Skip to main content
Link to Search

Technical fire safety and SSRI

Although the majority of information we collect, and process, for the purposes of Fire Safety Audits and to obtain Site Specific Risk Information is non-personalised, we have designed this privacy notice to help you understand how we would use any personal information that we might have collected from them.

Why do you need to process my information and how will it be used?

We need your information to carry out our statutory duties under the Regulatory Reform (Fire Safety) Order 2005 and Fire and Rescue Services Act 2004, therefore complying with a legal obligation.

Fire Safety Audits:

The Regulatory Reform (Fire Safety) Order 2005 gives us the authority to go into non-domestic buildings to check the fire safety provisions and procedures.

The personal information we are likely to collect for a fire safety audit would be;

  • Name of responsible person
  • Contact details of responsible person
  • Details of any person providing us with information

Under the Order, the responsible person must carry out a fire safety risk assessment and implement and maintain a fire safety management plan. We have a statutory duty to enforce the requirements of the Order and one of the ways we do this is to carry out fire safety inspection work in non-domestic buildings. That work will entail identifying and working with the responsible person. Once we have identified the responsible person, we will keep a record of their name, contact details and all correspondence and documentation completed for the purpose of the audit or managing a fire safety complaint we’ve received. We may also keep a record of any other person providing us with the information, for example, a manager.

If we consider that the responsible person has failed to comply with any provision of the Order, we may consider taking further action. If a fire risk is present, depending on how severe the fire risk is, we can take enforcement action to ensure that the fault is corrected and the risk is eliminated. In certain circumstances we will investigate and prosecute for fire safety failings. Relevant details about the responsible person and (possibly employees) may be gathered from other agencies as part of the investigation process.

Find out more about the Order, our and your regulatory responsibilities as the responsible person and the consequences of not complying.

Find out more about our Business Support Initiative.

Site Specific Risk Information:

Under the Fire & Rescue Services Act 2004, we have a duty to extinguish fires and protect life and property in the event of fires and road traffic collisions, and a power to respond to other eventualities that causes or likely to cause, death, injury, illness or harm to the environment.

The Act, places a duty on a Fire Service to obtain and provide information as part of its provision to deal with fires and other emergencies. This information is used by operational personnel during an incident to provide an effective response as well as to safeguard them and the community.

This type of information is normally referred to as ‘risk information’, and to obtain it we identify premises that could pose a risk and undertake an assessment of those risks.

During this process the personal information collected would be contact details so we have a point of contact.

The non-personal information collected helps us during an incident, and would include items such as type and construction of any buildings, occupancy rates, additional hazard details such as type and volume of chemicals or cylinders stored on the site, access and exit routes for fire service vehicles. If classified as a heritage risk, then information can be collected on items to be salvaged. These would only be included with the owner’s consent. Failure to provide the information may mean you are in breach of the Fire and Rescue Services Act 2004. Find out more about the Fire and Rescue Services Act 2004.

Who will have access to the information?

Fire Safety Audits:

Your information will be stored on an internal system and will be used by staff that require it to undertake their role; to prepare and carry out the audit, progress outcomes from the audit, keep all correspondence and documentation, manage complaints and administer and evaluate processes.

Under the Order we are obliged to publish a public register of Alteration, Prohibition and Enforcement action. In addition, if we consider prosecution all documentation relevant to the prosecution will be disclosed to our legal team. As stated above, we may also approach other regulatory bodies to ascertain who the responsible person is and if the requirements of the Order have been complied with. Where we have a duty to share information with other enforcing authorities we will.

We do receive Freedom of Information requests regarding fire safety audits and there are occasions where the outcomes of the audit are disclosed, if on balance, it is in the public interest to do so. Decisions will be made on a case by case basis, whilst monitoring any outcomes from large scale incidents, such as the Grenfell fire, surrounding fire safety standards and transparency. We will ensure confidentiality of commercially sensitive and protective security information available to us, such as premises plans and access codes, unless we are required by law to disclose it.

Site Specific Risk Visits:

This information is kept securely and used by operational and control staff to manage responses to incidents as well as to maintain contact with the named person to keep the risk information up to date and relevant.

If the building we hold the risk information for is near a county boundary and likely to attract an attending appliance from a neighbouring fire service, the risk information will be shared with that Service. Appropriate information will also be circulated to other “Category 1 and 2” responders, such as other emergency services and statutory authorities such as the Environment Agency, where a multi-agency response is required, in accordance with our obligations under the Civil Contingencies Act 2004.

Find out more about the Civil Contingencies Act 2004 and Category 1 and 2 responders.

How long will you keep hold of my information?

Fire Safety Audits:

The majority of fire safety audit and complaint documentation and any outcomes is kept for a period of 10 years and then reviewed for destruction.

Site Specific Risk Visits:

This information is kept until out of date; we aim to check risk information annually for those sites identified as high risk and at least every 10 years for low risk sites.

Is there anything else I need to know when it comes to my personal information?

Find out more about the rights you have when it comes to your personal information or who you can contact to discuss it further.

Who can I contact about my personal information?

You can contact our Data Protection Officer with regard to any issues related to the processing of your personal information, including exercising any of your rights or making a complaint.

We encourage people to bring to our attention any instances where they think our collection, or use of, information is unfair, misleading or inappropriate.

Data Protection Officer
Joint Police & Fire Headquarters
Butterley Hall
Derbyshire DE5 3RS 

Telephone: 01773 305305

Right to make a complaint to the Information Commissioner's Office

If you wish to complain about any aspect of the handling of your request, then you should contact our Data Protection Officer at:

Data Protection Officer
Joint Police & Fire Headquarters
Butterley Hall
Derbyshire DE5 3RS 

Telephone: 01773 305305

If informal resolution is not possible and you are still dissatisfied then you may apply for an independent internal review by our Chief Fire Officer/Chief Executive.  Please note that any request for an internal review must be made within 40 working days of the date on which the attempt to reach informal resolution has come to an end.

If you remain dissatisfied following an internal review, you may take your complaint to the Information Commissioner.  Please note that the Information Commissioner will not investigate your case until our internal review process has been completed. 

The Information Commissioner’s Office (ICO) is the UK's independent body set up to uphold information rights.  You have a right to lodge complaints with them.

To find out more about them, visit

To contact them, either visit their website, dial 0303 123 1113 or 01625 545745 or write to them at: 

Information Commissioner's Office
Wycliffe House
Water Lane
Cheshire SK9 5AF 

Last updated 30 April 2018

Privacy Policy - Technical Fire Safety and SSRI (pdf 174.92 KB)