provide some photographic identification (i.e., passport or driver's licence) together with proof of address (i.e., utility bill or official letter). These will need to be returned to the Data Protection Officer (DPO), please see section “Complaints, Questions and Assistance”.

DATA TRANSFERS OUTSIDE OF THE EUROPEAN ECONOMIC AREA

Where we transfer your information, we do so in accordance with EU data protection law. We only transfer personal information to these countries when it is necessary for the services, we provide you, or it is necessary for the establishment, exercise or defence of legal claims or subject to safeguards that assure the protection of your information. We may rely on different legal mechanisms to ensure the transfer is lawful. If the recipient is in a country that is not deemed 'adequate' by the European Commission, we may enter into 'Standard Contractual Clauses (SCCs) with the recipient. These contracts contain standard commitments approved by the European Commission protecting the privacy and security of the information being transferred

HOW DO WE PROTECT YOUR INFORMATION

Fáilte Ireland will take appropriate legal, organisational and technical measures to protect your personal information. Fáilte Ireland takes it obligations very seriously and we take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including:

  •  SSL;
  • Restricted Access;
  • IT Authentication;
  • Firewalls; &
  • Anti-Virus/Malware

We adopt the strongest lines in relation to misuse of consumer information by any of its staff. Any breach of trust regarding the confidentiality of information is treated as serious misconduct under the Disciplinary Code and can lead to dismissal.

WHERE THE DATA SUBJECT DOES NOT PROVIDE THEIR PERSONAL DATA

If we cannot collect or process certain personal data, we may not be able to provide a grant or other supports or services. If you have any queries in respect of the consequences of not providing information, please contact us (see the section Complaints, Questions and Assistance).

CHANGES TO THIS PRIVACY STATEMENT

We reserve the right to modify this Privacy Statement at any time. You shall be bound by the thencurrent Privacy Statement and accordingly, you should review the Privacy Statement periodically. If we make material changes to our Privacy Statement, we will provide you with notice of amendments and update the ‘Last Updated’ date at the top of this Privacy Statement

COMPLAINTS, QUESTIONS AND ASSISTANCE

If you have any comments, concerns, or complaints about our uses of your personal data, we ask that you contact us first to try and resolve the matter.

You are encouraged to raise any issues with Fiona Buckley (DPO): dataprotection@failteireland.ie

COMPLAINING TO THE DATA PROTECTION COMMISSION (DPC)

In the event that you wish to make a complaint about how your personal data is processed by Fáilte Ireland or how your complaint has been handles, you have the right to lodge a complaint directly with the Data protection Commission (DPC) or to the Statutory Authority in your country of residence, who will be able to liaise with the Data protection Commission (DPC).

The Data Protection Commission (DPC) can be contacted at:

Post: Data Protection Commission (DPC), Canal House, Station House, Portarlington, Co. Louth.

Telephone: +353 57 8684800

Telephone: +353 76 1104800

Lo-Call Number: 1890 252 231

E-mail: info@dataprotection.ie

Schedule 1+

We have set out below a list of third parties with whom we share your data.

BloomreachCustomer data platform and marketing personalisation
Byrne Wallace SolicitorsLegal Services
FexcoCustomer service support
CookieBotManages the Cookie Banner and Policy
Curated Place LimitedPúca Festival Marketing, the website, competitions and Mailchimp
F&B DublinInstagram – User Generated Content on social channels
MicrosoftCloud Services Provider
MetaWe share current email database with Meta so that people who are already subscribed are not retargeted for acquisition

DEFINITIONS

In this Privacy Statement, the following terms have the following meanings:

1. Data Controller means the organisation which determines the purposes for which, and the manner in which, your Personal Data is processed. Unless we inform you otherwise, the Data Controller is Fáilte Ireland, 88-95 Amiens Street, Dublin 1, Ireland.

2. Data Processor means the person or organisation which processes your Personal Data on behalf of the Data Controller.

3. Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means.