Skip to content

Privacy Policy

How R&H Global Protection collects, uses, shares, and protects your personal information, and the rights you have over your data.

Last updated: July 12, 2026

R&H Global Protection ("we", "us", "our") is committed to protecting your privacy. This policy explains how we collect, use, share, and safeguard personal information when you use our website, contact us, or engage our services. It should be read together with our Cookie Policy.

1. Data Controller and Contact

The data controller is R&H Global Protection, established in Israel.
All privacy enquiries and rights requests: info@global-protection.net. Mark your message "Privacy Request" so that it is routed correctly.

2. Information We Collect

2.1 Information you provide through the contact form

When you submit an enquiry through our website contact form, we collect the details you choose to share: your name, email address, phone number, the service you are interested in, location or dates where supplied, and the contents of your message. Please do not send passport numbers, financial-account details, medical information, or other sensitive information through the public contact form. If we need that information, we will ask for it through a secure channel.

2.2 Information provided during an engagement

If you retain our services, we collect further personal data necessary to plan and deliver protection safely — including itineraries, travel and accommodation details, vehicle and movement plans, emergency contacts, next-of-kin details, access credentials, and information about known threats or prior incidents.

2.3 Sensitive and special-category information

Delivering protection safely sometimes requires information that data-protection law treats as sensitive or special category. This may include health, medical, mobility, or dietary information relevant to protective planning and medical response, and, in limited cases, information relating to religious observance, political exposure, or other factors that materially affect threat assessment.
We collect this information only where it is necessary for the engagement, and we rely on your explicit consent, or on the protection of vital interests where a life-safety situation makes consent impossible to obtain. Sensitive information is held under restricted access and shared only with personnel who need it to protect you.

2.4 Operational security data

Where an engagement includes residential security, secure transportation, or cyber security, delivering the service may generate personal data. This can include CCTV and access-control records at a protected site, vehicle location and route data, movement and incident logs, and network or endpoint monitoring data where cyber services are engaged.
The scope, retention, and access controls for this data are agreed in writing before deployment and set out in the engagement agreement. This data is used solely for the protection of the client and the security of the engagement.

2.5 Information about other people

An engagement often involves protecting people other than the person instructing us — family members, principals, staff, or travelling parties. Where you provide personal data about another person, you confirm that you have the authority and a lawful basis to do so and that you have made that person aware of this policy. Where the person is a minor, you confirm that you hold parental responsibility or the consent of a person who does.

2.6 Technical information

We receive limited technical information from the website and its infrastructure, such as IP address, device and browser type, operating system, requested pages, referring URLs, and security logs. Optional Google Analytics and Google Ads technologies are used only after you permit the relevant category through Cookie Settings. See our Cookie Policy.

2.7 Information from representatives and public sources

Where appropriate for an enquiry or engagement, we may receive information from your authorised representative, employer, travel coordinator, adviser, or publicly available sources, including for lawful due diligence and threat assessment. We use only information relevant to the requested service, lawful due diligence, safety, or security planning.

3. How We Use Your Information

  • Respond to your enquiry and communicate with you about your request;
  • Conduct client due diligence, including sanctions and risk screening, before accepting an engagement;
  • Assess, plan, and deliver the security services you engage us for;
  • Maintain the safety and confidentiality of clients, protected persons, and personnel;
  • Manage billing, contracts, and dispute resolution;
  • Comply with legal and regulatory obligations;
  • Operate, secure, and improve our website.

4. Lawful Basis for Processing

Where GDPR, UK GDPR, Swiss data-protection law, Israel's Privacy Protection Law, or comparable law applies, we process personal data using one or more of these bases: steps taken at your request before entering a contract, and performance of a contract; your consent, including for optional cookies and for the processing of sensitive information; our legitimate interests in operating, securing, and improving the website and our services, and in conducting proportionate due diligence; protection of vital interests where necessary to protect life or physical safety; and compliance with legal obligations.
Where we process special-category data, we rely on your explicit consent under Article 9(2)(a) GDPR, or on the protection of vital interests under Article 9(2)(c) where you are physically or legally incapable of giving consent.

5. Confidentiality

Discretion is central to our work. Enquiries and client information are treated as confidential and are accessible only to personnel and service providers who need the information to respond to you, secure the website, or deliver an engagement. We do not sell contact-form content. If you allow optional advertising cookies, Google Ads may process limited website-interaction data to measure or improve advertising as described in our Cookie Policy.

6. Communication Channels

Initial contact often takes place by email or WhatsApp. WhatsApp is operated by Meta Platforms; when you contact us through WhatsApp, Meta processes your phone number and message metadata under its own privacy terms. Standard messaging channels are convenient but are not designated for sensitive operational information. Where an engagement proceeds, we establish a secure channel for operational communication.

7. Third-Party Processors and Sharing

We share personal data only where necessary. This may include:
  • Website and infrastructure: Vercel (hosting and edge delivery) and Supabase (database and storage), where used to provide the website, CRM, or media services;
  • Messaging and communications: Meta Platforms (WhatsApp), and our email service provider;
  • Analytics and advertising: Google, only when you allow the optional Analytics or Advertising category, as described in our Cookie Policy;
  • Operational suppliers: vetted licensed local security partners, secure transport, aviation, accommodation, medical, and payment providers, where needed for an engagement and subject to appropriate confidentiality and security requirements;
  • Professional advisers: legal and accounting advisers where necessary;
  • Law enforcement or government agencies where legally required;
  • An acquiring entity in the event of a merger, acquisition, or reorganisation;
  • Relevant parties in emergency situations, where necessary to protect life or safety.
We do not sell personal data.

8. International Transfers

We operate worldwide, and your information may be processed in countries outside your own, including outside the European Economic Area.
Israel, where we are established, is recognised by the European Commission as providing an adequate level of protection for personal data transferred from the EEA. Where personal data is transferred to a country not covered by an adequacy decision, we apply appropriate safeguards — such as standard contractual clauses or equivalent measures — so that your data receives an adequate level of protection. Details of the safeguards applied to a specific transfer are available on request.

9. Data Retention

We retain personal data only as long as necessary.
Category
Website enquiries that do not proceed to engagement
Retention
Up to 24 months from last contact
Category
Client and engagement records, contracts, invoices
Retention
7 years from the end of the engagement, for legal, accounting, and dispute-resolution purposes
Category
Security incident and operational records
Retention
As required by law and by any live or anticipated claim
Category
Operational security data (CCTV, GPS, monitoring logs)
Retention
As agreed in the engagement agreement; deleted or securely archived at the end of the agreed period
Category
Website security and access logs
Retention
Up to 12 months
Category
Cookie data
Retention
As set out in the [Cookie Policy](/cookies)
At the end of the applicable period we delete, anonymise, or securely archive the information in accordance with applicable law.

10. Data Security

We implement industry-standard protective measures, including encryption in transit and at rest, role-based access controls, secure storage, and regular security assessments. Access to client and operational data is restricted to personnel with an operational need to know. While no system can be guaranteed fully secure, we work to protect your information against unauthorised access, loss, or misuse.

11. Data Breaches

If a personal-data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within the time limits required by applicable law, and we will notify affected individuals directly where the law requires it or where notification is necessary to allow you to protect yourself.

12. Your Privacy Rights

Depending on your jurisdiction, you may have rights to know about processing, access personal data, correct inaccuracies, request deletion, restrict or object to certain processing, withdraw consent, request portability, and lodge a complaint with a relevant data-protection authority.
To make a request, email info@global-protection.net with the subject line "Privacy Request" and tell us which right you wish to exercise. We may need to verify your identity before acting on a request. We respond within the period required by applicable law, and in any event within one month where GDPR applies.
Some rights are limited. We may be unable to delete information we are required to retain for legal or security-record purposes, or where deletion would compromise the safety of another person.

EEA, United Kingdom, and Switzerland

You may exercise the rights described above under applicable data-protection law. You can withdraw cookie consent at any time through Cookie Settings. You may also complain to the supervisory authority where you live, work, or believe an infringement occurred.

Israel

Under Israel's Privacy Protection Law, as amended, you may request access to and correction of personal information we hold about you, and you may complain to the Israeli Privacy Protection Authority.

United States

California residents and residents of other US states with applicable privacy laws may have rights to know, access, delete, correct, opt out of certain targeted-advertising or sharing activities, and avoid discrimination for exercising privacy rights, subject to applicable law. We do not sell personal information. Optional Google Ads activity may be treated as sharing or targeted advertising under some state laws. You can opt out through Cookie Settings, through the "Your Privacy Choices" link in the footer, or by using a recognised Global Privacy Control browser signal, which we honour.

Brazil, Canada, Australia, and other jurisdictions

Visitors in Brazil, Canada, Australia, and other countries may have additional privacy rights, including rights to information, access, correction, deletion, or withdrawal of consent. Our Cookie Settings are available worldwide. Contact us to exercise a right that applies to you.

13. Automated Decisions

We do not make decisions about you that are based solely on automated processing and that produce legal or similarly significant effects. Client due diligence is reviewed by a person before any decision is taken. Website analytics and advertising measurement, where allowed, do not determine whether we provide security services.
Our website may contain links to external sites. We are not responsible for the privacy practices or content of websites we do not operate.

15. Children's Privacy

Our website is not directed toward minors under 18, and we do not knowingly collect information from children through the website. Where an engagement involves the protection of a minor, we process the minor's data on the instruction and with the authority of a parent or guardian, as set out in Section 2.5, and only to the extent necessary to protect them.

16. Changes to This Privacy Policy

We may update this policy when our processing, technologies, services, or legal obligations change. We will post the updated version here with a revised last-updated date.
R&H Global ProtectionIsraelEmail: info@global-protection.netPhone: +972-55-9724475

Protection Without Compromise. Speak With Us.

Send us the location, dates, and service required. A senior advisor will respond within hours - every inquiry is strictly confidential.