Licensing Service: Privacy Notice

This Privacy Notice explains how the Council’s Licensing Service uses your personal information and how we protect your privacy in compliance with our requirements under the Data Protection Act (DPA) 2018 and the General Data Protection Regulation (GDPR). We are required to give you this information under data protection law. This notice applies to any activity involving our use of your personal data, for example, when collecting, storing, sharing, and destroying it.

For more general information about how the Council uses your information and your data rights, please refer to the Corporate Privacy Notice available at

What information we collect

The licensing service may collect some or all of the following information about you as an applicant for a licence, permit or consent:

  • Personal name, address and contact details, including any previous names and addresses
  • Relevant business, company or organisation name, address and contact details
  • Correspondence, emails, letters and notes of telephone conversations
  • Nationality, place of birth, date of birth and national insurance number
  • Medical history
  • Identification documents used to prove your entitlement to work in the UK
  • Passport-style photograph
  • Information relating to criminal convictions, criminal proceedings, convictions and sentences
  • Relevant licensing qualifications
  • Bank account details
  • Driving licence
  • Your image on our CCTV systems if you visit Council or from licensed premises. Any footage is held in line with our corporate retention policy before being erased. This data may be used to investigate complaints or by responsible authorities (statutory consultees) when they apply to review a licence, or shared with the police or law enforcement agencies in relation to the prevention or detection of crime or fraud.

We will only ask for personal information that is appropriate to enable us to deliver our services. In some cases, you can refuse to provide your details if you deem a request to be inappropriate. However, you should note that this may impact on our ability to provide some services to you. If this is the case, we will let you know.

Why we collect your information

We use your data to including but not limited to: 

  • evaluate whether applicants are fit and proper to hold a licence, permit or consent (e.g. gambling, animal welfare, sale of alcohol, provision of regulated entertainment, special treatments, scrap-metal collection, street trading, licensed sex establishments, pavement licence, among others)
  • prevent crime, prevent fraud and misuse of public funds, help safeguard vulnerable adults and children
  • process all licensing applications
  • make relevant and necessary checks for issuing licences
  • produce statistics and reports. Statistics are used so that individuals’ personal data cannot be identified from them 
  • develop policies and strategies 
  • comply with government department research and statistical returns
  • account for our decisions and investigate complaints
  • improve our services

We have a statutory obligation to provide licensing services in compliance with the following relevant legislation (the list is not exhaustive):

  • Local Government Act 1972
  • Safety of Sports Grounds Act 1975
  • Local Government (Miscellaneous Provisions) Acts 1976 and 1982
  • GLC (General Powers) Act 1984
  • Fire Safety & Safety of Places of Sport Act 1987
  • Proceeds of Crime Act 2002
  • Licensing Act 2003
  • Gambling Act 2005
  • Policing and Crime Act 2009
  • Business and Planning Act 2020
  • Scrap Metal Dealers Act 2013
  • London Local Authorities Acts 1990 to 2012 (as amended)
  • Dangerous Wild Animals Act 1976
  • Animal Welfare Act 2006
  • Animal Welfare (Licensing of Activities Involving Animals) (England) Regulations 2018

A limited amount of personal data is required to be held on statutory public registers under the Licensing Act 2003, Gambling Act 2005 and Scrap Metal Dealers Act 2013. This is limited to a licence holder’s name and address (where applicable).

We do not make or use any automated decisions.

We do not send any information we collect about you outside the United Kingdom

Who we share information with

Examples of organisations/bodies that we share information with: 

  • Government agencies (e.g. HMRC, DWP, Home Office, Gambling Commission, Environmental Agency)
  • Health & Safety Executive
  • Police 
  • Fire & Rescue Service
  • NHS
  • Responsible authorities under Licensing Act 2003 and Gambling Act 2005
  • Other local authorities
  • Identified officers within the City of London Corporation, specifically in relation to powers of entry and investigative, compliance and enforcement powers within the borough of Croydon relating to animal welfare and animal health legislation in the Borough 
  • Other Croydon Council teams who support our service may also have access to your personal information to carry out their statutory roles (e.g. Legal Services, Complaints, Croydon Digital Services, Trading Standards, Food & Safety, Neighbourhood Operations, Pollution, Information Management Team, Corporate Anti Fraud Team)
  • HM Courts and Tribunals Service
  • Solicitors and other advocates
  • Your lawyer or representative (if you have instructed one)
  • National Fraud Initiative 
  • Disclosure and Barring Service
  • Litigants or complainants

Unless we are required to provide information to an organisation/body under a statutory requirement, all organisations we pass your information to will have an information-sharing agreement with us to ensure they meet the standards of the GDPR and the DPA 2018, and will be covered by a legal basis allowing them to collect, use and share your personal information. 

The lawful basis on which we use this information

  • Compliance with our legal obligations
  • Tasks carried out in the public interest or in the exercise of official authority
  • Consent

Storing this information

Personal data will not be retained for longer than necessary in relation to the purposes for which it was collected. There is usually a legal reason for keeping your personal information for a set period of time – this ranges from months for some records to years for more sensitive records. 

We hold completed application forms and supporting documents during the lifetime of the licence. Once the licence has lapsed, been surrendered or revoked it is retained for seven years. We securely destroy all information once we have used it and no longer need it.

If you require more information about how long we keep your data, please contact us at

Providing us with accurate information

It is very important that you provide us with accurate information to enable us to process your application more quickly. If any of your details have changed, or change in the future, please inform us as soon as possible so that we can update your records.

If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information. 

Requesting access to your personal data

Under GDPR and the DPA 2018, you have the right to request access to information that we hold about you. To make a request for your personal information, contact the Council’s Information Management Team at

Further information

The GDPR and the DPA 2018 give you a number of rights to control what personal information is used by us and how it is used by us. Information about your data rights is listed in the Council’s Corporate Privacy Notice on the Council’s website at

If you have any questions or concerns about the way we collect, store or use your personal information, please contact in the first instance

For independent advice about data protection issues, you can contact the Information Commissioner’s Office (ICO) at .

We reserve the right to amend this Privacy Notice at any time and will keep it under review. If we do make any changes, we will post the current version to our website at this address.

Last updated: July 2020