Privacy policy & cookies

Grasmere Gingerbread®

Privacy Policy January 2019 – Version 1.2
(Because we are used to keeping secrets secret).

Please note that this Privacy Policy may be updated from time to time.

Privacy & Cookies

Internet Privacy and Cookies Policy

Grasmere Gingerbread® is used to keeping secrets secret. Our original unique hand-written recipe – invented in 1854 by Victorian cook Sarah Nelson – is locked inside a secure bank vault. So we are committed to safeguarding and preserving the digital privacy of our visitors and customers because we know how important secrecy and trust are. Grasmere Gingerbread® is owned and managed by Joanne and Andrew Hunter, a fourth generation Cumbrian family. It is run from tiny Church Cottage, Grasmere, in the heart of the Lake District in Cumbria, England. Like the beautiful remote valley where we work our Privacy Policy is discreet – even if its formal literary style is a million miles away from our usual chatty tone! But at least it explains what happens to any personal data that you provide to us, or that we collect from you whilst you visit our site, and how we use cookies (not the edible Grasmere Gingerbread® type) on this website. We do update this Policy from time to time so please do review this Policy regularly (if you can stop yourself from falling asleep).

Grasmere Gingerbread®, The Gingerbread Shop, Church Cottage, Grasmere, Cumbria LA22 9SW, UK. Tel: (015394) 35428. email:

Information That We Collect

In running and maintaining our website we may collect and process the following data about you:

Information about your use of our site including details of your visits such as pages viewed and the resources that you access. Such information includes traffic data, location data and other communication data;

Information provided voluntarily by you. For example, when you register for information or make a purchase;

Information that you provide when you communicate with us by any means;

We may also collect personal information from our outside events, talks and in The Grasmere Gingerbread Shop;

We also use cookies on our website (see section of cookies below).

Use of Cookies

Cookies provide information regarding the computer used by a visitor. We may use cookies where appropriate to gather information about your computer to assist us in improving our website.

We may gather information about your general internet use by using the cookie. Where used, these cookies are downloaded to your computer and stored on the computer’s hard drive. Such information will not identify you personally; it is statistical data which does not identify any personal details whatsoever.

You can adjust the settings on your computer to decline any cookies if you wish. This can be done within the “settings” section of your computer. For more information please read the advice at

We do not use any cookies for marketing purposes.

Essential cookies

These cookies are always enabled as they make sure essential features, like the shopping basket, work as they should.

Essential cookies allow us to:

Ensure the site works properly so it’s easy to shop.

Make sure the correct items are kept in your basket.

Select the right version of our website for your computer, whether it’s a PC, ipad, mobile phone or other device.

These cookies do not gather personal information or remember where you’ve been on the internet. If your browser is set to refuse these cookies, our site may not work correctly.

Cookie Name 

_gat, _gid, _ga


Allows our site to respond correctly as you search, browse and purchase. Without it the site will not work. Also makes sure that you can correctly browse the mobile and desktop versions of our site from your computer and mobile devices.

Grasmere Gingerbread analytics cookies allow us to:

Raise the standard of our service by understanding how our customers use our site.

Help identify any errors so we can fix them.

Gather information which helps us continually improve our website and marketing communications.

Cookie Name

 _utma, _utmb, _utmc, _utmz


These cookies are used by an analytics engine to measure performance and site usage.

Social Media We love to hear from you on our social media profiles. Our website contains social sharing buttons to make it easier for you to post content, share your stories and activities. These buttons use cookies and other devices to allow you to do this. If you use these buttons to share content, then you do so at your own discretion.

What is the legal basis we rely upon when collecting personal data

The law about data protection sets out a number of different reasons relating to how a company may collect and use your personal data. These are:

Consent: in specific situations we will ask you for your consent to use your personal data. You can withdraw this consent at any time (e.g. email marketing);

Contractual obligations: e.g. when you place an order on our website and we need your information to actually send you the product (how else could we do this?!);

Legal compliance: e.g. paying VAT, tax, fraud prevention;

Legitimate interest: in some situations we require your data to pursue our legitimate interest (in a way you might reasonably expect us to do to efficiently run our business). However, this does not impact upon your rights and freedoms (see section on your rights). A couple of examples spring to mind – we may use your purchasing data to send you a special offer or even use collective shopping history to identify a particular retail trend. We may also keep your address to send you information by post or relating to customer service issues.

Storing Your Personal Data

In operating our website, it may become necessary to transfer data that we collect from you to locations outside of the European Union/EEA ( for example in the USA) for processing and storing. By providing your personal data to us, you agree to this transfer, storing and processing. We do our utmost to ensure that all reasonable steps are taken to make sure that your data is stored securely. Where relevant entering into standard EU contractual clauses in accordance with Article 46.2 of GDPR with the party outside the EEA receiving the personal information

All sensitive information (such as credit-card numbers) is only transmitted via Secure Socket Layer (SSL) technology, which means that you cannot inadvertently place an order through an unsecured connection. All sensitive information is stored in an encrypted format behind firewalls.

Details of our SSL Certification can be found by clicking here.

We adhere to Payment Card Industry standards and certification can be found by clicking here.

Disclosing Your Information

We will not disclose your personal information to any other party other than in accordance with this Privacy Policy and in the circumstances detailed below:

If we sell any or all our business to the buyer.

Where we are legally required by law to disclose your personal information.

To further fraud protection and reduce the risk of fraud.

Please click here to view the Candidate Privacy Notice.

Third Party Links

On occasion we include links to third parties on this website. Where we provide a link, it does not mean that we endorse or approve that site’s policy towards visitor privacy. You should review their privacy policy before sending them any personal data.

Security of email correspondence

Email is not a secure and confidential means of communication. Therefore, please do not use the contact us form on our website to send us confidential information, such as your credit card details. Although we use advanced security measures to protect your information we cannot absolutely guarantee the security of your information provided over the Internet and cannot be responsible for any loss, misuse and alteration.

Right to Access to Information (also known as a Subject Access Request)

In accordance with the General Data Protection Regulation and the Data Protection Act 2018 this gives you the right to access any personal information that we hold relating to you. To do this simply send us an email to or telephone us on (015394) 35428.

Contacting Us

Please do not hesitate to contact us regarding any matter relating to this Privacy and Cookies Policy via email at

Additional Information for this policy

Your Data Protection Rights Explained

Grasmere Gingerbread® is loved for its friendly, down-to-earth style and we hate modern-day acronyms and jargon! But even we have to write some things down formally so here goes! Under the GDPR and the forthcoming new Data Protection Act you – our valued customers and visitors – have a number of legal rights concerning our use of your personal information

The Right to correct or amend your details. (Rectification) If we have made a mistake or have out of date information about you, please, please, please get in touch and we will put it right straight away! We really will!

The Right to Object to Processing

This allows you to object to direct marketing (which can be a pain in the neck) but for other types of processing we may need to continue to use this to meet other legal obligations (which we need to satisfy). However, if you are at all worried then please, please, please get in touch and we will immediately discuss with you how to allay your concerns. Rest assured, we will talk in plain English, or plain Cumbrian.

The Right To be Forgotten

In today’s hectic inter-connected world sometimes it’s nice to fantasise about losing yourself – to wander through an unfamiliar town or street unnoticed and unknown. Similarly, in certain circumstances, you have the right to have your personal data erased. This right only applies in certain situations and is not an absolute right. However, where we can we will, of course, delete this information. However, we may need to continue to use your personal information for us to comply with other legal obligations (life is complex!).

The Right to Restrict Processing

It’s good to be in charge. So you have the right to restrict us from using your personal data for direct marketing purposes.

Automated Decision-Making including profiling

We do not carry out automated-decision making or profiling in relation to your personal data that would cause a legal or similar effect to you.

How to complain or raise concerns

Firstly, please, please, please call us directly so that we put right any outstanding issues or answer any concerns that you may have.

Secondly you can email us at to further document your concerns.

If you are not fully happy with our response regarding your data protection rights – and we would be incredibly disappointed if you weren’t – then you have the right to contact the Information Commissioner (ICO).

The Information Commission is the UK authority which regulates and enforces data protection laws in the UK.

The Information Commission can be found at;

or telephone 0303 123 113

Information Commissioner’s Office
Wycliffe House
Water Lane

How long do we keep your personal information?

We only keep your personal information for as long as is necessary for the purposes for which it is processed* for example it is a legal obligation to keep financial data for 6 years.

*Grasmere Gingerbread® was founded in 1854 and our traditional approach and unique history means we keep many customers for nearly ever (some people have been with us for decades). Grasmere Gingerbread® has rung the changes in their lives – everything from engagements and weddings, to anniversaries and new babies – and they ask us to keep them informed about everything we do! Similarly, after introducing Grasmere Gingerbread® wedding favours a few years ago, brides especially love to keep in touch, sometimes to relive their special day in conversations over the phone.

However, if you don’t want us to keep you informed of our activities then, please contact us and we will gladly remove you from our databases.

If you got to the end of this Privacy Policy well done! We tried to inject our own integrity, style and humour into it to make it more palatable. However, if you’re exhausted grab a cuppa and a slice of Grasmere Gingerbread® and trust us to trust your secrets.
Andrew & Joanne Hunter