Privacy Notice: Registration of Interest for the St. Paul's Cathedral Memorial Service
Published 16 December 2025
© Crown copyright 2025
This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.
Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.
This publication is available at https://www.gov.uk/government/publications/privacy-notice-registration-of-interest-for-the-st-pauls-cathedral-memorial-service/privacy-notice-registration-of-interest-for-the-st-pauls-cathedral-memorial-service
This notice sets out how we will use your personal data, and your rights, specifically regarding the Register your interest form for the St. Paul’s Cathedral Memorial Service. It is made under Articles 13 and/or 14 of the UK General Data Protection Regulation (UK GDPR).
1. Your data
1.1 Purpose
The purpose for which we are processing your personal data is to manage the registration of interest process for the National Service of Remembrance for the infected blood community, to be held at St. Paul’s Cathedral on 19 May 2026.
We will use your data to:
- Gauge attendance numbers to assist the Memorial Committee in planning the event.
- Contact you with updates, surveys, and further details regarding the event.
- Manage the allocation of places.
1.2 The data
We will collect and process the following personal data provided by you via the registration form:
- Personal Contact Details: First Name and Surname , and Email address.
- Attendance Preferences: Your desire to attend the service on 19 May 2026 and your request to register interest for up to two additional guests.
- Connection to the Community: Information regarding your professional or personal relationship to the community (e.g., if you are a recognised legal representative, campaigner, MP, or work for a relevant charity).
Special Category Data (Sensitive Data): Because this service is specifically for the infected blood community, we also collect data concerning your health or the health of a loved one. Specifically, we ask if you are:
- Infected through infected blood;
- Affected by infected blood; or
- Infected and affected.
1.3 Legal basis of processing
The legal basis for processing your personal data is: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.
In this case, that is to deliver on the recommendations of the Infected Blood Inquiry (Sir Brian Langstaff’s recommendations on memorialisation) by organising a national service of remembrance.
The legal basis for processing your sensitive personal data (health data regarding infection status) is: processing is necessary for reasons of substantial public interest, specifically to the exercise of a function of the Crown, a Minister of the Crown or a government department.
In this case, we need to process this information to ensure that members of the infected blood community are prioritised for attendance at the memorial service, ensuring the event properly serves those for whom it is intended.
1.4 Recipients
As your personal data will be stored on our IT infrastructure, it will be shared with our data processors who provide email, and document management and storage services (including Google Forms).
We may also share necessary data with:
- St. Paul’s Cathedral (as the venue) for the purposes of logistics, security, and capacity management.
- Third-party ticketing agents (if appointed) strictly for the purpose of issuing tickets to successful registrants.
1.5 Retention
Your personal data will be retained until the conclusion of the Memorial Service on 19 May 2026, plus a reasonable period for administrative wrap-up (such as handling expense claims if applicable). After this period, personal data will be deleted or anonymised in line with Cabinet Office retention policy.
2. Your rights
You have the right to request information about how your personal data are processed, and to request a copy of that personal data.
- You have the right to request that any inaccuracies in your personal data are rectified without delay.
- You have the right to request that any incomplete personal data are completed, including by means of a supplementary statement.
- You have the right to request that your personal data are erased if there is no longer a justification for them to be processed.
- You have the right in certain circumstances (for example, where accuracy is contested) to request that the processing of your personal data is restricted.
- You have the right to object to the processing of your personal data.
3. International transfers
As your personal data is stored on our IT infrastructure, and shared with our data processors, it may be transferred and stored securely outside the UK. Where that is the case it will be subject to equivalent legal protection through an adequacy decision or reliance on Standard Contractual Clauses.
4. Complaints
If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
0303 123 1113
Any complaint to the Information Commissioner is without prejudice to your right to seek redress through the courts.
5. Contact details
The data controller for your personal data is the Cabinet Office. The contact details for the data controller are:
Cabinet Office
70 Whitehall
London
SW1A 2AS
Public Enquiries: Online Contact Form
The Data Protection Officer provides independent advice and monitoring of Cabinet Office’s use of personal information. The contact details for the data controller’s Data Protection Officer are: dpo@cabinetoffice.gov.uk