Dudley Metropolitan Borough Council (MBC) Environmental Health & Trading Standards (EHTS)
We are committed to protecting your personal data and ensuring that it is processed fairly and lawfully. Information you provide to us will be processed in accordance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA 2018) and subsequent legislation. For the purposes of Data Protection, Dudley MBC is the Data Controller.
We are the Environmental Safety & Health team (ESH), part of Dudley Metropolitan Borough Council’s Environmental Health and Trading Standards service. We are part of the Health and Wellbeing Division delivered within the People Directorate.
The ESH team’s role is to ensure that industrial & commercial business operating within the Dudley Borough do so without damaging health or the environment. We do this by:
- Issuing permits to prescribed activities
- Investigating complaints of excessive emissions to the environment
- Monitoring and take action to improve air quality
- Providing comments on planning consultations
- Enforcing health & safety provisions at commercial premises
- Investigating accidents, disease and dangerous occurrences
- Reviewing licences for the sale of alcohol
- Regulating businesses involved in animal health & welfare
- Licensing businesses and individuals involved in skin piercing
- Providing advice and guidance to business operators
We also enforce the smoke control order at all premises in the borough.
For more information about our services please see the Dudley Council website.
When we permit or license your business we may collect the following information from you:
- Your name
- Business name
- Address (business address & personal address)
- Telephone number (business & personal number)
- E-mail address (business & personal email address)
- The names of your employees who are individually licensed or play an important role in your business
If you are making a complaint or you are requesting advice we collect the following information:
- Your name
- Telephone number
- E-mail address (if applicable)
When we investigate accidents, disease and dangerous occurrences, we collect the following information:
- Your name
- Your job or business name (if applicable)
- Date of birth
- Telephone number
- E-mail address (if applicable)
- Details of your employment
- Medical information appertaining to the investigation
- Names and contact details of witnesses or others affected
We collect information from you in the following ways:
- Paper forms
- Online forms
- Telephone conversations
- Face to face meetings
- Copies of notifications (accident investigations)
- From other agencies (for example Public Health England, the Environment Agency or other local authorities)
- From copies of certificates
- From other people (for example from people making a complaint about a business or witness to an event)
Legal obligation- Article 6 (1) (c) - processing is necessary for compliance with a legal obligation to which the controller is subject.
Public task-Article 6 (1) (e) – processing is necessary for us to perform a task carried out in the public interest or for our official functions.
When we investigate infectious disease, the lawful basis for processing is under Article 6 (1) (e), public task, and Article 9- processing is necessary for reasons of public interest in the area of public health.
Legislation enforced by the service includes:
- Animal Welfare Act 2006 & subservient regulations
- Clean Air Act 1993
- Control of Pollution Act 1974
- Environment Act 1990
- Pollution Prevention and Control Act 1999
- Environmental Protection Act 1990
- Health & Safety at Work etc Act 1974
- Prevention of Damage by Pests Act 1949
- Zoo Licensing Act 1981
The information we collect is used for the following purposes:
- To register/approve and regulate businesses and check compliance with relevant laws
- To hold to account business operators who fail to comply with the law
- To investigate complaints concerning health & the environment
- To investigate accidents, diseases and dangerous occurrences
- To provide updates on the progress of investigations
- To offer advice and guidance to businesses and members of the public.
Details of businesses may be shared with the Environment Agency, The Health and Safety Executive and other Government Departments and Local Authorities.
Under prescribed circumstances, for example the prevention and detection of crime or for tax collection purposes, we may share business or business operators personal information with:
- The Police
- Home Office Immigration
- Other Dudley MBC service areas, for example, planning, building control, licensing, revenues and benefits
- Other central government departments and local authorities
We share personal details relating to accident investigations and cases of infectious disease with the Health & Safety Executive and Public Health England.
We are committed to protecting personal data and have data policies and procedures in place to ensure that it is safeguarded. Contact information is held securely on the database service used. All staff undertake regular training in data protection and managing personal information.
Information is kept in accordance with our retention policy. After we deliver a service to you, we keep your information as a business record of what was delivered. The retention period is 7 years.
Personal information processed outside the European Economic Community (EU)
We do not process your personal information outside the EU unless you specifically request us to do so, for example on an export certificate.
At no time will your information be passed to organisations external to us or our partners for marketing or sales purposes or for any commercial use without your prior express consent.
National Data Opt-Out and use of NHS data.
Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a Care or Patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.
The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:
• improving the quality and standards of care provided
• research into the development of new treatments
• preventing illness and diseases
• monitoring safety
• planning services
This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.
Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.
You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.
To find out more or to register your choice to opt out, please visit Your NHS data matters. On this web page you will:
• See what is meant by confidential patient information
• Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
• Find out more about the benefits of sharing data
• Understand more about who uses the data
• Find out how your data is protected
• Be able to access the system to view, set or change your opt-out setting
• Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
• See the situations where the opt-out will not apply
You can also find out more about how patient information is used at:
NHS UK Information about patients (which covers health and care research); and
Understanding patient data what you need to know (which covers how and why patient information is used, the safeguards and how decisions are made)
You can change your mind about your choice at any time.
Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.
Health and care organisations have until March 2021 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care.
What are your rights?
Your rights are detailed in the Council’s Corporate Privacy Notice
Should you wish to raise any concerns about how we have processed your personal data you can contact the data protection officer, email firstname.lastname@example.org
You also have the right to contact the Information Commissioner.
If you would like a copy of this information in a different format, please email email@example.com