Trading Standards - privacy notice

The Trading Standards Service is committed to protecting and respecting your privacy when you use our services. This privacy policy states out how and when we use personal information in order to be able to assist you with your request or to enable us to investigate fully. Some of this information will be recorded and stored on our systems.

How do we collect information from you?

We collect information from you when you visit www.derby.gov.uk, when you fill in any forms using our customer portals or on our website, including myAccount; also when you contact us in writing, speak to us on the phone, by email or any other type of electronic communication, or talk to us face to face. We may collect information from a setting you attend, such as a school or care home, where this data collection is necessary for the following purposes listed.

What types of information do we collect from you?

We collect different categories of information about you, depending on the service you want from us and/or the reason why we need to process information relating to you. This could be personal information (for example your name and address), or other more sensitive data that we would only collect and use in very particular circumstances that are set out in law.

Should you wish to exercise your statutory rights, outlined below, then we may request information from you to verify your identification such as a copy of your passport or driving licence. 

Details of information obtained from third parties?

We receive information and referrals that include personal data form a wide range of partners such as:

• HM Revenues and Customs
• Public Health England
• Food Standards Agency
• Defra
• Fire and Rescue
• the Police
• Citizens Advice

We also receive similar information from other Derby City Council Departments, other Local Authorities and members of the public.

How is your information used?

We use the information collected to enable us to contact you in relation to investigation of complaints or to keep you informed on new guidance or legal requirements. In the case of investigations, inspections or complaints, the information may be used to investigate breaches of the law.

We may use your information to:

• process applications
• investigate complaints
• investigate any relevant illegal activity
• check compliance with any licence, permit, consent or registration
• take legal action
• prevent crime
• prevent fraud and misuse of public funds
• issue invoices and process payments
• carry out our statutory obligations
• notify you of changes to our services
• send you communications which you have requested, or that may be of interest to you
• fulfil our legal obligations under-
  • Administration of Justice Act 1970
  • Agriculture Act 1970
  • Agriculture (Miscellaneous Provisions) Act 1968
  • Agriculture Produce (Grading and Marking) Act 1928
  • Animal Health & Welfare Act 1984
  • Animal Welfare Act 2006
  • Anti Social Behaviour Act 2003
  • Business Names Act 1985
  • Business Protection from Misleading Marketing Regulations 2008
  • Children & Young Persons Act 1933
  • Children & Young Persons (Protection from Tobacco) Act 1991
  • Classification, Packaging and Labelling of Dangerous Substances Regulations 1984
  • Clean Air Act 1993
  • Clean Neighbourhoods and Environment Act 2005
  • Companies Acts 1985 and 2006
  • Consumer Credit Act 1974
  • Consumer Protection Act 1987
  • Control of Pollution Act 1974
  • Copyright, Designs and Patents Act 1988
  • Criminal Justice Act 1988
  • Criminal Justice and Police Act 2001
  • Criminal Attempts Act 1981
  • Consumer Protection Form Unfair Trading Regulations 2008
  • Consumer Rights Act 2015
  • Control of Horses Act 2015
  • Disability Discrimination Act 1995
  • Dogs Act 1906
  • Education Reform Act 1988
  • Energy Conservation Act 1981
  • Enterprise Act 2002
  • Estate Agents Act 1979
  • European Communities Act 1972
  • Explosives Act 1875
  • Explosives Act 1923
  • Explosives (Age of Purchase etc) Act 1976
  • Fair Trading Act 1973
  • Farm and Garden Chemicals Act 1967
  • Food and Environmental Protection Act 1985
  • Food Information to Consumers Regulations 2014
  • Food Information Regulations 2014
  • Food Safety Act 1990
  • Food Safety and Hygiene (England) Regulations 2013
  • Forgery and Counterfeiting Act 1981
  • Fraud Act 2006
  • General Product Safety Regulations 2005
  • Hallmarking Act 1973
  • Health Act 2006
  • Health and Safety at Work etc Act 1974
  • Insurance Brokers (Registration) Act 1977
  • Insurance Companies Act 1981
  • Intoxicating Substances (Supply) Act 1985
  • Licensing Act 2003
  • Magistrates Courts Act 1980
  • Medicines Act 1968
  • Mock Auctions Act 1961
  • Motor Cycle Noise Act 1987
  • Offensive Weapons Act 1996
  • Petroleum (Consolidation) Act 1928
  • Petroleum (Transfer of Licences) Act 1936
  • Police and Criminal Evidence Act 1984
  • Poisons Act 1972
  • Prices Acts 1974 and 1975
  • Proceeds of Crime Act 2002
  • Property Misdescriptions Act 1991
  • Protection of Animals Act 1911
  • Protection of Animals (Amendment) Act 1954
  • Public Health Act 1961
  • Public Health (Control of Disease) Act 1984
  • Regulatory Enforcement and Sanctions Act 2008
  • Road Traffic Acts 1988 & 1991
  • Road Traffic (Foreign Vehicles) Act 1972
  • Road Traffic Regulation Act 1984
  • Scotch Whisky Act 1988
  • Solicitors Act 1974
  • Telecommunications Act 1984
  • The Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013
  • Theft Acts 1968 and 1978
  • Timeshare Act 1992
  • Tourism (Sleeping Accommodation Price Display) Order 1977
  • Trade Descriptions Act 1968
  • Trade Marks Acts 1938 & 1994
  • Trading Representations (Disabled Persons) Act 1958 Trading Stamps Act 1964
  • Unsolicited Goods and Services Act 1971
  • Video Recordings Act 1984
  • Weights and Measures Acts 1976 and 1985
  • and all amendments, Orders and Regulations issued for the above legislation

COVID-19/Coronavirus

Coronavirus has been added as a notifiable disease under the Health Protection (Notification) Regulations 2010. Under the Public Health (Control of Disease) Act 1984 and associated Regulations; the Council has a legal duty to store, process and share personal information. The information will be stored, processed and shared as part of investigations into COVID-19 cases and outbreaks and issues of non-compliance with the acts and associated regulations. The information will also be used; interrogated and mapped to inform the Councils actions and decision-making processes. Any such storage, processing or sharing of information will be done in the public interest in order to promote health and wellbeing.

During the investigation of cases and/or outbreaks of Coronavirus, information which is gathered may be shared between departments within Derby City Council; with other Councils associated with an outbreak; other health services or with other government bodies associated with the control of the Coronavirus. The Council has a duty to notify national Government bodies, such as the UK Health Security Agency and the relevant local authority where an individual resides (if different), where there are suspected Coronavirus cases. The Council will disclose the information under Article 9(2)(j) of the UK GDPR (processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health), and confidential information may be lawfully disclosed in the public interest, without consent, where the benefits to an individual or to society outweigh both the individual’s and the public interest in maintaining the confidentiality of such data.

The Council may contact staff, service users, residents, patients, businesses and premises with messages relating to Coronavirus by text, phone, letter or email. This contact is not direct marketing; therefore we do not need your Consent before contacting you. There is more information available on the Information Commissioners Office's website.

We may use contact details held in Council systems to ensure that we are able to contact you, and to ensure that we are working from accurate and up to date information. Such information will be accessed and processed where it is necessary to comply with our legal obligations and public tasks arising from the Coronavirus Act 2020, the Health Protection (Notification) Regulations 2010 and the Public Health (Control of Disease) Act 1984, the Care Act 2014 and associated Regulations.

Research and statistics

Anonymised and pseudonymised data may be used for research and statistical purposes. Any data collected may be used for research and statistical purposes that are relevant and compatible with the purpose that the data was collected for.

Who has access to your information?

We do not share your information with anyone else unless we are required to do so by law or it is necessary to provide our services to you. We may share your information with the following:

• Internal:
  • Building Control, Community Safety and Housing – we may pass on information to enable them to meet their statutory obligations.
  • Environmental Protection – if your enquiry concerns issues that our colleagues may be able to assist you with, for example relating to flue extraction, noise or waste control.
  • Licensing – we share information with licensing if we consider a license may be required, e.g. sale of alcohol.
  • Food Safety – we will pass on information to enable them to meet their statutory obligations. Land Charges – we share information with land charges if we serve a legal notice on a business.
  • Planning – we may need to pass on information, for example in relation to a new business, where there may be planning implications.
  • Social Service in relation to safeguarding
• External:
  • Derbyshire Fire and Rescue – we may share information if possible fire safety issues arise during the course of a visit.
  • Public Health England – we share your information to meet their statutory obligations, especially relating to the investigation of food poisoning outbreaks.
  • HM Revenues and Customs - we share your information to meet their statutory obligations. Police – we may share information, in connection with an investigation.
  • Food Standards Agency – we may share information/intelligence with the national regulators and other Trading Standards Departments to meet their statutory and legal obligations

We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

We may share information in accordance with the National Fraud Initiative. For more information please refer to:

• GOV.UK - National Fraud Initiative
• Our National Fraud Initiative page

What are your rights?

• Access – you can request copies of any of your personal information that is held by the Council.
• Rectification – you can ask us to correct any incorrect information.
• Deletion – you can ask us to delete your personal information. The Council can refuse to delete information if we have a lawful reason to keep this.
• Portability – you can ask us to transfer your personal data to different services or to you.
• Right to object or restrict processing – you have the right to object to how your data is being used and how it is going to be used in the future.
• Right to prevent automatic decisions – you have the right to challenge a decision that affects you that has been made automatically without human intervention, for example an online form with an instant decision.

How long will we keep your information for?

The information we collect is carefully stored electronically. Once the business is closed it is retained for seven years.

Information collected to fulfil our responsibility as the Petroleum Authority would be kept indefinitely.

We keep and dispose of all records in line with our record retention schedule. We will comply with Data Protection legislation.

What security precautions are in place to protect the loss, misuse or alteration of your information?

We are strongly committed to data security and will take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard the information you provide to us. However, we cannot guarantee the security of any information you transmit to us. We recommend that you take every precaution to protect your personal information.

Keeping your data up to date

We want to ensure any information we hold is accurate. You can help us by promptly informing us of any changes to the information we hold about you.

Under 13

If you are accessing online services and are under the age of 13‚ please ask for your parent or guardian's permission beforehand whenever you provide us with personal information

Cookies

Cookies are small text files which identify your computer to our servers. They are used to improve the user experience. View what cookies we use and how you can manage them.

IP addresses

Internet Protocol (IP) addresses are collected when our site is used:

• for statistical or analytical purposes
• to identify any malicious activity.

Complaints

If you would like to make a complaint regarding the use of your personal data you can contact our Data Protection Officer:

• By post: Information Governance, Council House, Corporation Street, Derby, DE1 2FS
• By phone: 01332 640763
• By email: data.protection@derby.gov.uk

For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner's Office (ICO):

• By post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
• By phone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number

Alternatively, visit ico.org.uk or email casework@ico.org.uk.