Privacy notice

14th November 2025

The Royal Navy is part of the Ministry of Defence (MOD).

The MOD is the data controller for the personal information we collect and process via this website.

If you have any questions about this notice or how we handle your data, please contact the MOD Data Protection Officer:

Data Protection Officer (DPO)
Ground Floor, Zone D
Main Building
Whitehall
London
SW1A 2HB
Email: [email protected]

The MOD is registered with the Information Commissioner’s Office (ICO), registration number Z675783X.

Full details of the Ministry of Defence Privacy Notice can be found here:
https://www.gov.uk/government/publications/ministry-of-defence-privacy-notice

We may collect and process the following categories of personal information:

• Information you provide through web forms or correspondence (e.g. name, contact details, email address).

• Technical information, including IP address, browser type, and operating system.

• Usage data, such as pages visited and time spent on the site.

• Information collected via cookies and analytics tools (see our separate Cookie Policy). 

We do not use this data to identify individuals unless required for security, legal, or operational reasons.

Certain features of our website may allow you to interact using voice commands through your device’s microphone (for example, to assist with accessibility or navigation).

When you use a voice feature:

• Your audio recording (the sound of your voice) is captured temporarily.

• We may create a text transcription of your speech to process your request.

• Technical metadata (such as language setting, time, or browser type) may also be collected.

 We do not use voice data for identification, profiling, or any purpose unrelated to providing the requested service.

For the Chat to Atlas (NextWave) functionality, voice input is processed solely to understand your spoken request and deliver an appropriate corresponding response. Voice data is processed by Voxly Digital and Tavus - third-party processors who comply with the UK GDPR and MOD data security standards.

We process voice input data based on your consent, which is given when you activate and use the microphone feature.

You may withdraw consent at any time by disabling microphone access in your browser or device settings.

• Audio data is processed in real time and not retained after your request is completed.

• If text transcriptions are temporarily retained for system performance or troubleshooting, they are deleted or anonymised within 30 days.

If processing involves a service hosted outside the United Kingdom, we ensure that adequate safeguards, such as UK-approved Standard Contractual Clauses or an adequacy decision, are in place to protect your information.

We process personal data only when necessary to:

• Operate and improve our website and digital services.

• Respond to your enquiries or feedback.

• Maintain site security and detect misuse.

• Meet our legal and regulatory obligations.

We do not sell or share your personal information for commercial marketing purposes.

We process your personal data under one or more of the following lawful bases, as defined by Article 6 of the UK GDPR:

• Consent – when you actively agree to provide information (e.g. via a contact form or when using voice input).

• Legitimate interests – to operate, improve, and secure the website, provided these interests do not override your fundamental rights.

• Legal obligation – where processing is required to comply with the law or fulfil MOD statutory duties.

We use cookies and similar technologies to collect analytics data and improve user experience.

Where required, we obtain your consent before placing non-essential cookies.

You can manage or withdraw cookie consent at any time through the on-site cookie banner or your browser settings.

For further information, see our Cookie Policy.

We retain personal data only for as long as necessary to fulfil the purposes outlined above, unless a longer period is required by law, regulation, or defence policy.

We have appropriate technical and organisational measures in place to prevent unauthorised access, loss, misuse, or disclosure of your information.

Contractors and partners are bound by MOD data security policies and confidentiality agreements.

We may in some circumstances share your data with third parties, including service providers and other Civil Service bodies.

We require all third parties to respect the security of your data and to process it lawfully and fairly.

We may in some circumstances transfer your personal information outside the United Kingdom.

Where we do so, we ensure an equivalent level of protection through appropriate safeguards, such as the UK’s approved Standard Contractual Clauses or recognised adequacy decisions.

Under the UK GDPR, you have the right to:

• Access your personal data.

• Request correction or deletion.

• Object to or restrict processing.

• Request data portability.

• Withdraw consent (where processing is based on consent).

You can exercise these rights by contacting the MOD Data Protection Officer.

If you are dissatisfied with how we handle your data, please contact the MOD Data Protection Officer in the first instance.

You also have the right to complain to the Information Commissioner’s Office (ICO):

Website: www.ico.org.uk 
Telephone: 0303 123 1113
Post:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

We understand the importance of protecting children's privacy online.

Our services are not designed for, or intentionally targeted at, children 13 years of age or younger.

It is not our policy to intentionally collect or maintain data about anyone under the age of 13.

We may modify or amend this privacy notice at our discretion at any time.

When we make changes to this notice, we will amend the last modified date at the top of this page. Any modification or amendment to this privacy notice will be applied to you and your data as of that revision date.

We encourage you to periodically review this privacy notice to be informed about how we are protecting your data.

Please see https://www.gov.uk/guidance/report-a-vulnerability-on-an-mod-system for information on how to report a vulnerability at HackerOne and our Vulnerability Disclosure Policy.