Food safety inspections and investigations privacy notice
The council is the data controller for purposes of the Data Protection Act (2018) and EU General Data Protection Regulation as of May 2018 and is registered as a data controller with the Information Commissioner’s Office (ICO)
Brighton & Hove City Council are committed to protecting your personal information. As a data controller we have a responsibility to make sure you know why and how your personal information is being collected in accordance with relevant data protection law.
Purposes and lawful basis of processing
We are collecting your data for the purpose of investigating compliance of a food business. Information gathered may be used to update and amend records or as part of our investigation. From our investigations we may issue food hygiene rating scores and/or take enforcement action where necessary. Contact details may be used in relation to any investigation.
Our lawful basis for processing data is due to our legal obligations under the Food Safety Act 1990.
During investigations we may collect special category data, which would be done so under substantial public interest, specifically the Data Protection Act 2018 Schedule 1, Part 2, Paragraph 12 ‘regulatory requirements relating to unlawful acts and dishonesty etc.’.
Who we will share your data with
Your data may be shared internally with other Regulatory Services Teams, Legal Services, School Organisations and the Communications Team.
Your information may also be shared externally with other local authorities, Food Standards Agency, Public Health England, the courts, the Chartered Institute of Environmental Health or the food business being investigated or their representative. We use an email and text message service provider, Gov.UK Notify to send email and text updates. Your contact email address and mobile number may be uploaded to Gov.UK Notify so that we can contact you quickly with information we are under a duty to provide to you in association with our services. These details will be used solely for the purpose of making contact when we are required to.
Details are held on their servers for no longer than 7 days after an email/text has been sent. Find more information on their security settings.
How long we will hold your data (retention)
For business operators, your information will be kept for six years from when your business closes and for those who have made a complaint, your information will be kept for six years from when the case closes.
Transferring data outside the European Economic Area
Your information is not processed outside of the European Economic Area.
Your information rights
Under GDPR you have certain rights concerning your information.
How to get advice or make a complaint
Data protection contacts
If you wish to discuss any of your data protection rights, you can contact the Data Protection Team on 01273 295959 or by email at firstname.lastname@example.org
Whilst we would prefer that you contact us first with any concerns that you might have, you can also contact the Information Commissioner’s Office. The ICO is the national regulator with responsibility for ensuring compliance with data protection.
Information Commissioner’s Office
You also have the right to lodge a complaint with a supervisory authority. Contact details for the ICO is stated below:
You can contact the ICO:
- on their website
- by telephone: 0303 123 1113
- by post: Wycliffe House, Water Ln, Wilmslow SK9 5AF
This Privacy Notice will be subject to review when there is a change.