Policy

SLIGO
www.sligotourism.ie

PRIVACY POLICY
Effective from: January 1st, 2018
Database reviewed and updated: quarterly

Sligo Tourism Ltd is proudly committed to complying with the Data Protection Acts 1988
and 2003 and SI 336 of 2011 EUROPEAN COMMUNITIES (ELECTRONIC COMMUNICATIONS
NETWORKS AND SERVICES) (PRIVACY AND ELECTRONIC COMMUNICATIONS) REGULATIONS
2011 and the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) which
replaces the previous data protection directive (officially Directive 95/46/EC) on May 25th 2018
(“Data Protection Legislation”).

By visiting the sligotourism.ie website, or by agreeing for your business and services to
be listed on our website, you are accepting the terms of this Privacy Policy. Any external links to
other website are clearly identifiable as such, and we are not responsible for the content or the
privacy policies of these other website.

This document consists of two parts:
Part 1 – Privacy Policy and Statement
Part 2 – Social Media Privacy Policy and Statement

www.sligotourism.ie Privacy Policy 2018

Page 2 of 9

Part 1 – Privacy Policy and Statement

1.1 Introduction

1.1.2 Sligo Tourism Ltd is a non-profit organization. Our function is to market the county of
Sligo overseas and locally as a tourist destination. A core part of our business is to facilitate
efforts to promote and publicise tourism products and services. In order to provide the most
effective and efficient service, we will be required to collect, process and use certain types of
information about people and organisations. This may include ‘personal data’ as defined by
the Data Protection Acts and by the general data protection Regulation (GDPR) and may relate
to current, past and future service users; past; current and prospective employees; suppliers;
and members of the public who may engage in communications with our staff. In addition,
staff may be required, from time to time, to collect, process and use certain types of personal
data to comply with regulatory or legislative requirements.

1.1.3 This privacy policy (the "Policy") refers to the website, [ www.sligotourism.ie] (the
"Website"). The Website is operated by Sligo Tourism Ltd ("we", “our”, “Sligo Tourism Ltd”)
whose principal place of business is at Temple Street, Sligo Town, Co. Sligo.

1.1.4 The Policy explains how we use any personal data we collect about you (either "user" or
"service provider") when you use the Website. This Policy is designed to protect you, our
users, by informing you what personal data is collected, how we will use the information
about you, with whom we share it, how long we keep it and how to contact us if you have any
queries or concerns about our use of your personal information. Your use of the Website and
any micro-sites is subject to your agreement with this Policy. In this Policy, the term “personal
data” or “personal information” means data relating to a living individual who is or can be
identified either from the data or from the data in conjunction with other information that is
in, or is likely to come into, our possession, and includes personal data as described in Data
Protection Legislation (as defined below). Please read the following carefully. Entering into this
Website and providing your consent to our use of your personal data in accordance with the
terms of this Policy indicates that the user has reviewed this Policy and has agreed to be
bound by it. If you no longer consent to our processing of your personal data, you may request
that we cease such processing by contacting us via the ‘How to contact us’ section referred to
below.

1.2 Types of Personal Data stored

1.2.1 Sligo Tourism Ltd would typically retain and process two types of information: personal
and non-personal data. Personal data is the data that identifies you or can be used to identify
or contact you. Non-personal data can be used to contact you and comprises of cookies,
statistics and analytical information

1.2.2 The following are types of Personal Data: Name, address, IP address, email address,
phone number.

Page 3 of 9

1.2.3 The following are types of Non-personal data: website traffic including location, cookies,
demographic information, IP addresses, browser types and other anonymous statistical data.

1.3 Purpose of data collection

1.3.1 The non-personal data gathered from visitors to our website is used to get a better
understanding of website traffic as well as to better design and organise our website.

1.3.2 This website may use “cookie” technology. A cookie is a little piece of text stored by the
browser on your computer, at the request of our server. Cookies may be used to deliver
specific information to the interests of users and to save personal preferences.
No personal information is recorded, and the cookie can always be deleted or declined using
browser setting.

1.3.3Personal Data

We will use any Personal Data provided to us for the following purposes:
a) to list information about providers of tourist services;
b) to contact those providers if required in connection to any communications;
c) to send the Sligo Tourism Newsletter/Event Alerts and to communicate with website users.

1.4 Data storage and processing

1.4.1 Processing means performing any operation or set of operations on data, including:
• obtaining, recording or keeping data;
• collecting, organising, storing;
• altering or adapting the data;
• retrieving, consulting or using the data;
• disclosing the information or data by transmitting, disseminating or
• otherwise making it available;
• aligning, combining, blocking, erasing or destroying the data.

1.4.2 All information provided to us is stored on our secure servers, featured on our website
in the case of service providers and in the form of electronic databases.

1.4.3 SLigo Tourism Ltd complies with the highest standards when collecting and using
personal information. No personal information will be retained for longer than is necessary to
fulfill a legitimate business need or as required by applicable law.

1.5 Right of access

1.5.1 Service providers listed on the Website may ask to see what personal data we hold
about them and be provided with:

Page 4 of 9

• a summary of such personal data and the categories of personal data held;
• details of the purpose for which it is being or is to be processed;
• details of the recipients or classes of recipients to whom it is or may be disclosed,
including if they are overseas and what protections are used for those overseas transfers;
• details of the period for which it is held (or the criteria we use to determine how long it
is held);
• details of your rights, including the rights to rectification, erasure, restriction or
objection to the processing;
• any information available about the source of that data;
• whether we carry out automated decision-making, or profiling, and where we do,
information about the logic involved and the envisaged outcome or consequences of that
decision making or profiling; and
• where your personal data are transferred out of the EEA, what safeguards are in place.

1.5.2 Requests for personal data must be made to us directly (see 'How to contact us' below)
specifying what personal data you need access to, and a copy will be retained on your
personal file.

1.5.3 If, to comply with your request, we would have to disclose information relating to or
identifying another person, we may need to obtain the consent of that person, if possible. If
we cannot obtain consent, we may need to withhold that information or edit the data to
remove the identity of that person, if possible.

1.5.4 There are certain types of data which we are not obliged to disclose to you, which
include personal data which records our intentions in relation to any negotiations with you
where disclosure would be likely to prejudice those negotiations. We are entitled to refuse a
data access request from you where (i) such request is manifestly unfounded or excessive, in
particular because of its repetitive character (in this case, if we decide to provide you with the
personal data requested, we may charge you a reasonable fee to account for

1.5.5 Access to the Sligo Tourism LTD’s computer systems is restricted as follows:
1. Access only by authorized staff.
2. Databases are password protected.
3. There are comprehensive back up procedures in operation.
4. In accordance with security obligations under the Data Protection Acts, our systems are
regularly backed-up. Back-up data is data held specifically for the purpose of recreating a file
in the event of the current data being destroyed. Back-up data will not ordinarily be provided
in response to a Data Access Request.

1.6 Right to restrict or prevent data processing

1.6.1 In accordance with Data Protection Legislation, request can be made to stop processing
personal data temporarily if:

Page 5 of 9

• data is inaccurate (but we will start processing again once we have checked and
confirmed that it is accurate);
• the processing is unlawful;
• objection has been made.

1.6.2 If the right to restrict us from data processing has been exercised, we will continue to
process the data if:
• users and service providers consent to such processing;
• the processing is necessary for the exercise or defense of legal claims;
• the processing is necessary for the protection of the rights of other individuals or legal
persons;
• the processing is necessary for public interest reasons.

1.7 Right to update or correct stored data

1.7.1 Website users and service providers listed can require us to correct any mistakes in your
personal data which we hold free of charge. See ‘How can you contact us’ below;
1. let us have enough information to identify you (e.g. name, registration details);
2. let us know the information that is incorrect and what it should be replaced with. If we are
required to update your personal data, we will inform recipients to whom that personal data
have been disclosed (if any), unless this proves impossible or has a disproportionate effort. It
is your responsibility that all of the personal data provided to us is accurate and complete. If
any information you have given us changes, please let us know as soon as possible.

1.8 Information which will not be provided

1.8.1 Sligo Tourism will not normally disclose the following types of information in response
to a Data Access Request:

(a) Information about other People
A Data Access Request may cover information which relates to one or more people other
than the Data Subject. The information about the other person may be Personal Data about
that person, to which the usual data protection rules under the Data Protection Acts,
including the restrictions on disclosure, apply. In such circumstances we will not grant access
to the information in question unless either: (i) the other person has consented to the
disclosure of their data to the Data Subject or (ii) in all the circumstances it is reasonable to
make the disclosure without that person’s consent. If the person’s consent is not forthcoming
and it is not reasonable to make the disclosure without consent, we will make available as
much Personal Data as we can without revealing the identity of the other person (for example
by excluding the person’s name and/or other identifying particulars).

Page 6 of 9

(b) Opinions given in Confidence
Where we hold Personal Data about the Data Subject in the form of an opinion given in
confidence we are not required to disclose such opinions in response a Data Access Request
in all cases.

(c) Repeat Requests
The Data Protection Acts provide an exception for repeat requests where an identical or
similar request has been complied with in relation to the same Data Subject within a
reasonable prior period. Sligo Tourism will consider that if a further request is made within a
period of six months of the original request and where there has been no significant change
in the personal data held in relation to the individual, it will be treated as a repeat request.
Accordingly, where Personal Data has recently been provided to the Data Subject or his/her
legal representative, Sligo Tourism will not normally provide a further copy of the same data
in response to a Data Access Request. Sligo Tourism will not consider that it is obliged to
provide copies of documents that are in the public domain.

(d) Privileged Documents
Where a claim of privilege could be maintained in proceedings in a court in relation to
communications between an individual and his or her professional legal advisers (or between
those advisers) any privileged information which we hold need not be disclosed pursuant to a
Data Access Request. Where Sligo Tourism refuses a Data Access Request, it will do so in
writing and will set out the reasons for refusal. Any person who is dissatisfied with the
response of Sligo County Council to their request has the right to make a complaint to the
Data Protection Commissioner.

1.9 Right to erasure

1.8.1 In accordance with Data Protection Legislation, request of data erase can be made in
case that:
• user/ service provider does not believe that we need their personal data in order to
process it for the purposes set out in this Policy;
• if user or service provider had given us consent to process your personal data, you
withdraw that consent and we cannot otherwise legally process your personal data;
• user or service provider objects to our processing and we do not have any legal basis for
continuing to process your personal data;
• data has been processed unlawfully or have not been erased when it should have been;
or
• the personal data must be erased to comply with law.

Page 7 of 9

Part 2 – Social Media Privacy Policy and Statement

2.1 Twitter Policy

2.1.1 The @sligotourism Twitter account is managed by the person responsible for Sligo Tourism
IT and communications. Tweets from this account will cover developments in Sligo Tourism and
related services. If you follow us, you can expect tweets covering some or all of the following:

• Press Releases on the Sligo Tourism;
• Event information;
• Alerts about new content on our website;
• Other practical information relevant to tourism in Sligo County.

2.1.2 Twitter may occasionally be unavailable, and we accept no responsibility for this lack of
service. Retweets may be used to highlight relevant appropriate announcements, particularly
those by other Government bodies and neighboring councils.

2.1.3 Normally our Twitter account will be updated and monitored during office hours,
Monday to Friday. We welcome and will read all @ messages. However, in general, due to
resource constraints, we will not be in a position to reply to all messages.

2.1.4 @sligotourism will not be obliged to follow any of our followers. If we do follow a
Twitter account, it does not imply endorsement of any kind.

2.1.5 Sending a message via Twitter will not be considered as contacting the Council for
official purposes and we will not be obliged to monitor or respond to requests for information
through the Twitter channel.

2.1.6 Please do not include personal/private information in your tweets to us. Sligo Tourism is
not responsible, liable for and does not endorse the privacy practices of twitter or any linked
websites. Your use of Twitter and any linked websites is at your own risk.

2.1.7 Sligo Tourism assume no responsibility or liability for any injury, loss or damage incurred
as a result of any use or reliance upon the information and material contained within or
downloaded from these websites.

2.2 Facebook Policy

2.2.1 This policy outlines participation criteria for postings and published commentary on the
Sligo Tourism Facebook page.

2.2.2 The Sligo Tourism Facebook page intends to provide information and updates regarding
providers of the services related to tourism, public and social festival and events.

Page 8 of 9

2.2.3 In order to ensure that all discussions on the Sligo Tourism page are productive,
respectful, energized and consistent with our mission and goals, we ask you to follow these
guidelines:
• Be considerate and respectful of others. Vulgarity, threats or abuse of language will not
be tolerated;
• Differing opinions and discussion of diverse ideas are encouraged, but personal attacks
on anyone, including staff, will not be permitted;
• Share freely and be generous but be aware of copyright laws; be accurate and give credit
where credit is due;
• Stay on topic;
• Refrain from using the Facebook page for solicitation, for commercial purposes or to
market products;
• The sites are not monitored 24/7 and we will not always be able to reply individually to
all messages or comments received. However, we will endeavor to ensure that any emerging
themes or helpful suggestions are passed to the relevant people.

2.2.4 Sending a message/post via Facebook will not be considered as contacting us for official
purposes and we will not be obliged to monitor or respond to requests for information
through the Facebook channel.

2.2.5 We retain the right to remove comments or content that includes:
• Obscene or racist content;
• Personal attacks, insults, or threatening language;
• Potentially libelous statements;
• Plagiarized material; any material in violation of any laws, including copyright;
• Private, personal information published without consent;
• Information or links unrelated to the content of the forum;
• Commercial promotions or spam.

2.2.6 Sligo Tourism is not responsible for the accuracy of content posted by any subscriber in
any forum; opinions expressed in comments on Sligo Tourism social media forums do not
necessarily represent those of Sligo Tourism.

2.2.7 All comments, once posted, become the property of Sligo Tourism and we reserve the
right to reproduce, distribute, publish, display or edit same. Derivative work also can be
created from such postings or content, and used for any purpose, in any form and on any
media.

Page 9 of 9

How to contact us

email: [email protected]
Tel: 00 353 1917 1905

Sligo Tourism Limited, Temple Street, Sligo.