Skip to main content

Privacy notice - Incidents

Information on our incidents management privacy policy, why we require data, what we do with the data and your rights.
Last updated

The Food Standards Agency (FSA) will be what is known as the ‘Controller’ of the personal data provided to us.

Why we need it

We hold this data for the purpose of managing incidents involving food and feed safety, integrity, food fraud / crime, and other emergencies, ensuring that food and feed not in compliance with food / feed safety and other legislative requirements is removed from the market.

We may also analyse this data along with other information we hold about you and information we have obtained from public and/or private sources for the purpose of helping us evaluate risk. We do this in line with the exercise of official authority vested in us under the Food Standards Act and the performance of a task carried out in the public interest.

Where the data is from

The personal data we hold on you consists of: names, addresses, phone numbers and where applicable allergy or illness details, sole trader information, and other data relevant to the food incident. The personal data that we hold may also include emergency contact details for those involved in incident management (including business continuity). 

The FSA obtains this data either from individuals themselves or from other third parties including enforcement authorities, other government departments and agencies, industry bodies, the European Commission and International organisations. We do this in line with the performance of our statutory duties.  We will not collect any personal data from you which we do not need. 

What we do with it

One of our statutory functions is to make observations to keep food safe. We may combine and analyse information obtained in the course of our regulatory functions with information we have obtained from public and private sources.

For example, we may collect information from, and share information with Local Authorities and Other Competent Authorities, Government Agencies and Industry Bodies, in the UK and Internationally. We may gather information from publicly available sources, such as websites, and make use of web scraping software to carry out our legal powers including for the purpose of helping us evaluate risk.

These processes of collecting data, adding value to it by combining it with other data, and acting as a central point to share data about real and potential risks relating to unsafe food, support our remit to ensure food and feed is safe in the interest of consumers. These risk analyses and evaluation processes also help inform our Policy and Standards as do the activities that we set out in the next section.

How and where we store your data and who we may share it with

No third parties have access to your personal data unless the law allows them to do so. In line with this commitment your information may be passed to other government departments and competent authorities internationally, in addition to UK public bodies, and organisations which perform public functions to assist in the performance of their statutory duties or when it is in the public interest. We may also share the data as part of risk evaluation and analysis with public bodies or other organisations, such as Trading Standards and Port Health Authorities, for the same purposes.

For more information, please see the How and where we store your data and who we may share it with section in our Personal Information Charter.

We retain personal information only for as long as necessary to carry out these functions, and in line with our retention policy. This means that this information will be retained for 7 years. 

International transfers

For more information on international transfers, please see the International transfers section in our Personal Information Charter.

EU citizens

For more information on EU Citizens Privacy Notice, please see the EU citizens section in our Personal Information Charter.

Your rights

For more information on your rights, please see the Your rights section in our Personal Information Charter.

Contact us

If you have any queries concerning this Privacy Notice, your personal information or any questions on our use of the information, please email our Data Protection Officer in the FSA, who is the Information Management and Security Team Leader using the address below.