Privacy Policy

 This privacy policy explains why we process personal data, how we collect it, what we collect, how your data is processed and how we protect any information you give Hurn & Hurn when you use this website.

We are committed to ensuring your privacy is protected and assure you any personal data collected will be used in accordance with this privacy statement.

Hurn & Hurn

For the purpose of General Data Protection Regulation (GDPR), Hurn & Hurn is the data controller, located at 4 Mackintosh Road, Rackheath, Norwich, NR13 6LJ in the United Kingdom.


In accordance with GDPR, we will only collect and use personal data in a lawful, fair way.

Data will only be collected for valid, clearly explained purposes and not used in a way that is incompatible with those purposes.

Why we process personal data

We process personal data in order to fulfil a contract / contractual obligation with you or because you have asked us to take specific actions before entering into a contract. This is thelegal basis for us doing so.

We may process your data on a consent basis such as if you ask to be subscribed to our emails but if such activities require your consent, we will first obtain consent.

We may also process and disclose your personal data on a legitimate interest basis if necessary, such as informing the authorities about fraudulent or criminal acts.

How we collect data

We collect personal data when you contact us through our site, register your details, place an order through either our site or ebay store, buy a gift voucher, ask to be notified when an item is in stock, sign up to receive our newsletter, email or phone us.

Our website may also automatically collect information such as details of your visits to our site and data about your computer.

The data we collect and process

We may collect and process the following personal data:-

  • Your name
  • Email address
  • Home address
  • Delivery address
  • Date of birth
  • Telephone numbers
  • Credit or debit card details
  • The content of emails received.

Details collected of your visits to our website may include time spent browsing, searches made, products added to wishlists and other resources accessed.

How we process your data

Data collected is used to:-

  • Enable use of our website
  • Provide information required
  • Process and fulfil your order
  • Process and fulfil ebay orders
  • Take payment
  • Arrange delivery through Royal Mail or courier companies
  • Communicate delivery information and inform you of any delays or queries
  • Resolve problems should they occur
  • For authentication or identity checks
  • Detect and prevent fraud
  • Review and improve our products and services
  • Keep you informed, if subscribed, about new products, offers or other information we believe may be of interest when this has been requested and consented to.
  • To fulfil our legal obligations

Who we share your data with

We share your data when necessary with the following in order to fulfil any contractual obligations to you:

  • Visualsoft, the developer of this website
  • Sagepay and PayPal, who process your payments on our behalf
  • Royal Mail and DPD, to enable delivery of orders placed
  • The suppliers of products purchased, for warranty, repair and replacement purposes

We also share your email details and order ID with:

  • Trustpilot, to enable you to leave reviews on the service received if you wish to do so.

We may also share your personal information in connection with any legal proceedings or for the purpose of fraud prevention.

We will not sell, lease or distribute your personal information to any other third parties without your permission unless required by law to do so.

How long we store your data

We store some personal data permanently or for an extended period of time if legally required to do so.

For example it is currently necessary to store order and financial records for a minimum of 8 years to comply with any HMRC audits and tax requirements. Similarly it is necessary for us to retain other data for 6 years for contract purposes.

Information will only be held for as long as it is required for the purpose it was collected.

Your data rights

You have the following rights in respect of your personal data:

The right to access your personal data. At any time you can contact us to request details of the personal data we hold on you, along with why we are holding the data. Once received, we will respond within 30 days. There are no fees for the first request but further requests or requests which are manifestly unfounded or excessive could be subject to an administrative fee.

The right for your data to be accurate and kept up to date. If any personal information we hold about you needs to be corrected or updated, please let us know.

The right to have your personal data erased. If you would prefer that we no longer hold and use your personal data, or believe we are unlawfully using it, you can request that it is erased. We will confirm when it is deleted or if it cannot be deleted and the reason why (for example compliance with legal obligations).

The right to object to the processing of your personal data. You have the right to ask that we stop processing your personal data, or alternatively to ask us to restrict processing of it. We will contact you to let you know that we will comply or if we are legally obliged to continue processing your data.

The right to withdraw consent. You can withdraw your consent to the processing of your data at any time by emailing, phoning or writing to us.

The right to data portability. You have the right to request that we transfer your data to another controller. Providing this is feasible, we will do so within 30 days.

The right to complain. If you believe there is an issue with how we handle your personal data, you have a right to complain to the ICO.

Please note to access your data, have it amended, corrected or erased, evidence of your identity will be required (a certified photocopy of your passport or driving licence plus an original copy of a recent utility bill). Similarly, confirmation of your identity will be required if objecting to the processing of your personal data.

Protecting your data

We are committed to ensuring the information collected is secure. Suitable electronic, physical and managerial procedures have been put in place to prevent unauthorised access or disclosure.

Information provided is stored on secure servers.

All financial transactions are handled through our payment services providers, Sagepay and PayPal who use the latest most secure technology. We do not hold a copy of any debit or credit card information.

When you place an order, make payment or access your account, we use Secured Socket Layer (SSL) encryption, which encrypts your information before it is sent to us to protect it from unauthorised access.

You are responsible for keeping your password and user details confidential.

Further data processing

If we intend to use your personal data for a new purpose, not notified above, we will provide a new notice and wherever necessary seek your consent prior to the new processing.

Links to external websites

Our website may contain links allowing you to visit other websites. However, you should note that we do not have any control over these other sites. If a link is used, such websites are not governed by this privacy policy and we cannot be held responsible for the privacy and protection of information you provide while visiting these sites.

Policy Updates

Hurn & Hurn may change this policy from time to time. Any changes will be found on this page. This policy is effective from 15 May 2018.