This privacy policy deals with how handles ‘Personal Data’ as it is defined in the GDPR (General Data Protection Regulation). Personal data, as described by the GDPR is data such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity.

Who am I

I am Hannah Berridge and I run My registered address is White House Farm, Benhall Green, Saxmundham, Suffolk IP17 1HL . As the owner of I take a proactive approach to user privacy and ensure the necessary steps are taken to protect your privacy throughout your visiting experience.

What type of data do I collect and why?

I may collect and process the following data about you:

Using my contact form
Your name and email address as well as other Information that you provide by filling in a contact form on this site. This is so that I am able to reply to your service enquiry or your general question.

Buying a product
Your name, email address, home address and IP address at checkout by purchasing one of my services. This is so that I can deliver the product and contact the new customer about their new product.

Google Analytics
When you visit my site I use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. I do this to find out things such as the number of visitors to the various pages of my site or what browser is being used. This information is processed in a way which does not identify anyone i.e. does not collect personal data. I do not make any attempt to find out the identities of those visiting my website.
You can access Google’s privacy policy here:

You can read more information on how cookies are used on this website in my cookies policy here.

Who is collecting the data?

I handle personal data for my own business.

How is the data collected?

Information on my website will be collected in association with your use of a contact form or by purchasing a product from my website.

If you contact me using either my online contact form or directly via email, I may keep a record of that correspondence.

When purchasing a product from my website, a user must supply their full name, home address and email address so that I may deliver their product and be able to contact them if there is an issue with their order. The IP address of the device used for said purchase is stored in the WooCommerce database but not matched to any information that may be collected by other components of the website.

Cookies are collected by navigating and interacting with my website. You can read more about what cookies are used in my cookie poicy here.

How long is data stored?

Your Personal Data is only stored for the duration of time that it is needed. Data that is stored for the sole use of signing up to my newsletter, will be kept until such data is manually removed by the user by unsubscribing. Which they can do at any time.

Stored data that has been sent via a contact form on my website will be kept for the duration of required communication.

Personal data collected through the purchase of one of my products maybe kept for as long as necessary with regard to HM Revenue and Customs (HMRC).

How easy is it to opt-out?

All ways of collecting personal data on my website are opt-in, and you will always have the opportunity to opt-out. Meaning that in order for me to receive any personal data from you, you will need to actively choose to opt-in when filling out any of the forms on my website.

You will always have the opportunity to unsubscribe to my newsletter at any time.

If you believe that you have received information from me that you did not opt in to, you should contact me on the details below.

You are entitled to access the personal data that I hold.

How secure is your Personal Data?

Online order data is stored in my website database on a secure server that is password protected. It is backed up daily and is encrypted on Amazon S3 servers which are GDPR compliant and each backup is kept for 30 days and then deleted.

The payment gateway’s (Stripe & PayPal) data is stored on their respective servers and is securely backed up and password protected and encrypted. Stripe has activated EU-US Privacy Shield so is qualified and GDPR compliant in order to receive and process your information. You can access Stripe's privacy policy here.

PayPal has activated EU-US Privacy Shield so is qualified and GDPR compliant in order to receive and process your information. You can access PayPal's privacy policy here.

I am not responsible for the privacy or security practices of any third party. The collection and use of your Personal Data by such third parties may be subject to separate privacy and security policies. If you suspects any misuse or loss of, or unauthorised access to, your Personal Data, you should let me know immediately by contacting me at the email address below.

What rights do you have?

Under GDPR, you have the right of access to the information stored about you. For clarity, aside from the cookie data collected about your device, only collects a name and or an email address from certain areas of the website such as a contact form, newsletter signup, blog post comment or through purchasing a service. No details of credit cards are ever taken or stored on this website.

If you cannot update your own information, I will correct any errors in the personal data I hold about you within 7 days of receiving written notice from you about those errors.

It is your responsibility to provide me with accurate and truthful personal data. I cannot be liable for any information that is provided to me that is incorrect.

You may cancel any subscription or revoke your consent to the processing (including storage) of this data at any time with immediate effect. As a data subject (a real person) your individual rights include: right to be informed; right of access; right to rectification; right to erasure; right to restrict processing; right to data portability; right to object; right to not be subject to automated decision-making (including profiling).

When can I contact you?

From time to time, I may need to send you important notices, such as changes to my terms and conditions or policies. Because this information is important to your interaction with me, you may not opt-out of receiving these communications. This falls under Legitimate Interests of GDPR.

How can you contact me?

All correspondence with regards to privacy should be addressed to: Charlotte Berridge, 12 Glenfield Road, Ealing, London W13 9JZ. or email You may contact me by email in the first instance.

Changes to the Privacy Policy

I may update this privacy policy from time to time at my sole and absolute discretion. Please check this website regularly for changes. Resources & Further Information

Privacy and Electronic Communications Regulations 2003
Privacy and Electronic Communications Regulations 2003 – The Guide
Google Privacy Policy
Stripe’s Privacy Policy
PayPal’s Privacy Policy

Last updated: 22nd May 2018