Privacy and Security



We take credit card security extremely seriously. We are committed to protecting your privacy. As such we will only use the information collected to deal with your order and to enable us to provide the best service possible. Your credit card information is secure within the PayPal payment gateway and we do not have access to, nor do we keep a record of your credit card details. Your email address is required for this website to send you automated paperwork which is relevant to your order once you have completed your shopping. We may also use your email to contact you directly about your order if there is a question we need to ask you in order to complete the order.

Your details are used only to process your order, both on this website and through the Paypal payment gateway. A printed copy of your order is kept for accounting and tax purposes in accordance with UK law.


This online shop is protected with the latest web security systems, including encryption and Secure Socket Layers (SSL). These systems are updated regularly. The website is hosted on a secure and GDPR compliant European server.

When you buy goods from us, you will be asked ask for information such as your name, e-mail address, delivery address and contact details so that we can fulfil your orders as efficiently as possible.

We use PayPal, the worlds biggest online payment system, to take credit card payments. All payment details sent through PayPal are encrypted and sent through Secure Socket Layer (SSL) as per industry standards and best practice.

Alternatively our customers are free to order by post and pay using BACS transfer or cheques if preferred. To do this please email us and we will assist you in making your order.


We can only use your email address to send you our occasional Newsletters if you choose, or have already chosen to subscribe to our Newsletter.

Our Newsletter will only be used by us to inform you of any new products, Heather’s workshops and events, or special offers. We use Mailchimp as our newsletter service provider and should you wish to unsubscribe at any time, please do so by clicking here.


Like most websites, this website site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using the site, to better understand how they find and use the web pages and to see their journey through the website.

Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google does not grant us access to this. Google is classed as a third party data processor to us.

GA makes use of cookies, details of which can be found on Google’s developer guides. Should it be needed, this website uses the analytics.js implementation of GA.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.



The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. It comes into effect on May 25th 2018.

We have checked with all the service providers we use in order for this website to function and are confident that they are GDPR compliant. We will continue to review both their, and our own GDPR practices to ensure that your data is secure. You have the right to request information about the data this website holds about you and you can do so by contacting us directly by email.