Register a food business privacy notice

The Food Standards Agency will be what is known as the ‘Data Controller’ of the personal data provided to us.

What personal information will be collected?

Personal identifying data collected as part of the Register a Food Business service may include:

• name
• date of birth
• address
• email address
• business name
• business address
• phone number

Purpose and lawful basis for processing

We need to collect this information for the purposes of fulfilling our statutory obligations, under Article 113 of the Official Controls Regulation (EU) 2017/625, and as retained in UK legislation, on official controls to make details of food businesses available to persons enquiring about the registration and/or approval status of food business operators.

We do this in line with the exercise of official authority vested in us and the performance of a task carried out in the public interest. We will not collect any personal data from you which we do not need.

We may want to contact you to invite you to provide feedback on the service. We will only do this with your consent.

What we need and how we use it

The details of approved food business establishments are published on the FSA website. The list of registered food business establishments is published by the relevant local authority.

We may also analyse this information along with other information we hold about you and information we have obtained from public and/or private sources for the purpose of helping us evaluate risk. We do this in line with the exercise of official authority vested in us under the Food Standards Act and the performance of a task carried out in the public interest.

Where you provide your email address on the feedback form during your registration or agree to being contacted to provide feedback on the service at the end of the registration process, the FSA, or one of our research partners working on our behalf, may contactyou for this purpose. You can withdraw your consent at any time by contactingregistration@food.gov.uk

How and where we store your data and who we may share it with

We retain personal information only for as long as necessary to carry out these functions, and in line with our retention policy. This means this information will be retained for as long as a business remains registered and/or approved as a food business operator. Historical lists of registered and/or approved businesses are retained for 10 years.

No third parties have access to your personal data unless the law allows them to do so.In line with this commitment your information will be passed to the relevant local authority with responsibility for inspection of food businesses. The Food Standards Agency will sometimes share data with other government departments, public bodies, organisations which perform public functions to assist them in the performance of their statutory duties, and with these and other private organisations and persons, such as food business operators, when it is in the public interest.We may also share the data as part of risk evaluation and analysis with public bodies or other organisations, such as Trading Standards and Port Health Authorities, for the same reasons.

For more general information, please seethe How and where we store your data and who we may we share it withsection in our Personal Information Charter.

International transfers

For more information on international transfers, pleasesee theInternational transfers sectionin our Personal Information Charter.

EU citizens

For more information on EU Citizens Privacy Notice, please see the EU citizens sectionin our Personal Information Charter.

Your rights

For more information on your rights, pleasesee theYour rights sectionin our Personal Information Charter.

Contact us

If you have any queries concerning this Privacy Notice, your personal information or any questions on our use of the information, please email our Data Protection Officer in the FSA, who is the Information Management and Security Team Leader using the address below.