The Executive Office (TEO) is committed to protecting your privacy and ensuring you are kept informed about how and why we collect and safeguard your personal information.
Being transparent and providing accessible information to individuals about how we may use their personal data is a key element of the Data Protection Act (DPA) 2018 and the General Data Protection Regulation (GDPR) 2016.
TEO is committed to building trust and confidence in our ability to process your personal information in line with these legislative requirements.
Data Controller Name: The Executive Office (TEO)The Executive Office
GD36 Stormont Castle
Telephone: 02890 378055
Data Protection Officer Name: Dr David Lammey
Telephone: 028 9052 0694
Description of our processing
The Department processes personal data in a number of ways in order to carry out its functions.
Its key functions and objectives are:
- The effective operation of the institutions of government in the delivery of an agreed Programme for Government
- Delivering the Executive’s Good Relations strategy: Together: Building a United Community
- Tackling Disadvantage and Promoting Equality of Opportunity
- Driving investment and sustainable development, including promotion of the Executive’s policy interests internationally.
In order to comply with data protection legislation, we must have a lawful basis for processing any personal data and at least one of the following must apply:
- Consent: an individual must give clear consent for us to process their personal data and then only for a specific purpose
- Contract: the processing is necessary for a contract the Department has with an individual, or because they have asked the individual to take specific steps before entering into a contract
- Legal obligation: the processing is necessary for the Department to comply with the law (not including contractual obligations)
- Vital interests: the processing is necessary to protect someone’s life
- Public task: the processing is necessary for the Department to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law
The processing that this Department carries out is most likely to fall under Public Task or Legal Obligation.
Why we might need to process your information
- corresponding with you
- delivering our services
- complying with various legislative requirements
- complying with EU Programme requirements
- maintaining our accounts and records and transferring data between NICS Departments
- carrying out audits and fraud investigations
- carrying out data matching under the national fraud initiative
- producing official statistics
- using CCTV systems
- supporting and managing our employees
What types of personal information we process
We process information relevant to our various functions. This may include:
- personal details including IP addresses
- financial details
- visual images
- responses to consultations
We also process classes of information which are sensitive. Sensitive data may include:
- racial or ethnic origin
- political opinions
- religious or similar beliefs
- trade union membership
- criminal offences, allegations and proceedings
- physical or mental health
- sexual life or sexual orientation
Personal data collected through this website
The Department collects three kinds of information from visitors to this website:
- feedback (through visitors emailing us)
- customer satisfaction surveys (via optional online surveys)
If you email us from this website we will keep a record of your message for a maximum of three months after the conclusion of correspondence, for reference and audit purposes, after which it will be deleted.
Who is the information processed about?
We process personal information about:
- you, in relation to Departmental functions and in order to correspond with you
- departmental and other employees
- professional experts and consultants
- Departmental suppliers
- individuals captured by CCTV images
Who is the information shared with?
We sometimes need to share the personal information we process with individuals themselves and also with other organisations. Where this is necessary we are required to comply with all aspects of Data Protection legislation.
The types of organisations we may need to share personal information with, for one or more reasons
Where necessary or required, we may share information with other organisations for the reasons included above in the "Why we might need to process your information" section. Some examples of the organisations we may have to share your information with include:
- suppliers, service providers, legal representatives
- auditors and audit bodies
- financial organisations
- professional advisers and consultants
- central and local government
- voluntary and charitable organisations
- police forces
- security organisations
We may need to share information for more than one reason and not all of your personal information may need to be shared each time. We aim to ensure that the personal information shared and the instances of sharing are limited to what is needed for the specific purpose and in line with Data Protection legislation.
It may sometimes be necessary to transfer personal information outside the UK. When this is needed information may be transferred to countries or territories around the world. However, any transfers will be made in full compliance with all aspects of the Data Protection legislation.
Retention of records
The Department will ensure that personal data is kept no longer than necessary. It manages records effectively from when they are created, including how they are stored and used, through to their destruction or archiving. The disposal of records is determined by the Department’s retention and disposal of records schedule, which was approved by the NI Assembly.
What rights do you have?
Depending on your circumstances, there are a number of rights available under data protection legislation:
- You have the right to obtain confirmation that your data is being processed, and access to your personal data
- You are entitled to have personal data rectified if it is inaccurate or incomplete
- You have a right to have personal data erased and to prevent processing, in specific circumstances
- You have the right to ‘block’ or suppress processing of personal data, in specific circumstances
- You have the right to data portability, in specific circumstances
- You have the right to object to the processing, in specific circumstances
- You have rights in relation to automated decision making and profiling
However, not all of these rights apply to personal data processed by this Department.
How to complain if you are not happy with how we process your personal information
If you are unhappy with any aspect of this privacy notice, or how your personal information is being processed, please contact the Department’s Data Protection Officer at the address above.
If you are remain unhappy, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):Information Commissioner’s Office