Food Chain Information (FCI)  Privacy Notice

Food Standards Scotland (FSS) is  known as the ‘Controller’ of the personal information provided to us. 

What information do we hold?

Personal Information collected on  the  Food Chain Information (FCI) model  forms,   may include your name and address of your business.

Where we get this information from

Food Standards Scotland obtains this information from Food Businesses Operators.

Why we need it

FCI  is collected by Food Standards Scotland to support our delivery of Official Controls in Approved Meat Establishments in Scotland.

We use FCI to help us make decisions on meat, and to determine inspection procedures for animals and groups of animals.

Proving us with this information is part of the whole chain, farm-to-fork, approach to food safety introduced by the Hygiene Regulations from the beginning of 2006.

Failure to provide the information could result in non-compliance with the following legislation: (EC) 852/2004 and (EC) 853/2004.

We will only collect the data that we need as required by the above Hygiene regulations and legislations, and not collect any personal information from you that we do not need.

What is the legal basis for our use of your personal data?

The legal basis for our use of your personal information as highlighted above will generally be one or more of the following:

We need to process your personal information  to satisfy our legal obligations as the Competent Food Authority in Scotland; and

We need to process your personal information  to carry out a task in the public interest, or help prevent fraud and crime, or where we are required to do so by law in the exercise of official authority in our capacity as a public body.

What we do with it

We retain personal information only for as long as necessary to carry out these functions.  This means this information will be retained for as long as a business remains approved as a food business operator.  Historical lists of approved businesses are retained for 6 years for Freedom of Information purposes.

FSS has put in place appropriate and adequate technical and organisational measures to protect your personal information. FSS data is located within the European Union. Our cloud based services procured through the government framework agreements, and assessed against the national cyber security centre cloud security principles.

We want to assure you that no third parties have access to your personal information unless the Law allows them to do so.

What we may also  be required to do with it 

The information may be shared with other Regulators  in line with the principles of the Scottish Regulators Strategic Code of Practice for compliance and risk mitigation purposes.  This is limited  to circumstances where the law allows such sharing of information  by regulators (e.g.,  Scottish Government, FSA, APHA, DEFRA, etc. ) with common interests or activities

Your rights

You have a right to see the information we hold on you by making a request in writing to the email addresses below. If at any point you believe the information we process on you is incorrect you can request to have it corrected. If you wish to raise a complaint on how we have handled your information, you can contact our Data Protection Officer who will investigate the matter.  

If you are not satisfied with our response or believe we are not processing your information in accordance with the law you can complain to the Information Commissioner’s Office (ICO) at:

Our Data Protection Officer at Food Standards Scotland is the Head of Corporate Services who can be contacted at the following email address: