Skip to main content
English Cymraeg

Privacy Notice for Regulated Plastic Recycling Businesses

The Food Standards Agency is what is known as the ‘Controller’ of the personal data provided to us.

Last updated: 31 December 2020
See all updates
Last updated: 31 December 2020
See all updates

Purpose and lawful basis for processing

The Food Standards Agency obtains this information about you from the Auditors that we appoint to provide us with assurance that your recycling processes is operating within the conditions specified in its authorisation decision(s). 

We do this in line with the performance of our official duties in the exercise of the official authority vested in us and in the public interest to protect public health in relation to food safety. We will not collect any personal data from you which we do not need.

What we need and how we use it

The personal data we hold on you consists of business name, the registered business address and the data acquired in the course of audits, conclusions drawn and where appropriate any enforcement action taken in respect of plastic recycling processes carried out by your business.  Any personal data we collect is for the purpose(s) of assuring the FSA, Competent Authorities and other Government Agencies, in both the UK and the EU, that your recycling processes are compliant in accordance with relevant UK and EU standards.

We may also analyse this data along with other information we hold about you and information we have obtained from public and/or private sources for the purpose of helping us evaluate risk. We do this in line with the exercise of official authority vested in us under the Food Standards Act and the performance of a task carried out in the public interest.

How and where we store your data and who we may share it with

Audits will be carried out by Trusted Third party Auditors, appointed by us, and who have the necessary technical, organisational and contractual safeguards set out in UK GDPR. They will be a Data Processor for information that we provide them with in order to contact you and carry out the work. Insofar, as they define the scope of the Audit, they will be Data Controller in respect of information they require from you in order to complete the assurance work.  

For more general information, please see the How and where we store your data and who we may share it with section in our Personal Information Charter.

We only hold your information for as long as necessary to perform our functions.

International transfers

For more information on international transfers, please see the International transfers section in our Personal Information Charter.

EU citizens

For more information on EU Citizens Privacy Notice, please see the EU citizens section in our Personal Information Charter.

Your rights

For more information on your rights, please see the Your rights section in our Personal Information Charter.

Contact us

If you have any queries concerning this Personal Information Charter, your personal information or any questions on our use of the information, please email our Data Protection Officer in the FSA, who is the Information Management and Security Team Leader using the address below.