The Mercian Regimental Charity is committed to protecting your privacy. When you contact us or visit our websites, your personal information is stored securely and processed fairly as required by the Data Protection Act 2018.
HOW WE COLLECT INFORMATION
We collect personal information when you:
WHAT WE DO WITH THIS INFORMATION
We use the personal information you provide to answer your requests for information, to make improvements to our website and to engage with you if you are purchasing our products.
WHO WILL HAVE ACCESS TO YOUR INFORMATION
Your personal information may be handled by the companies we use as data processors to provide marketing services and process your applications. These companies must comply strictly with our privacy policies that prohibit the use of personal data for their own business purposes. We will not share your information with other organisations (unless we are required to do so by law).
If you agree, the information contained in targeting cookies may be shared with other websites so the advertising displayed on these sites is more relevant to you. No personal data will be shared with other websites – only IP addresses, which identify a specific computer or network device.
HOW LONG DO WE KEEP YOUR INFORMATION?
Your information will be held on our systems for as long as is necessary to answer your requests and maintain a dialogue with those individuals who remain interested in the Mercian Regimental Charity.
WILL I BE CONTACTED BY THE MERCIAN REGIMENTAL CHARITY FOR MARKETING PURPOSES?
We will only contact or send information about the Mercian Regimental Charity to those people who have given us permission to do so.
We will only provide information that is relevant to you. If you choose to receive marketing communications, you can change these preferences whenever you contact us or at any time.
WHAT INFORMATION DO WE HOLD ABOUT YOU?
You can request a report detailing all the information we hold about you by writing to the address on our Contact Us page.
WHAT TO DO IF YOU DON'T WANT US TO CONTACT YOU IN THE FUTURE
Write to the address below asking us not to contact you again or send an email to firstname.lastname@example.org
More information about the Data Protection Act 2018 and your rights can be found on the Information Commissioner's Office website.
The EU General Data Protection Regulation (GDPR) replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data, and creating a uniform data protection law across Europe.
Under the direction of HQ Infantry and the MoD; RHQ, The Mercian Regiment comply with applicable GDPR regulations as a data controller.
The designated GDPR lead is the Regimental Secretary. You can contact the Regimental Secretary through our 'Contact Us' pages.
WHERE DO WE STAND?
We are committed to address EU data protection requirements applicable to us as a data controller.
Our ability to fulfil our obligations as data controller of our ‘customer’s’ personal data is part of our compliance with GDPR. Our responsibility is to contact all parties we hold personal data on and ensure agreements and procedures contain appropriate provisions for personal data we store. We pledge to balance the risks and responsibilities as a data controller.
THIRD-PARTY AUDITS AND CERTIFICATIONS
RHQ, The Mercian Regiment will, as directed, undertake routine ‘independent’ third party audits from HQ Infantry and/or appointed MoD departments responsible for GDPR. The audit is likely to cover internal governance, routine operations, change management and data backups. The audits will confirm we have the appropriate controls and processes in place and that they are actively functioning appropriately.
Third-party audits will offer independent verification that our practices deliver a ‘mandated’ standard of security measures. Furthermore, assuring our system is designed to cover key elements of data processing and integrity. As all ‘customers’ are concerned with their data and its security, RHQ, The Mercian Regiment has integrated controls into our operating procedures. These procedures span the organisation. The key components include:
The GDPR includes certain requirements on data controllers for the portability of personal data. RHQ, The Mercian Regiment does not transport or export ‘customer’ data, therefore, Data portability is Not Applicable.
The organisation pledges to ‘Stay abreast’ of updated regulatory guidance as it becomes available and will consider consulting a legal expert to obtain applicable guidance if deemed necessary. All staff are recommended to (routinely) review the Information Commissioner's website, which is the UK representative within the EU working group: Article 29.