Mencap Richmond and District.
Support Us
Donate

Privacy Policy

Last updated: 2025-12-18

This Privacy Policy explains how Mencap Richmond (“we”, “us”, or “our”) collects, uses, stores, and protects your personal data when you use our website.

We are committed to protecting your privacy and handling your personal data in a transparent and secure manner, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who We Are

This website is operated by Mencap Richmond (a local charity branch). We are the “data controller” for personal data collected through this website.

Contact: office@richmondmencap.org.uk
Telephone: 020 8744 1923
Address: Richmond Mencap, 342 Richmond Road, East Twickenham, TW1 2DU

 

 

Personal Data We Collect

Depending on how you use our website, we may collect the following types of personal data:

  • Contact details you provide via forms (such as name, email address, telephone number, and the content of your message).
  • Technical data such as IP address, browser type and version, device information, operating system, and referral source.
  • Usage data such as pages visited and time spent on the site (typically collected via analytics tools such as Google Analytics).
  • Members area data (if/when introduced), such as login credentials and access logs (for example, when you log in, what pages you access, and security logs).

We do not intentionally collect special category data (such as health information) through this website. Please do not include sensitive personal information in website forms unless we specifically request it.

How We Collect Personal Data

  • Information you provide directly (for example, by completing a contact form).
  • Information collected automatically through cookies and similar technologies (see our Cookie Policy).
  • Information generated through website use (for example, basic security logs and access logs).

How We Use Your Personal Data

We use your personal data for the following purposes:

  • To respond to enquiries submitted via the website contact form.
  • To provide information about our services, activities, and local support, where requested.
  • To maintain the security and integrity of our website.
  • To understand how our website is used and to improve content and accessibility (for example, via analytics).
  • To administer a members-only area (if introduced), including account creation, authentication, access control, and sharing documents securely.

Lawful Bases for Processing (UK GDPR)

Under UK GDPR, we rely on the following lawful bases to process personal data:

  • Legitimate interests – where processing is necessary for our legitimate interests as a charity (for example, responding to enquiries, improving our website, and keeping the website secure), provided your rights do not override those interests.
  • Consent – where you have given consent (for example, where non-essential cookies are used, or if you opt in to receive updates).
    You can withdraw consent at any time.
  • Legal obligation – where we must process personal data to comply with a legal requirement.
  • Contract – if a members area is introduced and you register for an account, processing may be necessary to provide that service to you.

Cookies and Analytics

Our website uses cookies and similar technologies. Some are strictly necessary for the site to function. Others (such as analytics cookies) help us understand how the site is used.

We may use tools such as Google Analytics to collect aggregated information about website usage.
For more details, please see our Cookie Policy.

Embedded Content (YouTube)

Pages on our website may include embedded videos from YouTube. When you view a page containing embedded content, the third-party provider may collect data and use cookies or similar technologies.

We do not control how YouTube collects or uses your data. Please refer to Google/YouTube’s privacy information for details.

Who We Share Personal Data With

We may share personal data with trusted third parties only where necessary, including:

  • Website hosting and IT providers (to operate and maintain the website).
  • Analytics providers (such as Google Analytics) to help us understand website usage.
  • Security and spam-prevention tools (to protect the website and reduce fraudulent or automated submissions).
  • Embedded media providers (such as YouTube) when you access embedded content.

We do not sell your personal data to third parties.

International Transfers

Some third-party providers we use (for example, Google/YouTube) may process data outside the UK. Where this happens, we take steps to ensure appropriate safeguards are in place in accordance with UK GDPR.

How Long We Keep Your Data (Data Retention)

We keep personal data only for as long as necessary for the purposes set out in this Privacy Policy.

  • Enquiries: If you contact us via the website, we will retain your message and contact details for as long as necessary to respond and for our records, and then delete or anonymise it in line with our internal retention practices.
  • Analytics: Analytics data is retained according to the settings of our analytics provider (for example, Google Analytics retention controls).
  • Members area (if introduced): If you create an account, we retain account and access information for as long as the account remains active, and for a reasonable period afterwards for security, audit, and administrative purposes, unless you request deletion (subject to legal obligations).

Your Rights (UK GDPR)

You have rights under UK GDPR in relation to your personal data, including:

  • The right to access your personal data.
  • The right to correct inaccurate or incomplete data.
  • The right to request deletion of your data in certain circumstances.
  • The right to restrict or object to certain processing.
  • The right to data portability in certain circumstances.
  • The right to withdraw consent (where processing is based on consent).

To exercise your rights, please contact us using the details above.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

Security

We take reasonable technical and organisational measures to protect your personal data from loss, misuse, unauthorised access, alteration, or disclosure. However, no website or internet transmission is completely secure.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date.