Privacy Policy

Introduction

Myrtle House Ltd is committed to protecting your privacy and ensuring that your personal data is handled lawfully, fairly, and transparently.

We work with individuals, families, volunteers, supporters, partners, and the wider community across a range of community services and social enterprise activities. We understand that trust is essential to our work, and safeguarding personal information is a key part of that responsibility.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you interact with us — whether through our website, services, projects, events, fundraising activities, or communications.

Myrtle House Ltd complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who We Are

Data Controller
Myrtle House Ltd
Registered Charity No. 1105421
Company Limited by Guarantee No. 5152593

Registered Address
Myrtle House
22 Myrtle Terrace
Llanelli
Carmarthenshire
SA15 1LH

Contact details
Email: info@myrtlehouse.org.uk
Telephone: 01554 756051

Myrtle House Ltd is the data controller for the personal data we process.

What Information We Collect

We may collect personal information directly from you or through your interaction with our services, website, or partners.

Information you provide directly

This may include:

  • Name, address, email address, and phone number

  • Information provided when accessing support services

  • Household or personal circumstances relevant to support provision

  • Volunteer or job application details

  • Donation details and Gift Aid declarations

  • Feedback, enquiries, and correspondence

Information collected automatically

When you visit our website, we may collect:

  • IP address and browser information

  • Device type and operating system

  • Pages visited and time spent on the website

  • Cookie and analytics data

Information from third parties

This may include:

  • Referrals from trusted partner organisations (with consent)

  • Information shared as part of joint service delivery

  • Publicly available information where relevant and appropriate

How We Use Your Information

We use personal data to:

  • Deliver and manage community services and support

  • Respond to enquiries and provide information

  • Process donations and fundraising activities

  • Manage volunteering and employment relationships

  • Improve our services and understand community needs

  • Maintain website functionality and security

  • Meet legal, regulatory, and safeguarding obligations

We only use personal data where there is a clear and lawful reason to do so.

Legal Basis for Processing

We process personal data under one or more of the following legal bases:

  • Consent – where you have given clear permission

  • Contract – where processing is necessary for an agreement

  • Legal obligation – where required by law

  • Vital interests – to protect someone’s life or safety

  • Legitimate interests – where processing is necessary for our charitable purposes and does not override your rights

You may withdraw consent at any time.

Sharing Your Data

We only share personal data where necessary and appropriate, including with:

  • Trusted service providers such as IT systems and payment processors

  • Partner organisations delivering joint services, with your consent

  • Regulatory or statutory bodies where legally required

All third parties are required to protect your data and use it only for agreed purposes.

We may also share anonymised or aggregated data for reporting, evaluation, or funding purposes.

Data Security

We take data security seriously and use appropriate technical and organisational measures, including:

  • Encrypted data storage and secure systems

  • Restricted access and role-based permissions

  • Secure cloud storage with compliant providers

  • Regular system updates, backups, and audits

  • Secure handling of paper records

Payment information is processed in line with PCI DSS standards. We do not store full credit or debit card details.

How Long We Keep Your Data

We retain personal data only for as long as necessary, including:

  • Financial and donation records: up to six years

  • Support service records: up to five years

  • Communication records: up to three years

  • Marketing preferences: until you opt out

  • Anonymised data: may be retained for analysis and reporting

Personal data is securely deleted or anonymised once it is no longer required.

Your Data Rights

You have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request erasure of your data

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent at any time

Requests can be made by contacting us using the details above. We will normally respond within one month.

You also have the right to raise concerns with the Information Commissioner’s Office at www.ico.org.uk.

Cookies and Website Use

Our website uses cookies to ensure functionality, analyse usage, and improve user experience. You can manage cookie preferences through your browser or our cookie consent tools.

Links to Other Websites

Our website may contain links to external sites. We are not responsible for the privacy practices of third-party websites and encourage you to review their policies before sharing personal information.

Complaints and Feedback

We welcome feedback and take concerns seriously.
If you have any questions or complaints relating to this policy or how your data is handled, please contact us at info@myrtlehouse.org.uk.

Changes to This Policy

We may update this Privacy Policy from time to time. Any significant changes will be published on our website.

Last Updated: January 2026