Although the majority of information we collect, and process, for the purposes of Fire Safety Audits and to obtain Site Specific Risk Information is non-personalised, we have designed this privacy notice to help you understand how we would use any personal information that we might have collected from them.

Why do you need to process my information and how will it be used?

We need your information to carry out our statutory duties under the Regulatory Reform (Fire Safety) Order 2005 and Fire and Rescue Services Act 2004, therefore complying with a legal obligation.

Fire Safety Audits:

The Regulatory Reform (Fire Safety) Order 2005 gives us the authority to go into non-domestic buildings to check the fire safety provisions and procedures.

The personal information we are likely to collect for a fire safety audit would be;

  • Name of responsible person
  • Contact details of responsible person
  • Details of any person providing us with information

Under the Order, the responsible person must carry out a fire safety risk assessment and implement and maintain a fire safety management plan. We have a statutory duty to enforce the requirements of the Order and one of the ways we do this is to carry out fire safety inspection work in non-domestic buildings. That work will entail identifying and working with the responsible person. Once we have identified the responsible person, we will keep a record of their name, contact details and all correspondence and documentation completed for the purpose of the audit or managing a fire safety complaint we’ve received. We may also keep a record of any other person providing us with the information i.e. a manager.

If we consider that the responsible person has failed to comply with any provision of the Order, we may consider taking further action. If a fire risk is present, depending on how severe the fire risk is, we can take enforcement action to ensure that the fault is corrected and the risk is eliminated. In certain circumstances we will investigate and prosecute for fire safety failings. Relevant details about the responsible person and (possibly employees) may be gathered from other agencies as part of the investigation process.

Find out more about the Order, our and your regulatory responsibilities as the responsible person and the consequences of not complying 

Site Specific Risk Information:

Under the Fire & Rescue Services Act 2004, we have a duty to extinguish fires and protect life and property in the event of fires and road traffic collisions, and a power to respond to other eventualities that causes or likely to cause, death, injury, illness or harm to the environment.

The Act, places a duty on a Fire Service to obtain and provide information as part of its provision to deal with fires and other emergencies. This information is used by operational personnel during an incident to provide an effective response as well as to safeguard them and the community.

This type of information is normally referred to as ‘risk information’, and to obtain it we identify premises that could pose a risk and undertake an assessment of those risks.

During this process the personal information collected would be contact details so we have a point of contact.

The non-personal information collected helps us during an incident, and would include items such as type and construction of any buildings, occupancy rates, additional hazard details such as type and volume of chemicals or cylinders stored on the site, access and egress routes for fire service vehicles. If classified as a heritage risk, then information can be collected on artefacts to be salvaged. These would only be included with the owner’s consent.

Failure to provide the information may mean you are in breach of the Fire and Rescue Services Act 2004. To find out more about the Fire and Rescue Services Act 2004 click here.

Who will have access to the information?

Fire Safety Audits:

Your information will be stored on an internal system and will be used by staff that require it to undertake their role; to prepare and carry out the audit, progress outcomes from the audit, keep all correspondence and documentation, manage complaints and administer and evaluate processes.

Under the Order we are obliged to publish a public register of Alteration, Prohibition and Enforcement action. In addition, if we consider prosecution all documentation relevant to the prosecution will be disclosed to our legal team. As stated above, we may also approach other regulatory bodies to ascertain who the responsible person is and if the requirements of the Order have been complied with. Where we have a duty to share information with other enforcing authorities we will.

We do receive Freedom of Information requests regarding fire safety audits and there are occasions where the outcomes of the audit are disclosed, if on balance, it is in the public interest to do so. Decisions will be made on a case by case basis, whilst monitoring any outcomes from large scale incidents, such as the Grenfell fire, surrounding fire safety standards and transparency. We will ensure confidentiality of commercially sensitive and protective security information available to us, such as premises plans and access codes, unless we are required by law to disclose it.

Site Specific Risk Visits:

This information is kept securely and used by operational and control staff to manage responses to incidents as well as to maintain contact with the named person to keep the risk information up to date and relevant.

If the building we hold the risk information for is near a county boundary and likely to attract an attending appliance from a neighbouring fire service, the risk information will be shared with that service. Appropriate information will also be disseminated to other Category 1 & 2 responders, such as other emergency and statutory authorities, where a multi-agency response is required, in accordance with our obligations under the Civil Contingencies Act 2004.

To find out more about the Civil Contingencies Act 2004 and Category 1&2 responders click here

How long will you keep hold of my information?

Fire Safety Audits:

The majority of fire safety audit and complaint documentation and any outcomes is kept for a period of 10 years and then reviewed for destruction. .

Site Specific Risk Visits:

This information is kept until superseded; we aim to check risk information annually for those identified as high risk and every 10 years for low risk.

Is there anything else I need to know when it comes to my personal information?

As stated, the majority of information collected and used for technical fire safety and site specific risk information is non-personalised and relevant to the business, however to find out more about the rights you have when it comes to your personal information we have collected and used or who you can contact to discuss it further visit the ‘Your Information Rights‘ page of this website.