Privacy Notice

How we use and protect your personal information

 

1. Who We Are

Myrtle Healthcare Limited is committed to protecting your privacy and handling your personal information lawfully, fairly, and transparently.

Organisation name: Myrtle Healthcare Limited
Registered address: Southbridge House, Southbridge Place, Croydon, CR0 4HA
Telephone: 020 3869 2455
Email: info@myrtlehealthcare.co.uk

For data protection matters, you can contact our Information Governance Lead / Registered Manager at: tonte.abban@myrtlehealthcare.co.uk

 

2. What Information We Collect

We collect and process personal information to provide safe, effective care.

Personal data may include:

  • Name, address, date of birth, contact details
  • NHS number (where applicable)
  • Family, next of kin, or representative details

Special category data (health information) may include:

  • Health and care needs
  • Care plans, risk assessments, and daily care records
  • Mental capacity and consent information
  • Safeguarding, incident, and complaints records

We may also process limited information about children or family members where relevant to your care or safeguarding.

 

3. Why We Use Your Information

We use your information to:

  • Provide and manage your care and support
  • Safeguard you and others from harm
  • Communicate with you, your representatives, and professionals involved in your care
  • Meet legal, regulatory, and contractual requirements
  • Improve service quality and safety

 

4. Lawful Basis for Processing

Under the UK General Data Protection Regulation (UK GDPR), we rely on the following lawful bases:

For personal data (Article 6):

  • Legal obligation – to meet safeguarding and regulatory duties
  • Public task – delivering health and social care services
  • Contract – providing agreed care and support

For special category data (Article 9):

  • Health and social care provision
  • Substantial public interest, including safeguarding
  • Vital interests, where immediate safety is at risk

Where we rely on consent, this will be clearly explained and recorded, and you may withdraw consent at any time.

 

5. Who We Share Your Information With

We only share information where it is lawful, necessary, and proportionate. This may include:

  • NHS professionals and GPs
  • Local Authorities and safeguarding teams
  • Commissioners and funding bodies
  • Regulators such as the Care Quality Commission (CQC)

We do not sell your data and do not share it for marketing purposes.

 

6. How We Keep Your Information Secure

We take appropriate technical and organisational measures to protect your data, including:

  • Secure electronic care systems
  • Encrypted devices and password protection
  • Role-based access controls
  • Staff training in confidentiality and data protection

 

7. How Long We Keep Your Information

Your information is kept only as long as necessary and in line with:

  • Legal and regulatory requirements
  • NHS Records Management Code of Practice
  • Our internal retention schedules

When no longer required, data is securely destroyed.

 

8. Your Rights Under UK GDPR

You have the right to:

  • Be informed about how your data is used
  • Access your personal data
  • Request correction of inaccurate information
  • Request deletion of data (where applicable)
  • Restrict or object to processing in certain circumstances
  • Request data portability

To exercise your rights, please contact us using the details above. Requests are handled within statutory timescales.

 

9. Complaints

If you are unhappy with how we handle your information, you can:

Contact us directly so we can try to resolve the issue
Contact the Information Commissioner's Office (ICO):

ICO Website: www.ico.org.uk
ICO Helpline: 0303 123 1113

 

10. Changes to This Privacy Notice

We keep this Privacy Notice under regular review and may update it from time to time. The most recent version will always be available on our website.

Last updated: 05/12/2025