Privacy notice: Trading Standards

Contents

  1. Introduction
  2. Who we are
  3. The data we collect
  4. Who we collect data on and from
  5. Why we collect your personal information
  6. Who we may share your personal data with
  7. How long we will keep your personal information
  8. Legal basis of processing
  9. How we keep your personal information secure
  10. Using your personal information overseas
  11. What are your rights
  12. Contact us

1. Introduction

This notice provides additional privacy information regarding the types of personal information we may collect about you when you interact with us. It also explains how we will store and handle that information, as well as keep it safe and secure.

We will keep our privacy notice under regular review and will advise you of any updates on our website.

2. Who we are

The Trading Standards Service collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the United Kingdom General Data Protection Regulation ('UK GDPR') and the Data Protection Act 2018. South Tyneside Council (The Council) are responsible as 'controller' of that personal information.

The Council is a competent authority for the purposes of Part 3 of the DPA 2018 because we have legal powers to prosecute trading standards offences. This means that we can process personal data for law enforcement purposes.

The Trading Standards service is responsible for creating and maintaining a safe and fair trading environment where South Tyneside businesses can operate and grow, and consumers can engage in their economic activity with confidence. We provide advice to businesses to support compliance with regulations, investigate complaints, undertake inspections and testing and we prevent, detect and prosecute crime.

3. The data we collect

The data we collect from you and about you is determined on a case by case basis on what we need to do our role and can consist of:

  • your name, contact details, National Insurance number, passport number, driving licence number, gender, information about any current and past criminal offences (including alleged) and convictions
  • health and medical data, including disabilities information relating to employment history
  • financial information, bank and building society accounts
  • electronically held information such as held on devices such as computers, laptops, mobile phones and remote and off-site storage
  • business names (trading names, company name), date of incorporation
  • data contained in any emails, notes or conversations between you and us
  • data held on call blocking devices installed on behalf of consumer

We'll only gather the minimum amount of data we need in order to do our job.

4. Who we collect data on and from

We collect data on and from:

  • consumers
  • traders
  • complainants
  • businesses
  • victims
  • witnesses

We also receive information from:

  • the Police
  • other enforcers, ombudsmen, or regulators, such as the Health and Safety Executive, National Crime Agency
  • government departments, such as HMRC, the Department for Work and Pensions, Department for Environment, Food and Rural Affairs, Department for Business, Energy and Industrial Strategy and Food Standards Agency
  • other local authorities
  • trade associations
  • judicial agencies, such as the Court Service, the Crown Prosecution Service (CPS), as well as bailiffs and court officials
  • Citizen's Advice consumer service
  • intelligence databases as other authorities (Memex and IDB) and the National Anti-Fraud Network

5. Why we collect your personal information

In general

Performance of our statutory duties of inspection, investigation, enforcement, surveillance and monitoring.

Business premises

We inspect and monitor commercial premises to check that they adhere to the required standards, as well as managing and monitoring of registrations, certifications and licensing. For instance, we find out whether shops are carrying out the proper checks before selling age-restricted products.

We also monitor businesses to protect the public in matters concerning fair trading, product safety, the accuracy of weights and measures, animal feed safety and hygiene.

Business services and public services

We provide a service to firms that have a need for Trading Standards advice.

We keep details of our customers and the business matters they raise with us.

Complaints and investigations

Acting upon information, intelligence and complaints sent to us to conduct enquiries and investigations into allegations of criminal and civil law offences.

We also use information in the prevention and detection of crime, safeguarding and overall to protect the interests of the public.

Sharing intelligence and tackling fraud

We exchange information about suspected offenders because many of the issues we deal with are not confined to South Tyneside.

Details on organisations we share information with are listed on this page.

Trademark protection

We collect the names and contact details of people who represent the interests of trademark holders. Their expertise helps us identify counterfeit goods.

Service improvement and to comply with our duties

To enable development of policies and strategies, to comply with governmental department research and statistic returns, account for our decision-making and to overall improve our services we offer.

6. Who we may share your personal data with

We may share your information with:

  • Police
  • other enforcers, ombudsmans or regulators, such as the Health and Safety Executive, National Crime Agency
  • government departments, such as HMRC, the Department for Work and Pensions, Department for Environment, Food and Rural Affairs, Department for Business, Energy and Industrial Strategy and Food Standards Agency
  • other local authorities
  • trade associations
  • judicial agencies, such as the Court Service, the Crown Prosecution Service (CPS), as well as bailiffs, court officials and expert witnesses
  • Citizen's Advice consumer service
  • intelligence databases as other authorities (Memex and IDB) and the National Anti-Fraud Network

If we do need to share information, we only pass on as much as is needed to do a proper job.

We use formal information sharing agreements where we can.

7. How long we will keep your personal information

Generally, we may keep the information for 6 years after we close a file.

We may reduce or extend this period if required by law or our legitimate interests.

8. Legal basis of processing

Trading Standards have a very varied role, from helping and protecting consumers and businesses to prosecuting offenders, and as such the legal basis for processing data is also varied under the Data Protection Act 2018.

Most of our Trading Standards work is done to fulfil:

  • a public task
  • a legal obligation

In limited circumstances our work might also involve processing data to:

  • protect a person's vital interests (this is a life or death situation)

We collect personal data in order to enable us to carry out our duties in connection with relevant legislation, which include:

  • Consumer Rights Act 2015
  • The Consumer Protection from Unfair Trading Regulations 2008
  • Trade Marks Act 1994
  • Enterprise Act 2002
  • General Product Safety Regulations 2015
  • Public Safety Act 1961
  • Proceeds of Crime Act 2002
  • Animal Health Act 1981
  • Care Act 2014
  • Weights and Measures Act 1985

Sometimes, we may process data which includes information on sensitive matters, such as your ethnic, political or religious affiliations or your health status.

This is legally classed as 'special category' data. We take care only to process it with an appropriate legal justification as follows:

  • to protect vital interests
  • for reasons of substantial public interest
  • for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standard of healthcare and of medicinal products or medical devices

Where we're processing data for purposes of criminal law enforcement, our lawful bases are found under parts 2 and 3 of the Data Protection Act 2018.

We're considered a 'competent authority' for law enforcement purposes, as we have legal powers to prosecute for trading standards offences.

All work we carry out as part of our law enforcement duties falls within the criteria of section 31 of Data Protection Act 2018, which is:

"the prevention, investigation detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security."

In addition, the Local Government Act 2000, section 2 states that South Tyneside Council, as a local authority, has the power to do anything which they consider is likely to achieve any one or more of the following objects:

(a) the promotion or improvement of the economic well-being of their area

(b) the promotion or improvement of the social well-being of their area

9. How we keep your personal information secure

Information provided to Trading Standards is held securely on our network.

Only officers working within Trading Standards and system administrators have access to these records.

10. Using your personal information overseas

We will not process your personal information outside of the UK.

11. What are your rights

Your individual rights are set out in law. 

Subject to some legal exemptions, you have the following rights:

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Rights in relating to automated decision making and profiling

12. Contact us

If you would like to exercise your rights in relation to your personal information, or you feel that something has gone wrong with your personal information, you can contact us in either of the following ways:

By email: data.protection@southtyneside.gov.uk

By telephone: 0191 424 6539

In writing:

South Tyneside Council
Information Governance
Town Hall and Civic Offices
South Shields
NE33 2RL

If you feel that the Council has not handled your information correctly you can contact the Information Commissioner's Office (ICO).

The ICO is the Government's Independent Body responsible for overseeing data protection. 

In most cases the ICO will only review cases that have exhausted the Council's internal procedures.