DfE Privacy Notice

Being transparent and providing accessible information to individuals about how we may use personal data is a key element of the Data Protection Act (DPA) and the EU General Data Protection Regulation (GDPR).  

The Department for the Economy (DfE) is committed to building trust and confidence in our ability to process your personal information in line with these requirements.

Contacts

Data Controller Name: Department for the Economy (DfE)

Netherleigh
Massey Avenue
Belfast
BT4 2JP

Telephone: 028 9052 9900

Email: dfemail@economy-ni.gov.uk 

Data Protection Officer Name: Bernard McCaughan

Telephone: 028 9052 9900

Email: dpo@economy-ni.gov.uk

Description of our processing

The Department processes personal data in a number of ways in order to carry out its functions.

Its Strategic Objectives are to:

  1. Accelerate innovation and research
  2. Enhance education, skills and employability
  3. Drive inclusive, sustainable growth
  4. Succeed in global markets
  5. Build the best economic infrastructure
  6. Deliver a regulatory environment that optimises economic opportunities for business and commerce, while also protecting consumers and workers
  7. Ensure the Department has effective governance and manages its resources, both financial and staff

To understand how your own personal information is processed you can refer to communications you receive from us, check any specific privacy notices we have provided, for example on our website or contact us at dpo@economy-ni.gov.uk.

In order to comply with data protection legislation, we must have a lawful basis for processing any personal data and at least one of the following must apply:

  1. Consent: an individual must give clear consent for us to process their personal data and then only for a specific purpose
  2. Contract: the processing is necessary for a contract the Department has with an individual, or because they have asked the individual to take specific steps before entering into a contract
  3. Legal obligation: the processing is necessary for the Department to comply with the law (not including contractual obligations)
  4. Vital interests: the processing is necessary to protect someone’s life
  5. Public task: the processing is necessary for the Department to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law

The processing that this Department carries out is most likely to fall under Public Task or Legal Obligation.

Why we might need to process your information

Examples of why we might need to process your personal data include:

  • corresponding with you
  • delivering our services
  • complying with various legislative requirements
  • enforcing various legislative requirements
  • complying with EU Programme requirements
  • maintaining our accounts and records and transferring data between NICS Departments
  • carrying out audits and fraud investigations
  • carrying out data matching under the national fraud initiative
  • for statistical and research purposes
  • using CCTV systems
  • supporting and managing our employees

Please see our business area privacy notices for more information.

What types of personal information we process

We process information relevant to our various functions. This may include:

  • personal details including IP addresses
  • family details
  • education, training and employment details
  • financial details
  • details of lifestyle and social circumstances
  • visual images
  • responses to consultations

We also process classes of information which are sensitive. Sensitive data includes:

  • racial or ethnic origin
  • political opinions
  • religious or similar beliefs
  • union membership
  • criminal offences, allegations and proceedings
  • physical or mental health
  • sexual life

Personal data collected through this website

The Department collects three kinds of information from visitors to this website:

  • feedback (through visitors emailing us)
  • customer satisfaction surveys (via optional online surveys)
  • site usage information, using cookies and page tagging techniques including JavaScript

If you email us from this website we will keep a record of your message for a maximum of three months after the conclusion of correspondence, for reference and audit purposes, after which it will be deleted.

This website and some of the tools and services we link to use cookies. You can find more information on these cookies on the following pages:

Who is the information processed about?

We process personal information about:

  • you, in relation to Departmental functions and in order to correspond with you
  • departmental and other employees
  • professional experts and consultants
  • Departmental suppliers
  • individuals captured by CCTV images

Who is the information shared with?

We sometimes need to share the personal information we process with the individuals themselves and also with other organisations. Where this is necessary we are required to comply with all aspects of the DPA.

The types of organisations we may need to share personal information with, for one or more reasons

Where necessary or required, we may share information with other organisations for the reasons included above in the "Why we might need to process your information" section. Some examples of the organisations we may have to share your information with include:

  • suppliers, service providers, legal representatives
  • auditors and audit bodies
  • people making an enquiry or complaint
  • financial organisations
  • professional advisers and consultants
  • central and local government
  • voluntary and charitable organisations
  • police forces
  • security organisations
  • courts

We may need to share information for more than one reason and not all of your personal information may need to be shared each time.  We aim to ensure that the personal information shared and the instances of sharing are limited to what is needed for the specific purpose and in line with the DPA.

Transfers

It may sometimes be necessary to transfer personal information outside the UK. When this is needed information may be transferred to countries or territories around the world. However any transfers must be made in full compliance with all aspects of the DPA.

Retention of records

The Department will ensure that personal data is kept no longer than necessary. It manages records effectively from when they are created, including how they are stored and used, through to their destruction or archiving. The disposal of records is determined by the Department’s retention and disposal of records schedule.

What rights do you have?

There are a number of rights available under data protection legislation:

However, not all of these rights apply to personal data processed by this Department.

More information

Details of how your personal data is used to carry out specific Departmental functions is available at:

How to complain if you are not happy with how we process your personal information

If you are unhappy with any aspect of this privacy notice, or how your personal information is being processed, please contact the Department’s Data Protection Officer at the address above.

If you are remain unhappy, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113

Email: casework@ico.org.uk

Website: https://ico.org.uk/global/contact-us/

 

Back to top