This privacy notice explains how the Department of Finance (DoF) uses information about you and the ways in which we will safeguard your data.
This privacy notice does not provide exhaustive detail of all aspects of DoF’s collection and use of personal information. More detail can be found in each of our business areas:
DoF is the data controller of the personal data we process. The personal data we need to process includes your:
We also process special categories of personal data that include details on:
We do not collect more information than we need to fulfil our stated purposes, and will not hold it for longer than is necessary.
We collect and process personal information in order to meet our legal obligations and for the performance of our public functions.
We collect personal information to enable us to deliver our services, to maintain our accounts and records, to support and manage Northern Ireland Civil Service staff and for the purposes of litigation and legal advice. We also process personal information for the purposes of detection and investigation of suspected or actual fraud, loss or crime, data matching under the National Fraud Initiative and as required by other legislation.
We also process personal information where it is necessary for the purposes of the legitimate interests pursued by the Department or by a third party i.e. for nominations for awards or rewards, to send out invitations for meetings or events, to send out information about opportunities for working with us, and to know who will be in our buildings for security, and health and safety purposes.
We will only collect and hold the minimum amount of personal data necessary in order to provide and manage our services.
We obtain personal information directly from you and from other sources, such as other government departments.
We also collect information when you complete surveys or participate in consultations.
We can also obtain your personal data from publicly accessible sources.
In many circumstances, we will not disclose personal information at all (for example, where personal data is provided for the production of official statistics) and, in others, will seek your consent before doing so. However, in certain cases, we share your data with the following to meet our legislative or public function requirements, to pursue debt, for fraud or crime prevention and detection purposes, to process benefits, or in your vital interests:
Our Departmental guidance on data sharing provides further information on the factors we shall consider when deciding whether information should be disclosed to other parties.
Any personal information we process will only be used for the purposes stated or if necessary to fulfil legal or regulatory requirements.
Most of the personal data we use is processed within the European Economic Area (EEA). Sometimes, it may be necessary to transfer personal information outside the EEA. Where this is required, information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of data protection legislation.
We keep personal information about you only for as long as is necessary to fulfil the purpose and in line with the DoF Retention and Disposal Schedule, after which time it will be destroyed securely.
The DoF website uses leading technologies and encryption software to safeguard your data and keeps strict security standards to prevent any unauthorised access to it.
What information does the DoF website collect?
The Department collects three kinds of information from visitors to the website:
If you email us from the DoF website, we will keep a record of your message for a maximum of three months after the conclusion of correspondence, for reference and audit purposes, after which it will be deleted.
What happens when I link to another site?
This website contains links to other websites, both of government departments and other organisations. This privacy notice applies only to this site, so you should always be aware when you are moving to another site and read the privacy notice of any other site(s) which may collect personal information about you. This website does not pass on to any other site any personal information you have given.
What happens when I come to this website site from another site?
Where you are directed to this website from another site (whether a third party site or a government site) we may receive personal information relating to you from the other site(s). You should read the privacy notices for these sites as these will govern the use of any personal information that you provide and which may then be provided to this website.
Under data protection legislation, you have rights as an individual which you can exercise in relation to the information we hold about you. The Department tries to be as open as possible in terms of giving you access to your personal data. You can find out if we hold any information by making a Subject Access Request (SAR). If we do hold information about you, we will, where possible:
If, at any point, you believe the information we process on you is incorrect, you can ask to have this information corrected. In certain circumstances, you may also ask us to erase or restrict the processing of your data.
If you wish to object or raise a complaint about how we have handled your data, you can contact our Data Protection Officer who will investigate the matter.
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner at firstname.lastname@example.org.
We keep our privacy notice under regular review. This privacy notice was last updated in March 2020.