Privacy Policy

Last updated: October 14, 2025

1. Introduction

This Privacy Policy explains how The Royal Care Ltd (“Royal Care”, “we”, “us”, “our”) collects, uses, discloses and safeguards personal information when you visit our website or communicate with us. We are committed to protecting the privacy and security of individuals who engage with our services.

We operate in Scotland and (subject to registration) will provide regulated care services within North & South Lanarkshire. This notice is written to meet the requirements of the UK GDPR, the Data Protection Act 2018, and (where applicable) PECR.

By using our website or contacting us you agree to the practices described below. If you do not agree, please discontinue use of the site.

2. Who We Are (Data Controller)

The Royal Care Ltd
Operational base (in progress): Airdrie, North Lanarkshire, Scotland, UK
Email: admin@theroyalcare.co.uk

For any data protection enquiry please email us. If/when a Data Protection Officer (DPO) or representative is appointed we will update this notice.

3. Personal Data We May Collect

We collect only what is necessary:

  • Contact details: name, email address, telephone number (when you submit a form or contact us).
  • Enquiry details: information you voluntarily provide about care needs or service interests.
  • Technical / usage data: IP address (truncated where possible), browser type, device type, pages viewed, timestamps, referring URLs.
  • Cookies & similar technologies: small files placed on your device (see Section 9).
  • Candidate / recruitment data (if you apply for a role): CV information, employment history, references (handled under a separate recruitment privacy notice if required).
  • Safeguarding or incident information: only where legally necessary and handled under strict confidentiality.
  • Regulatory information required to meet Care Inspectorate and statutory obligations (once services commence).

We do not intentionally collect special category data via the public website. Please avoid submitting medical or sensitive information through general contact forms.

4. How We Use Personal Data

We process personal data for the following purposes:

  • To respond to enquiries and provide requested information.
  • To prepare, enter into or manage a service agreement or care plan (pre‑contractual steps and contractual necessity).
  • To improve, maintain and secure our website (legitimate interests).
  • To manage recruitment (contractual necessity / consent / legal obligation).
  • To comply with legal and regulatory obligations (e.g., care quality, safeguarding, record keeping).
  • To send essential service or policy update communications (legal obligation / legitimate interests).
  • To establish, exercise or defend legal claims.

We do not sell personal data.

Depending on the context we rely on:

  • Consent (e.g., certain optional cookies or marketing where used).
  • Contractual necessity (responding to pre‑contract enquiries, delivering care services).
  • Legitimate interests (website analytics with privacy safeguards, business administration).
  • Legal obligation (statutory record keeping, safeguarding).
  • Vital interests (rare, e.g., emergency situations).
  • Establishment, exercise or defence of legal claims.

6. Sharing Your Data

We may share limited data with:

  • Service providers and processors (secure hosting, email delivery, analytics) under contract.
  • Professional advisers (legal, insurance, regulatory) where necessary.
  • Regulatory or governmental bodies (e.g., Care Inspectorate, ICO, HMRC) when required by law.
  • Law enforcement where legally mandated.
  • Prospective buyers / transferees in a business restructuring (subject to confidentiality & safeguards).

We require all recipients to protect data and use it only for permitted purposes.

7. International Transfers

If any processor stores or accesses data outside the UK, we implement appropriate safeguards (e.g., UK International Data Transfer Addendum or adequacy regulations). Details can be requested via email.

8. Data Retention

We keep personal data only as long as necessary for the purpose collected:

  • General enquiries: up to 12 months after last contact unless a service relationship forms.
  • Service / contractual records: retained per statutory & regulatory retention schedules.
  • Recruitment (unsuccessful applicants): normally 6 months unless consent for longer.
  • Technical logs: typically up to 12 months (shorter where feasible) for security and troubleshooting.

After retention expires, data is securely deleted or anonymised.

9. Cookies & Similar Technologies

We may use:

  • Essential cookies: required for basic functionality (cannot be disabled via our banner).
  • Preference / functionality cookies: remember choices (loaded only if accepted).
  • Analytics cookies: aggregate usage; configured to minimise privacy impact.
  • Security / anti‑abuse tools.

You can:

  1. Use our on‑site cookie controls (if presented).
  2. Adjust browser settings to block or delete cookies. Blocking certain cookies may limit site functionality.

10. Your Rights (UK GDPR)

You have the right to:

  • Access your personal data.
  • Rectify inaccurate or incomplete data.
  • Erase data (where no overriding lawful basis applies).
  • Restrict processing in certain circumstances.
  • Object to processing based on legitimate interests or direct marketing.
  • Data portability (for data you provided under consent or contract).
  • Withdraw consent at any time (does not affect previous lawful processing).
  • Lodge a complaint with the Information Commissioner’s Office (www.ico.org.uk).

To exercise rights, email: admin@theroyalcare.co.uk. We may need to verify identity.

11. Security

We implement technical and organisational measures including restricted access, encryption (in transit), least‑privilege principles, and monitoring. No system is entirely secure; residual risk cannot be eliminated.

12. Children’s Privacy

Our public website is not intended for children under 13. If you believe a child has provided personal data without appropriate consent, contact us and we will act promptly.

Our site may link to external websites. We are not responsible for their content or privacy practices. Review those sites’ policies before providing information.

14. Automated Decision-Making

We do not perform solely automated decisions producing legal or similarly significant effects on individuals via this website.

15. Changes to This Policy

We may update this notice periodically. The effective date appears at the top. Material changes may be highlighted on the site. Continued use after changes indicates acceptance.

16. Contact

Questions, requests, or complaints:

If unresolved, you may contact the ICO at www.ico.org.uk.

This Privacy Policy is intended as a general informational notice and does not create contractual rights beyond those required by law.

Get in touch

Let’s Work Together to Support Independent Living

We welcome referrals from local authorities, NHS partners, GPs, and families. Our team is ready to discuss your needs and offer a seamless onboarding process.

Phone

Call us

Email

Write to us