The Food Standards Agency (FSA) will be what is known as the ‘Controller’ of the personal data provided to us.
Why we need it
We need to collect this information for the purpose of conducting social research as part of the Food and You 2 research, conducted on our behalf by Ipsos MORI, which asks participants about their attitudes and behaviours around cooking, shopping and eating, to ensure we understand consumer needs in relation to food. We do this as part of our statutory duty under the Food Standards Act 1999, to protect public health and promote food safety and food standards.
If you provide an email address in order to receive a gift voucher as a thank you for taking part in the survey, you consent to your email address being used by Ipsos MORI to send you the voucher. They will only use your email address to send you your gift voucher and will not contact you for any other reason or pass your email address to anyone else.
If you provide your contact details (e.g. name, address) in order to take part in future research, you consent to the FSA using your details for this purpose.
You can withdraw your consent at any time by contacting us or contacting Ipsos MORI who will pass your request to us.
What we do with it
Your responses to the survey will be anonymised and passed to the FSA by Ipsos MORI. This means that you cannot be identified from the information. Anonymised data will be retained indefinitely and be published as open data in the UK Data Service.
Where you consent to being contacted for future research, your contact details will be linked to your survey responses and be passed to the FSA to help us identify groups of interest. This means that you will be identifiable from the information for this sole purpose. Only anonymised data will be published.
We retain contact details only for as long as necessary to carry out our research function, and in line with our retention policy. This means that this information will be retained for 2 years from receipt. Ipsos MORI also retain the contact details for 2 years.
All the personal data we process is located on servers within the European Union. Our cloud-based services have been procured through the government framework agreements and these services have been assessed against the national cyber security centre cloud security principles.
No third parties have access to your personal data unless the law allows them to do so.
You have a right to see the information we hold on you by making a request in writing to the email address below. If at any point you believe the information we process on you is incorrect you can request to have it corrected. If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).