far less about GDPR, or security HQAC will not like you having contact with Cadets via a email platform they don’t control.
emailing Cadets? make sure there is a @aircadets.org email address in the loop.
the easiest way is to send from one of those addresses, the alternative is to always copy one in (but that then fills up/clutters accounts you can’t/don’t want to use for whatever reason.
HQAC and the CoC will shout “Safeguarding” at those persons who don’t use @aircadets.org email addresses, it won’t matter what system it is, there is not “auditable” route to see email conversions should accusations be posed against someone.
as discussed here it wont matter how secure the system is you use, HQAC will sooner or later insist that emails that are not @aircadets.org are closed and shut down.