At the heart of the Horizon Family Members Redress Scheme lies a clear commitment to safeguarding the personal information of those who apply for recognition and redress. This post provides a professional overview of how we collect, handle, and share personal data throughout the application process, with emphasis on transparency, security, and accountability.
What data we collect
– Identity and contact information: name, date of birth, previous names or aliases, current address, email address, and telephone number.
– Relationship and eligibility details: evidence of family relationship to the applicant or other qualifying criteria, such as dates of service, roles, or circumstances relevant to eligibility.
– Application data: the reason for applying, the grounds for redress, supporting statements, and any documents submitted to establish entitlement.
– Verification information: identity verification documents, such as government-issued IDs, and information required to confirm eligibility and any specific criteria set out by the scheme.
– Communications and correspondence: records of interactions with applicants, including notes from interviews, decisions, and any requests for additional information.
– Consent and preferences: records of consent given for processing, data-sharing notifications, and preferences regarding how information is used.
How we collect data
– Direct submissions: applicants provide information through secure online portals, paper forms, or approved channels as part of the registration and redress process.
– Documentation provided: supporting documents such as identity proofs, certificates, or service-related records supplied to establish eligibility.
– Automated data capture: systems may automatically collect metadata, timestamps, and activity logs related to application submissions to support processing and auditing.
– Verifications and cross-checks: data may be collected from reliable third-party sources or partner organisations when required to verify eligibility or to corroborate information supplied.
How we handle data securely
– Lawful basis for processing: we process personal data in line with applicable data protection laws and regulatory guidance, ensuring processing is necessary and proportionate for the purposes of the scheme.
– Data minimisation: we collect only information that is relevant and required to assess eligibility, determine entitlement, or fulfil statutory duties.
– Access controls: access to personal data is restricted to authorised personnel who require it to perform their duties, with role-based permissions and strict authentication.
– Encryption and storage: data stored in secure environments with strong encryption for both at-rest and in-transit data, and regularly reviewed security controls.
– Data integrity and accuracy: we implement measures to keep data accurate, complete, and up-to-date, and provide mechanisms for applicants to correct information when appropriate.
– Retention and destruction: personal data is retained for a defined period in accordance with legal, regulatory, and policy requirements, after which it is securely disposed of.
– Data subject rights: applicants have rights to access, rectify, erase, restrict processing, and object to processing in line with applicable laws; procedures are in place to respond to such requests within required timeframes.
– Privacy by design: data protection considerations are integrated into the design and operation of processes and systems related to the scheme.
How we share data
– With scheme-related bodies: information may be shared with trusted partner organisations and administrative bodies involved in processing applications, assessing eligibility, or delivering redress, subject to legal safeguards.
– With audit and compliance entities: data may be disclosed to regulatory authorities or independent auditors to support oversight, reporting, and accountability.
– For purposes of natural justice and appeals: if an applicant engages in an appeal or review process, relevant data may be shared with reviewers or adjudicators as required to ensure a fair process.
– With identified data processors: where we engage external service providers (for example, for secure storage, IT services, or document processing), data shared is governed by data processing agreements that specify handling, security, and retention obligations.
– International transfers: where applicable, transfers to countries outside the EEA are conducted with appropriate safeguards in place, in line with data protection requirements.
– Data minimisation in sharing: we only share the minimum necessary data to achieve the intended purpose and ensure that recipients are bound by confidentiality and security obligations.
Transparency and governance
– Privacy notices: applicants are provided with clear information about what data we collect, why we collect it, how we use it, who we may share it with, and how long we will retain it.
– Governance framework: the scheme operates under a governance structure that oversees data protection compliance, risk management, and incident response.
– Data protection impact assessments: where data processing poses higher privacy risk, assessments are conducted to identify, mitigate, and monitor those risks.
– Security incident management: breaches or suspected incidents are reported promptly, investigated, and managed in accordance with legal and regulatory requirements, with affected individuals notified as required.
Applicant responsibilities
– Providing accurate information: applicants should ensure that the information they provide is complete and truthful to support a fair assessment.
– Keeping information up-to-date: where contact details or circumstances change, applicants should notify the scheme to ensure communications remain effective.
– Reviewing privacy information: applicants are encouraged to review the privacy notices and understand how their data will be used, stored, and shared.
What applicants can expect
– Clear timelines and decisions: applicants will be informed about the processing steps, expected timelines, and the outcome of their registration or application.
– Fair processing: decisions are made based on the information provided and relevant criteria, with appropriate opportunities to supply additional information or clarification.
– Respect for privacy: we are committed to treating personal data with respect, protecting sensitive information, and limiting access to those who need it for legitimate purposes.
If you are preparing and submitting an application for the Horizon Family Members Redress Scheme, this overview aims to provide a concise understanding of how your personal data will be managed. For detailed information, you should refer to the scheme’s full privacy notice and any accompanying guidance, which outline the specific purposes, lawful bases, retention periods, and contact points for data protection inquiries.
July 14, 2026 at 11:30AM
指引:Horizon 家属成员赔偿计划隐私通知
https://www.gov.uk/government/publications/horizon-family-members-redress-scheme-privacy-notice
关于我们如何收集、处理及分享申请注册参加 Horizon 家属成员赔偿计划的个人信息的详细信息。


Our Collaborations With