Privacy notice - HR staff data
The Food Standards Agency will be what is known as the ‘Controller’ of the personal data provided to us.
Purpose and lawful basis for processing
We need to collect this information for the purpose of creating and maintaining your employment record.
We do this to carry out the employment contract between us. We will not collect any personal data from you which we do not need.
Providing us with this information is a contractual requirement and failure to provide the information could result in us not being able to provide you with a contract of employment, pay you correctly or administer your training and development.
Where we process your special category data such as that relating to your trade union membership, sick absence and health data and data collected for equal opportunity purposes, we do so to carry out our employment law obligations and to enable you to exercise your employment rights, to fulfil our legal obligations and for reasons of substantial public interest and in line with our Data Protection and Human Resources Policies.
All of our ICT systems auditable and can be monitored, though we don’t do so routinely other than for security purposes. We are committed to respecting individual users’ reasonable expectations of privacy concerning the use of our ICT systems and equipment. However, we reserve the right to log and monitor such use in line with our Acceptable Use Policy. Any targeted monitoring of staff will take place within the context of our disciplinary procedures.
How and where we store your data and who we may share it with
We retain personal information only for as long as necessary to carry out these functions, and in line with our retention policy. This means that this information will be retained as follows:
- sickness absence records until age 100
- summary record of disciplinary action – six years from cessation of employment, unless it results in a change to pay or terms and conditions then retained until age 100
- payroll and pensions record until age 100
- training and development records until 5 years after the financial or reporting period
No third parties have access to your personal data unless the law allows them to do so. In line with this commitment your information may be passed to other departments within the FSA where this is necessary in connection with staff administration and development.
Your data may also be passed to other government departments or organisations when this is necessary for the general administration of your employment contract with us including HMRC, MOJ, SSCL, Civil Service Pensions, Local Pensions Partnership etc and the Prudential and other organisations receiving voluntary payroll deductions, such as charities, trade unions etc. Your name and contact details may also be given to external training providers.
We also offer access to the Civil Service Mediation Service (CSMS) for resolving workplace disputes. It is voluntary and therefore data is only processed with your consent. Full details of how the service works will be provided to you when you agree to use it and are also on the Digital Workplace. We have agreements in place with the CSMS to ensure necessary contractual, technical and organisational safeguards are in place to protect your data. The service is operated independently of the FSA. Any personal information that you provide, or agree that we provide to CSMS, is processed in accordance with the Civil Service Mediation Service privacy notice.
For more general information on How and where we store your data and who we may share it with see our Personal Information Charter.
For more information on international transfers, please see the International transfers section in our Personal Information Charter.
For more information on EU Citizens Privacy Notice, please see the EU citizens section in our Personal Information Charter.
For more information on your rights, please see the Your rights section in our Personal Information Charter.
If you have any queries concerning this Privacy Notice, your personal information or any questions on our use of the information, please email our Data Protection Officer in the FSA, who is the Information Management and Security Team Leader using the address below.
Published: 22 May 2018
Last updated: 26 January 2021