GDPR stands for the General Data Protection Regulations – although it could equally be the initials of some Cold War era Soviet bloc state ! The new regulations, which deal with handling of personal data, come into force today so that seems like a good time to quickly go through our position with regards to them.
As far as storage and usage of personal data goes, we don’t have a customer database as such. We retain copies of all orders placed on the website or through the post – these will include your name, address and email address, and of course details of the items you’ve purchased. We don’t have anything related to payments, such as credit card details, since this is handled by PayPal and we don’t ever see these. If you’ve ever paid by cheque, this goes straight into the bank and we don’t record account numbers or branch codes or make copies of the cheques. We never sell or pass this information on to anyone, or use it to create marketing lists etc. We don’t send out unsolicited marketing emails or letters.