Privacy notice for novel foods and GM foods policy

Why we need data, what we do with it and understanding your rights.
Last updated

Why we need it

We need to collect this information for the purpose of administration in terms of contact details for business in respect to information dissemination on either novel foods or GM and policy.

We do this in line with the performance of our official duties. We will not collect any personal data from you which we do not need. The Food Standards Agency will be what is known as the ‘Controller’ of the personal data provided to us.
Failure to provide the information could result in delays in correspondence reaching you in a timely manner.

What we do with it

We retain personal information only for as long as necessary to carry out these functions, and in line with our retention policy. This means that this information will be retained for 7 years from receipt.
We also use the content of the correspondence we are sent on novel foods and in particular our responses as part of the information to decide whether a food needs to be assessed under the Novel Food Regulation. This is to ensure we give consistent advice to consumers and businesses. 

All the personal data we process is located on servers within the European Union. Our cloud based services have been procured through the government framework agreements and these services have been assessed against the national cyber security centre cloud security principles.

No third parties have access to your personal data unless the law allows them to do so. In line with this commitment your information may be passed to other relevant departments with an interest in either novel foods or GM issues.

Your rights

You have a right to see the information we hold on you by making a request in writing to the email address below. If at any point you believe the information we process on you is incorrect you can request to have it corrected. If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter.

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).