Digital Toolkit Desk Booking Privacy Notice

The Department of Finance is committed to protecting your privacy when you use our services. This privacy notice explains how Department of Finance uses information about you and the ways in which we will safeguard your data.

This privacy notice does not provide exhaustive detail of all aspects of the Department of Finance’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below:

Data Protection Officer
2nd Floor
Craigantlet Buildings
Stoney Road
Belfast
BT4 3SX

What information we need

The Department of Finance is the data controller of the personal data we process through the digital toolkit desk booking system. Your data is collected to gain secure access to the system, for booking management, account management, building management and troubleshooting

To gain access to the desk booking system the information we need to process includes:

  • Your name
  • Your work email address
  • Your Payroll number

This allows us to create your account to authenticate your information, and to ensure only people who are members of NICS staff and have been given the relevant booking permissions can access the desk booking system.

The payroll number is captured to assist account management and troubleshooting, because whilst your name and email address may change, your payroll number remains the same, and this allows us to find your account to identify any issues there may be with roles/permissions.

For the purpose of booking a desk we collect:

  • Your name
  • Your work email address
  • A contact number (should the building have to be closed)
  • Whether or not you are Fire Warden trained
  • Desk and booking slot information (so this becomes unavailable on the system to other users)

Why we process personal information

The legal basis for processing is:

  • to perform a task in the public interest
  • in the exercise of our functions as a government department
  • legitimate interests, and the legitimate interests of our users, in ensuring the security and integrity of Government buildings and the desk booking system

We do not collect more information than we need to fulfil our stated purposes and will not hold it for longer than is necessary.

Use of cookies

Website usage information is collected using cookies. You can read more about how we use cookies on our Cookies page.

How we obtain personal data

We obtain personal information from the NICS staff directory in order to create your account, any other information is collected from the online desk booking form you complete to book your desk.

Who your personal information may be shared with

In many circumstances, we will not disclose personal data without consent. Further information is available in Departmental Guidance on Data Sharing about the factors we shall consider when deciding whether information should be disclosed.

Access to the desk booking system is managed through authentication and roles with different levels of permissions.

Desk booker/Service user – This role allows you to check availability, create and manage your bookings, receive reminders about your bookings. This role applies to the majority of users.

Service Admin/Deskbooking Admin – Users with this role can manage the location(s) (add/remove desks) within a tenant, and on request assist with limited account and booking management/troubleshooting specific to that desk booking location. Service admins can also generate fire warden reports and anonymised building/location occupancy reports. This role can be undertaken by local facilities management/premises teams/office managers.

Business Admin – Users with this role can add new tenants and services as required within NICS and assist with the set up of the new service. Business admins can also assist with troubleshooting and account management (add/amend/remove accounts/permissions across all tenants on request by the user or premises team on behalf of the user.) NICS has two business admins as a part of the DOF Digital Operations Enterprise Digital Development team.

We will not:

  • sell or rent your data to third parties
  • share your data with third parties for marketing purposes

How we use information about you

Any personal information we process will only be used for the purposes stated or if necessary to fulfil legal or regulatory requirements.

Most of the personal data we use is processed within the UK and European Economic Area (EEA). Sometimes it may be necessary to transfer personal information outside the UK and EEA. Where this is required, information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of data protection legislation.

The desk booking service is built in an ITAssist managed Microsoft Azure environment and as such is subject to ITAssist content and security policies.

A helpdesk is provided by 3rd party supplier Stiona Software ltd. The Stiona helpdesk is utilised, on request and in communication with the user, where troubleshooting by Service Admin/Business Admin has not been successful and further investigation is required to determine the problem. This allows us to remediate technical issues and ensure the service continues to function correctly for all users. Stiona Software Ltd. is under contract to the Department of Finance and is ISO 27001 certified.

How long we keep your personal data

We keep personal information about you only for as long as is necessary to fulfil the purpose.

Your rights

Under data protection legislation, you have rights as an individual which you can exercise in relation to the information we hold about you. The Department tries to be as open as possible in terms of giving you access to your personal data. You can find out if we hold any information by making a subject access request. If we do hold information about you, we will, where possible:

• Give you a description of it;

• Tell you why we are holding it;

• Tell you who it could be disclosed to; and

• Let you have a copy of the information in an intelligible form.

To make a request for any personal information we may hold, you can contact our Data Protection Officer whose details can be found at the top of this notice or email us at DataProtectionOfficer@finance-ni.gov.uk.

If, at any point, you believe the information we process on you is incorrect, you can ask to have this information corrected. In certain circumstances, you may also ask us to erase or restrict the processing of your data.

How do I complain?

If you wish to raise a complaint about how we have handled your data, you can contact our Data Protection Officer at the address above who will investigate the matter.

If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner at the following address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated in November 2024. It is scheduled to be updated in Q1/Q2 2025 and annually thereafter, unless new functionality is developed in the interval.

How to contact us

If you want to request information about our privacy policy or our data protection policy you can email us at DataProtectionOfficer@finance-ni.gov.uk or write to:

Data Protection Officer
2nd Floor
Craigantlet Buildings
Stoney Road
Belfast
BT4 3SX