The Food Standards Agency is what is known as the ‘Controller’ of the personal data provided to us.
Why we need it
We hold this information for the purpose of the investigation, detection or prosecution of offences under food hygiene, food safety and animal welfare legislation.
What information we hold
The personal information we hold consists of personal data provided by individuals and third parties in relation to witnesses and defendants linked to criminal investigations and prosecutions which will include the personal data of those individuals including names, addresses, contact details and, if cases progress to prosecution, Police National Computer record checks.
Where we get this information from
The Food Standards Agency obtains this information either from individuals themselves, from third parties such as other public bodies and local authorities.
We do this in line with our statutory obligations under food hygiene, food safety and animal welfare legislation, for reasons of substantial public interest and under the authority of schedule 7 of the Data Protection Act 2018.
In order to carry out our legal powers to ensure food safety we also obtain personal data from public availably sources such as websites and make use of web scraping software.
What we do with it
We retain personal information only for as long as necessary to carry out these functions, and in line with our retention policy. This means that this information will be retained for 7 years from receipt.
All the personal data we process is located on servers within the European Union. Our cloud based services have been procured through the government framework agreements and these services have been assessed against the national cyber security centre cloud security principles.
No third parties have access to your personal data unless the law allows them to do so. In line with this commitment your information may be passed to other competent authorities such as government departments, public bodies and organisations which perform public functions for investigation or prosecution purposes or when it is in the substantial public interest.
We may also analyse this information along with other information we hold about you and information we have obtained from public and/or private sources for the purpose of helping us evaluate risk. We do this in line with the exercise of official authority vested in us under the Food Standards Act and the performance of a task carried out in the public interest.
We use or work with contractors and other third-party service providers, such as IT service providers, who will process your personal data on our behalf. These third parties can only process your personal data on our instruction or with our agreement for specific purpose to enable us to maintain, improve and provide our services in order to fulfill our statutory obligations and tasks carried out in the public interest.
You have a right to see the information we hold on you. You may have other rights, including the the right to restrict processing and the right to object to processing. If you wish to exercise any of your rights or raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
Our Data Protection Officer in the FSA is the Information Management and Security Team Leader who can be contacted at the following email address.