Skip to main content
English Cymraeg

Privacy notice - Monitoring of Local Authority Delivery of Food Controls

Information on our Monitoring of Local Authority Delivery of Food Controls privacy policy, why we require data, what we do with the data and your rights.

The Food Standards Agency is what is known as the ‘Controller’ of the personal data provided to us.

Purpose and law basis of processing 

The personal information we hold on you consists of:

  • name, job role and contact details of local authority staff
  • food establishment identification (IDs).

We obtain this information from local authorities as part of their annual food law monitoring returns  and through interim surveys or feedback.

Our lawful basis for processing your personal information is under Article 6(1)(e) of the UK General Data Protection Regulations (GDPR), as it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. In particular, to help us meet our obligations to keep food safe in the interest of public health as required under The Food Standards Act 1999, Food (Scotland) Act 2015 and Regulation (EC) No 2017/625 on official controls (regulation for Northern Ireland and retained regulation for England and Wales).

Your personal information will only be used for these purposes unless the FSA deems further processing is necessary, and there is a lawful basis to do so, in order to perform our functions under the legislation.

How and where we store your data and who we may share it with 

We may share your personal information with colleagues in other Government departments or the EU if necessary, when investigating a food incident.

We also may use the official control information collected for internal and external reporting, but personal information processed for these purposes will be removed, aggregated, or anonymised prior to publication.

We retain your personal information only for as long as necessary to carry out our functions and in line with our corporate retention schedules. For example, feedback and survey data from temperature check surveys will be held for 10 years, whilst annual return information will be retained for 12 years

For more  information, on How and where we store your data and who we may share it with see our Personal Information Charter.

For information on how we might use and share data as part of our risk monitoring function see the Monitoring and Evaluation of Risks section in our Personal Information Charter.  

International transfers  

For more information on international transfers, please see the International transfers section in our Personal Information Charter.  

EU citizens  

For more information on EU Citizens Privacy Notice, please see the EU citizens section in our Personal Information Charter.  

Your rights

For more information on your rights, please see the Your rights section in our Personal Information Charter.  

Contact us  

If you have any queries concerning this Privacy Notice, your personal information or any questions on our use of the information, please email our Data Protection Officer in the FSA, who is the Information Management and Security Team Leader using the address below.