Privacy notice - exception reports for FSA approved assurance schemes

Information on privacy policy relating to exception reports for FSA approved assurance schemes.
Last updated

The Food Standards Agency is what is known as the ‘Controller’ of the personal data provided to us. 

What information we hold 

The personal information we hold on you consists of the name and address of your business. 

Where we get this information from 

The Food Standards Agency obtains this information from your local authority. 

Why we need it 

We need to collect this information for the purpose of receiving information on local authority inspections of members of the FSA approved assurance schemes where significant non-conformances have been identified. These details are then shared with the relevant FSA approved assurance scheme of which your business is a member. We do this in line with the performance of our official duties. We will not collect any personal data which we do not need.  

What we do with it 

We retain personal information only for as long as necessary to carry out these functions, and in line with our retention policy. This means that this information will be retained for 6 years from receipt. 

All the personal data we process is located on servers within the European Union. Our cloud based services have been procured through the government framework agreements and these services have been assessed against the national cyber security centre cloud security principles. 

No third parties have access to your personal data unless the law allows them to do so. In line with this commitment your information will only be passed to the owner of the relevant FSA approved assurance scheme of which your business is a member.  

Your rights

You have a right to see the information we hold on you by making a request in writing to the email address below. If at any point you believe the information we process on you is incorrect you can request to have it corrected. If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter. 

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).