UK General Data Protection Regulation (UK GDPR) builds upon existing data protection laws and provides enhanced protection for personal data by imposing stricter obligations on those who process personal data.
Fundamentally personal data must be –
- Processed lawfully, fairly and transparently;
- Collected for specified, explicit and legitimate purposes;
- Be adequate, relevant and limited to what is necessary for processing;
- Be accurate and kept up to date;
- Be kept only for as long as is necessary for processing; and
- Be processed in a manner that ensures its security.
For the purposes of Data Protection legislation, NIFRS is a ‘Data Controller’ (the holder, user and processor) of personal data.
We process personal information to enable us to undertake prevention, protection and emergency services in the communities we serve. Personal data can be collected for firefighting and emergency services purposes, including managing responses to fire and other emergency incidents; and maintaining our own records and accounts including the management of fire service assets.
Other reasons why we collect personal data include –
- Carrying out Home Fire Safety visits;
- For employment and staff training purposes;
- Checking the quality and effectiveness of our services;
- Investigating any concerns or complaints about our services;
- Research and planning of new services;
- Emergency contact information; and
- Agreements you may have with the Fire and Rescue Service.
NIFRS is required to have a Privacy notice which reflects the requirements of UK GDPR. It aims to make our service users aware of how we process and use your personal data and of your rights in respect of your personal data. Read our Corporate Privacy Notice.
Information on making a subject access request under the GDPR-
Please send all subject access requests to:
Or by post to:
Northern Ireland Fire & Rescue Service Headquarters
1 Seymour Street
Responding to Requests
When we receive your letter or e-mail we may be in contact to clarify exactly what information you require. You may be asked to send us proof of identity – a copy of a formal document or bill with your name and address on it and your driving licence or passport.
Once we have received all the necessary documentation we have up to one calendar month/40 working days under the Data Protection Act 1998 to provide the information requested.
If information is withheld we will tell you why we are unable to disclose it.
If you are unhappy with any aspect of the way in which we deal with your request you may complain following the BSO complaints procedure or directly to the Information Commissioner.
Useful information is also available from the Information Commissioner’s Office Website.