Data Security Policy and Privacy Statement for RHQ GREN GDS
Regimental Headquarters Grenadier Guards (hereafter known as “Grenadier Guards”, the “Regiment” or “We”) has a legitimate interest in holding some basic information about all individuals who have served in, or continue to serve in the Regiment, whether that be in 1st Battalion Grenadier Guards, Nijmegen Company or elsewhere in HM Forces.
Under GDPR 2018 and the Data Protection Act 1998, the Grenadier Guards are committed to data security and to protecting your privacy. We are committed to conducting our routine business in accordance with GDPR and to ensuring that the confidentiality of personal information is always protected. All our electronic files and emails are held and protected on a secure server with appropriate firewalls.
It is our policy to respect your privacy regarding any information we may collect during the conduct of normal Regimental business and while operating our website (www.grengds.com). Accordingly, we have developed this Data Security Policy and Privacy Statement so that you can understand how we collect, use, communicate, disclose and otherwise make use of personal information.
General policy
• Before or at the time of collecting personal information, we will identify the purposes for which information is being collected.
• We will collect and use personal information solely for fulfilling those purposes specified by us.
• At no time will this information be sold or rented to any third parties, without your prior consent. RHQ GREN GDS exists to support and sustain the Regiment; it is not commercially focused and the majority of its activities are not-for-profit.
• Personal data held should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, we aim to ensure that it is accurate, complete, and up-to-date.
• We will protect personal information by using reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
• We will make readily available further information about our policies and practices relating to the management of personal information upon request.
• We will only retain personal information for as long as necessary for the fulfilment of those purposes.
• We may use technology to track the patterns of behaviour of visitors to our website. This can include using a "cookie" which would be stored on your browser. You can usually modify your browser to prevent this happening. The information collected in this way can be used to identify you unless you modify your browser settings.
Use of Photograph(s)
Photograph(s) of Regimental events such as Grenadier Day, Black Sunday, overseas visits and ceremonial highlights are used solely to promote the activities of the Grenadier Guards and may appear in any of our Regimental, electronic or printed communications, or in the Guards Magazine.
Withdrawal of Consent
In compliance with GDPR 2018 and the Data Protection Act 1998, we ask any serving members of the Regiment or members of the Regimental Association who wish their names to be removed from materials displayed on the website to contact us. Likewise, if you find any inaccuracies, please report them immediately and we will delete or correct them promptly.
If we do not receive any instructions to the contrary, we assert that the Regiment has a “legitimate interest” to hold this information.
Data Breach Response
Any data breaches or suspected data breaches are to be reported to the Data Protection
Officer and will be reported onwards to the Information Commissioner's Office (ICO).
Changes
The Grenadier Guards may change this Data Security Policy and Privacy Statement from time to time, at the Grenadier Guards’ sole discretion.
If you have any questions/comments about this statement, please do not hesitate to email the Data Protection Officer (also Regimental Adjutant) on regtladjt@grengds.com
J P W GATEHOUSE
Major (Retired)
Regimental Adjutant
3 July 2025