Privacy Policy

We take your data protection very seriously and only gather the information we need to give you the best possible service, as well as the best experience on our website. We are committed to managing and handling personal data in line with best practice and data protection principles. We DO NOT give any data to third parties for marketing purposes. We do not sell data. We do not share data unless compelled to do so by law.

Who we are

We are Llwyndyrys Residential Home Ltd at Llechryd, Cardigan, Ceredigion, SA43 2QP. The point of contact is Tony Lovell. You can contact us by calling 01239 682263. Our website address is: Company number: 03821908. Registered office address: C/O Bevan Buckland Llp Ground Floor Cardigan House, Castle Court Swansea Enterprise Park, Swansea, Wales, SA7 9LA.

What personal data we collect and why we collect it

We collect the personal information you give us when you complete our online contact form. This includes name, email address, phone number & your query. We collect this information to enable us to contact you to respond to your query. The lawful basis for processing this data is ‘consent’: You have given us clear consent for you to process your personal data for the specific purpose of submitting a query via our website form. Should you contact us by phone or other contact method, with an enquiry, the same lawful basis of ‘consent’ applies. You have given us clear consent for you to process your personal data for the specific purpose of responding to your query. If you contact us by phone or email or alternative contact method, to enquire about residency, we collect the personal data needed in order to give you the best service possible. The same lawful basis of ‘consent’ applies. You have given us clear consent to process your personal data for the specific purpose of providing you with the services you have requested. We also use the lawful basis or ‘legitimate interest’. We collect your data in order for us to supply you with information or services you have requested. The Company holds a wide variety of personal data, from employees, residents and suppliers, as well as financial data, HR data, marketing data, client data and so on, many of which include personal data. This data is held in various formats including; letters, emails, contracts, forms, software systems in both hard copy and electronic form.

What technical data we collect and why we collect it

In order to keep our website well optimised for users, we collect technical data. This may include third party plugins collecting technical data in order to keep their services running optimally. We use Google Analytics in order to optimise user experience on our website. This can include technical data such as the pages you visit, time spent on each page, your general location, browser, etc. Google has its own GDPR information which you can view on Google’s website. Our Google Analytics data is stored (on Google Analytics) indefinitely. You can choose not to be tracked by changing your browser settings, for example, going ‘incognito’ or ‘private’, or amending your Cookie settings. Please see the Cookies section below for information about Cookies.

How we store your data & how long we store your data

Your data is stored digitally and as hard copies. The data that is kept is used to enable us to provide the services you have requested, including the day to day care of our residents. Data is deleted if no longer needed, but much data will be stored as it is often needed for future use is care is ongoing. If you do not want us to keep such data, please let us know. We ensure timely and secure disposal of documents and records that are no longer required for business purposes. Hard copies of confidential documents or personal data is disposed of using a shredder or data destruction company. Technical data and website analytical data is kept on Google Analytics and is kept indefinitely.

Who we share your data with

Data is shared by the owners, Tony and Liz Lovell, to staff members as necessary for them to perform their daily care duties. Staff members are trained on the importance of GDPR and are made aware of GDPR regulations regarding the personal data they have access to. Data is shared with medical professionals as required. Data is shared with named family members or close contacts where consent has been given to do so. We do not share your data with any third parties for marketing purposes. Our accountant has access to the information which is necessary for them to prepare our accounts. They are subject to a duty of confidentiality. Our website developers are With Hindsite Ltd. They have potential access to website form content. You can see their Privacy Policy here. Our website is hosted with You can see their Privacy Policy here.

What rights you have over your data

Under the GDPR your rights are as follows:
  • the right to be informed
  • the right of access
  • the right to rectification
  • the right to erasure
  • the right to restrict processing
  • the right to data portability
  • the right to object
  • the right to withdraw consent
To summarise, you can contact us to see what personal data we store about you and how we use it and store it. You can request for any of your details to be changed or removed. If you would like to implement any of the rights above, please contact us. You can read more about your rights in detail here. You can request to receive a copy of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Additional information

Our website is SSL secure (https).


To opt out of being tracked by Google Analytics across all websites, visit

Contact information

You can contact us by calling 01239 682263 or by using the contact form on our website at

What data breach procedures we have in place

Should we ever be made aware of a data breach, we will inform all affected customers. We will also inform the ICO (Information Commissioner’s Office) within the specified 72 hours, if it is likely that there will be a risk to people’s rights and freedoms, for example, if personal data has been stolen or passed on to an unauthorised party.

Should you wish to discuss your data protection in more detail, please contact us.