Privacy Notice for Health and Safety

Information about our privacy notice and how the Royal Borough of Kensington and Chelsea’s Health and Safety team processes your data in accordance with legal requirements.

The Royal Borough of Kensington and Chelsea’s Health and Safety Team (“a data controller”) is committed to protecting the privacy and security of your personal information. Our core obligations under the Data Protection Act 2018 and commitments are set out in the Council's Primary Privacy Notice.

Please note that failure to provide your personal data may lead to you being unable to access our services.

Why we collect your personal data

The Health and Safety team’s functions are set out in the Health and Safety at Work Act 1974. In carrying out these functions, we necessarily collect information on businesses and individuals. You might also provide us with information when you book one of the Public Health Services’ training courses or provide feedback on our service.

We collect information about you if you:

  • Operate a business subject to enforcement by the Health and Safety team,
  • Report a workplace health and safety problem; are involved in a workplace health and safety incident;
  • Submit a complaint or request workplace health and safety advice.

We also collect information about you when you place an order for our training services; or voluntarily provide feedback.

We rely upon the following laws to process your personal data:

  • Health and Safety at Work etc. Act 1974 and regulations made under it
  • Social Security Administration Act 1992
  • Limitation Act 1980 and regulations made under it
  • Health and Safety Executive / Local Authorities Enforcement Liaison Committee HELA. Local Authority Circular 46/2
  • HSE Guidance Note HSG 179
  • Transport Act 1968 and regulations made under it
  • Explosives Act 1875
  • Explosives Act 1923
  • Explosives Regulations 2014
  • Factories Act 1961
  • Greater London Council (General Powers) Act 1973, Section 31
  • Licensing Act 2003
  • London Local Authorities Act 1991
  • Pesticides (Fees and Enforcement) Act 1989
  • Poison Act 1972
  • The Sunbeds (Regulation) Act 2010
  • The Food and Environmental Protection Act 1985

How we obtain this information

Information is given to us voluntarily by you; under a statutory or contractual obligation (such as under the RIDDOR legislation) or is provided to us by other government departments; regulators and enforcing authorities so we can fulfil our public functions

Who we share your personal data with

In order to carry out our functions and respond to enquiries effectively, we will sometimes need to share information with other government departments, the emergency services, law enforcement agencies, public authorities. Examples include the Health and Safety Executive, Environment Agency and the Police. However, we will only do this where it is permitted by law and where appropriate controls are in place.

It may also be disclosed to other departments within the Council (such as Noise and Nuisance Team, Legal Services, Building Control) or external parties for related enforcement purposes or as required by law.

Research is also undertaken to help meet The Health and Safety team’s business objectives and we may use your information to help us improve our service provision. The data will not be used in relation to decisions that affect individuals.

Data retention

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any future legal, accounting, or reporting requirements.

We must continue to retain necessary information in accordance with our corporate records policy to fulfil legal, statutory and regulatory requirements.

Rights of access, correction, erasure, and restriction

You have the right to:

  • ask for your information and there will not be a charge for you to do so. This is known as a subject access request and we act in accordance with this policy
  • ask for your information to be corrected if it is inaccurate or incomplete
  • ask for your information to be deleted or removed where there is no need for us to continue processing it (right to be forgotten)
  • ask us to restrict the use of your information
  • ask us to copy or transfer your information from one IT system to another in a safe and secure way without impacting the quality of the information
  • object to how your information is used
  • challenge any decisions made without human intervention (automated decision making).

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is in our view unreasonable or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

Right to withdraw consent at any time

Where the legal reason for processing your personal information is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of our processing prior to the withdrawal of your consent.

If you do not provide consent, we may not be able to perform the contract we have entered into with you, or we may be prevented from complying with our legal obligations.

If you wish to withdraw consent you will have to put your request in writing to we will process your request as a matter of priority.

Your rights

In addition to the above you have legal rights in relation to your personal information.

You have a right to be informed about how and why your personal information is being processed. This notice fulfils that obligation.

Full details are contained within the Council's Primary Privacy Notice and should be read before consenting to this document.

To ask for access to your information you should contact:

Data Protection Officer

If you wish to raise a concern or discuss any aspect of this notice please contact our Data Protection Officer.

If you are unhappy with the way that we handle your concern you may complain to the Information Commissioner's Office (ICO).

The Information Commissioner's Office deals with concerns and complaints relating to data protection (GDPR) and freedom of information legislation.

Changes to this privacy notice

We may update or revise this privacy notice from time to time and will provide supplementary privacy information as is necessary.