UK GDPR privacy notices Suffolk Coastal Port Health Authority Privacy Notice

Introduction

Suffolk Coastal Port Health Authority (SCPHA) have provided this privacy notice to help you understand how we collect, use and protect your information whilst we enforce legislative provisions for Products of Animal Origin (POAO) and Non-Animal Origin (NAO) imports and exports.

The document below will describe how we may collect and process your personal information.

The purpose of this document is to clearly acknowledge the council’s responsibilities in relation to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Definitions

Personal data means any information related to an identified or identifiable natural (living) person (‘data subject’) i.e. a person that can be directly or indirectly identified by reference to a name, ID reference number, email address, location data, or physical, physiological, genetic, mental, economic, cultural or societal identifier.

Special personal data, previously known as ‘sensitive personal data’, relates to race, ethnic origin, politics, religion, trade union membership, genetic data, biometric data, health, sex life or sexual orientation. Records of criminal personal data must also be treated in a similar way.

Data Controller determines the purposes and means of processing personal data.

Data Processor is responsible for any operation which is performed on personal data on behalf of the controller, e.g. collection, recording, organisation, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or making available, alignment or combination, restriction, erasure or destruction.

Third Party is someone/somebody who is not the Data Controller, the Data Processor or the Data Subject.

Who we are

SCPHA is part of East Suffolk Council. The Port Health Authority is responsible for a district referred to as the Haven Ports which includes the Port of Felixstowe, Harwich and Ipswich.

The council is the ‘data controller’ for the information which is collated and processed. This means we are responsible for deciding how we can use your information. If you want more information regarding the services delivered, please go to our website.

The council regards lawful and correct treatment of personal information as critical to their successful operations, maintaining confidence between the council and those with whom they carry out business. The council will ensure that they treat personal information correctly in accordance with the law. Our services are statutory and are governed by the Local Government Act 1972 (as amended).

Port Health is a statutory service operating under the Authority of East Suffolk Council, established to uphold and enforce a range of public, animal, and environmental health standards at our Felixstowe, Harwich and Ipswich Ports. We confirm that Port Health fulfils all obligations in strict accordance with the relevant Acts of Parliament and statutory instruments as set forth by UK law such as, but not limited to:

  • Prevention of Damage by Pests Act 1949 Part 1
  • Public Health (Control of Disease) Act 1984
  • Food & Environment Protection Act 1985
  • Prevention of Damage by Pests Act 1949, Part 1
  • Public Health Act 1936, Section 287
  • Public Health Act 1961
  • Public Health (Control of Disease) Act 1984, Section 61
  • Water Industry Act 1991, Schedule 6, Part II
  • The Public Health (Ships) Regulations 1979
  • The Public Health (Aircraft) Regulations 1979
  • The Agriculture Act 1970
  • The Natural Mineral Water, Spring Water, and Bottled Drinking Water (England) Regulations 2007
  • The Hydrogen Cyanide (Fumigation of Buildings) Regulations 1951 and the Hydrogen Cyanide (Fumigation of Ships) Regulations 1951
  • Any Order made under paragraph (b) of Section 62(1) of the Medicines Act 1968 and provisions of Section 90 of the said Act and any Regulations made by virtue of that Section
  • The Natural Mineral Water, Spring Water, and Bottled Drinking Water (England) Regulations 2007
  • The Olive Oil (Marketing Standards) Regulations 2003
  • The Materials and Articles in Contact with Food (England) Regulations 2012
  • Trade in Animals and Related Products Regulations 2011
  • The Sea Fishing (Illegal Unreported and Unregulated Fishing) Order under section 30(2) of the Fisheries Act 1981
  • The Organic Products Regulations 2009
  • European Communities Act 1972
  • Official Feed & Food Control (England) Regulations 2009
  • The specified Products from China (Restriction on First Placing on the Market) (England) Regulations 2008 (as amended)
  • The Plastic Materials and Articles in Contact with Food (England) Regulations 2010
  • The Plastic Kitchenware (Conditions on Imports from China) (England) Regulations 2011
  • The General Food Regulations 2004

Our duties include, but are not limited to, monitoring food safety, disease control, animal health, environmental protection, and water quality, ensuring compliance with standards to protect public health and safety.

Port Health is committed to maintaining full compliance with these legal obligations, which form the foundation of our service, reflecting our dedication to safeguarding public health and supporting the smooth operation of the port.

The Data Protection Officer for ESC is Siobhan Martin, Head of Internal Audit, and can be contacted at dataprotection@eastsuffolk.gov.uk.

How the law protects you

UK GDPR says that we are allowed to use personal information only if we have a proper reason to do so. More information on how the law protects you can be found on the East Suffolk website.

Our responsibilities

UK GDPR provides us with main responsibilities for processing personal data. All personal information provided by you is held securely and in confidence by us in our computerised and other records. When we process your personal information, we do so in compliance with UK GDPR. For further information on our responsibilities, please see our website.

Your rights

The UK GDPR and DPA 2018 provide you with the following rights:

  • The right to be informed: You have the right to be informed about the collection and use of your personal data, and this is outlined in this privacy notice.
  • The right of access: You have the right to request access to the personal data we may hold about you. This is undertaken using a Subject Access Request.
  • The right to rectification: You have the right to request that inaccurate personal data we hold is rectified.
  • The right to erasure: In certain circumstances, you have ‘the right to be forgotten’ and have your personal data erased.
  • The right to restrict processing: In certain circumstances, you have the right to request the restriction or suppression of your personal data.
  • The right to data portability: In certain circumstances, you have the right to request to obtain your own personal data for your own use or to give to other organisations.
  • The right to object: In certain circumstances, you have the right to object to your personal data being collated, stored and processed.
  • Rights in relation to automated decision making and profiling: You have the right to request that we do not make our decisions based on solely an automated process, and you can object to an automated decision and ask that a person reviews it in certain circumstances.
  • The right to withdraw consent: In our discretionary service provisions, you have the right to withdraw your consent at any time.
  • The right to complain: You have the right to complain through our complaints procedure, and then to the Information Commissioner. Any requests in relation to your rights with regard to the personal data we hold should be made verbally or in writing to the Data Protection Officer. For further information on your rights, please see the ICO website.

Your responsibilities

You are responsible for making sure you give us accurate and up to date information, and to let us know if any personal information we hold is incorrect.

When do we collect information about you?

We collect information about you from different places, including:

  • Official import, export and vessel documentation that you have submitted to us as an organisation
  • Email enquiries made to your organisation
  • Information you provide to us on the website in order to receive news and technical updates from us
  • You
  • Other local authorities
  • Government department and agencies

What information do we maintain?

The information about you which we will maintain will include:

  • Name
  • Age
  • Gender
  • Nationality
  • Company name
  • Email address
  • Postal address

How do we use your information?

We will be using your information to:

  • Contact you with regards to consignments that you are responsible for.

We will not use your personal data for other purposes other than for what it was collated unless we have obtained your consent or for other lawful purposes (e.g. detection and prevention of fraud). We use systems to make automated decisions about consignments. This helps us to make sure our decisions are quick, fair, efficient and correct based on what we know.

How long do we keep your information?

We will hold your personal information for 3 years plus current year.

Data sharing

We will share your personal information with:

  • We have an obligation to share information about non-compliant consignments with other statutory authorities
  • Animal and Plant Health Agency (APHA), Department for Environment, food and Rural Affairs (DEFRA)
  • Agents and importers acting on your behalf
  • Other law enforcement agencies
  • Maritime Declaration of Health shared with your shipping line/employer
  • Other local authorities
  • Other departments within East Suffolk Council
  • Government agencies
  • Food Standards Agency (FSA): To report on food inspections, import status, and food safety data.
  • UK Border Force: For customs and border security purposes, to support checks on consignments and compliance with import/export regulations.
  • Public Health England, registered medical practitioners and diagnostic laboratories.

Transferring your information overseas

Currently, we do not transfer any personal information outside of the European Economic Area (EEA).

National Fraud Initiative (NFI)

We may share information provided to us with other bodies responsible for auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud. For further information, see the East Suffolk website.