Food Standards Scotland (FSS) is known as the ‘Controller’ of the personal information provided to us.
What information do we hold?
Personal Information collected on the Food Chain Information (FCI) model forms, may include your name and address of your business.
Where we get this information from
Food Standards Scotland obtains this information from Food Businesses Operators.
Why we need it
FCI is collected by Food Standards Scotland to support our delivery of Official Controls in Approved Meat Establishments in Scotland.
We use FCI to help us make decisions on meat, and to determine inspection procedures for animals and groups of animals.
Proving us with this information is part of the whole chain, farm-to-fork, approach to food safety introduced by the Hygiene Regulations from the beginning of 2006.
Failure to provide the information could result in non-compliance with the following legislation: (EC) 852/2004 and (EC) 853/2004.
We will only collect the data that we need as required by the above Hygiene regulations and legislations, and not collect any personal information from you that we do not need.
What is the legal basis for our use of your personal data?
The legal basis for our use of your personal information as highlighted above will generally be one or more of the following:
We need to process your personal information to satisfy our legal obligations as the Competent Food Authority in Scotland; and
We need to process your personal information to carry out a task in the public interest, or help prevent fraud and crime, or where we are required to do so by law in the exercise of official authority in our capacity as a public body.
What we do with it
We retain personal information only for as long as necessary to carry out these functions. This means this information will be retained for as long as a business remains approved as a food business operator. Historical lists of approved businesses are retained for 6 years for Freedom of Information purposes.
FSS has put in place appropriate and adequate technical and organisational measures to protect your personal information. FSS data is located within the European Union. Our cloud based services procured through the government framework agreements, and assessed against the national cyber security centre cloud security principles.
We want to assure you that no third parties have access to your personal information unless the Law allows them to do so.
What we may also be required to do with it
The information may be shared with other Regulators in line with the principles of the Scottish Regulators Strategic Code of Practice for compliance and risk mitigation purposes. This is limited to circumstances where the law allows such sharing of information by regulators (e.g., Scottish Government, FSA, APHA, DEFRA, etc. ) with common interests or activities
Your rights
You have a right to see the information we hold on you by making a request in writing to the email addresses below. If at any point you believe the information we process on you is incorrect you can request to have it corrected. If you wish to raise a complaint on how we have handled your information, you can contact our Data Protection Officer who will investigate the matter.
If you are not satisfied with our response or believe we are not processing your information in accordance with the law you can complain to the Information Commissioner’s Office (ICO) at: www.ico.org.uk.
Our Data Protection Officer at Food Standards Scotland is the Head of Corporate Services who can be contacted at the following email address: dataprotection@fss.scot