Privacy & Cookies Policy

By choosing to shop with the Melbury & Appleton you have placed a great deal of trust in us and we promise you that we have always been and will continue to be committed to ensuring that your privacy is protected. You share and let us use personal information to enable you to enjoy a more streamlined and convenient shopping experience on our website.

This Privacy & Cookies Policy explains how we will use the personal information you give us. It explains your data protection rights, including how you can opt-out of some uses of your personal information. We hope the following sections will answer any questions you have but if not, please do get in touch with us.

This Privacy & Cookies Policy applies if you use any of our products and services. This policy also applies if you contact us or we contact you about our services, whether by telephone, email or via third party digital platforms (including websites or social media platforms).

Policy last updated on 24th May 2018.

1. Who We Are and What We Collect
2. How We Use Your Personal Information
3. When We Share Your Personal Information
4. Security, Data Retention and International Data Transfer
5. Your Choices and Rights
6. Cookies and Similar Technologies
7. Updates and How to Contact Us

8. How To Complain

1. Who We Are and What We Collect

This section details the types of personal data we collect and who we are. We collect information from you when you visit and browse our website, register for our services, make purchases using our services, participate in prize draws and competitions, and when you communicate with us.

At times we also receive information from third parties to help us better understand our customers. However, this Privacy & Cookies Policy does not cover any third-party websites, apps or services you use or access from our website or services.

1.1 Who We Are

When you shop with you submit your personal information to Thomas Peck Ltd. which is known as the data controller, as the website is 100% owned by Thomas Peck Ltd.

For simplicity throughout this privacy policy, ‘we’ and ‘us’ means Thomas Peck Ltd and its Melbury & Appleton brand.

We will treat all information submitted by you in accordance with the terms of this Privacy & Cookies Policy (as updated and amended from time to time) and in strict compliance with UK and EU data protection legislation. We respect your privacy and will always work to keep your data safe and private.

1.2 Third-Party Apps, Websites and Services

If you use any third-party apps, websites or services to access our services, your usage is subject to the relevant third party's terms and conditions, cookies policy, and privacy policy. For example, if you interact with us on social media, your use is subject to the terms and conditions and privacy policies of the relevant social media platform (Facebook, Google, Twitter etc). The same stands if you use third-party services, as your use of the service is subject to their applicable terms and conditions. We may be required to share customer information relating to transactions and use of such third party services with that third party, as described in more detail within this Privacy & Cookies Policy.

1.3 What We Collect

The information we gather from customers through our website, products and services, or receive in any other way, helps us to improve the goods and services we offer. This includes tailoring the information we share with you to help to ensure that it's relevant, useful and timely.

We gather that useful information in several key ways:

a) When you place an order with us, we ask for information such as your name, email address, billing and delivery address, telephone number. We require this information to understand your needs and provide you with a better service, in particular for the following reasons:

b) You will be asked for your debit or credit card details in order to process your payment. However this information is not entered into our website and we do not see or store it. Our Payment Service Provider is Sage Pay, the largest independent payment service provider (PSP) in the UK and Ireland. Sage Pay provides a secure payment gateway (Level 1 PCI DSS), processing payments for thousands of online businesses, including ours. It is Sage Pay’s utmost priority to ensure that transaction data is handled in a safe and secure way. Sage Pay uses a range secure methods such as fraud screening, I.P address blocking and 3D secure. Once on the Sage Pay systems, all sensitive data is secured using the same internationally recognised 256-bit encryption standards.

c) We keep a record of electronic communications you receive from us. We also record interactions you have with our electronic communications. For example, whether an email has been opened and if you have clicked on any links within that email.

d) When we contact you or you take part in competitions, surveys or questionnaires about our products and services, we may collect your feedback and contributions. This includes direct messages you may send us through social media channels.

e) We keep a record of your purchases with us (for example, what you bought and when) and how you browse and engage with our website. This helps us to improve your experience, assist you more efficiently if you have any questions or concerns about your order, and promote certain products, services and offers.

f) We will keep a record of any email or “live chat” correspondence you send us. This helps us provide you with better customer service, and to improve the experience of our customers overall. Telephone messages you might leave for us will be stored for monitoring and quality control purposes.

g) When you visit and use our website, or when you interact with our adverts and content on third-party websites and social media platforms (such as Google or Facebook), we use cookies, other tracking technologies and third-party services so that we can better understand your online experience. This helps us to improve our services and offer a personalised experience. We may do this by recording the way you use, navigate, browse and search our website. For more information on our use of these technologies, see the Cookies and similar technologies section below.

2. How We Use Your Personal Information

We only ever use personal information as is necessary, to provide you with the services you request and expect, or to prevent the misuse of our services. We also use your personal information for our own legitimate interests. This allows us to improve our products, better understand customer preferences, and to market products or services you may like. With your consent, we may send you certain promotional communications we feel are relevant. We may also use your personal data to comply with law when required. All the information we collect through our website, products, services, and correspondence with you, is used by us to operate and improve the services we offer you. We will only use your personal information for:

2.1 Purposes Necessary To Fulfil A Contract with You.

That is:

2.2 Our legitimate interests

That is:

2.3 Purposes for which you have provided us with your consent.

That is:

2.4 Fulfilling our legal obligations.

That is:

3. When We Share Your Personal Information

We only share your personal data as required for the purposes set out in this Privacy & Cookies Policy to third parties who assist us with the provision of our services, to send related promotional communications to you, and to assist us in preventing the fraudulent use of our services.

Protecting information about our customers is very important to us. However, there are circumstances where it is necessary for us to share personal information, for example, to provide our customers with a delivery service. Whenever we use or disclose your information, we put in place measures to keep it secure. We make sure it is protected as far as reasonably possible.

The circumstances where we share some of your information with others are:

3.1 Third-Party Service Providers

We employ other companies or individuals and may work in partnership with selected third parties to perform any of the functions listed above (in "2. How We Use Your Personal Information") on our behalf. We only share information that allows them to provide their services to us or to facilitate them providing their services to you.

3.2 Business Transfer

If Melbury & Appleton or Thomas Peck Ltd is ever sold or its assets are purchased by another company it would typically be part of such a transaction for customer information to form part of the business assets being transferred. However, the information will remain subject to the obligations as outlined in this Privacy & Cookies Policy.

3.3 Research Companies

We may share personal details in a secure way to allow research companies and feedback providers to contact you directly on our behalf, in order to capture your opinions on our products and services and our website. We may ask these research companies to analyse the results so that we can better understand your online experience, which will help us to improve our services. We provide them with only the information they need to perform their function. This may take the form of a survey, where you may be asked to review a product or service you've bought.

3.4 Protection

We release account and other personal information when we believe release is appropriate to comply with the law, to enforce the Terms & Conditions, or to protect the rights, property or safety of the Thomas Peck Ltd, our employees or customers, our business partners or others. For example, we may engage agents including debt collection agencies to assist us to process elements of the orders you place with us, or who assist us in the service we provide to you. In these instances, we provide them with only the information they need to perform their function.

3.5 Fraud Prevention

Where we have reason to suspect fraud or any other criminal offence, we may share your data (such as your name, household information, details of failed payments and your orders placed with us) with crime prevention agencies and certain third parties for the purpose of detecting and preventing crime. Such third parties may include business partners, law enforcement bodies, providers of fraud prevention and detection services, and recipients of fraud prevention and detection services. If we think there is a risk of fraud, we may suspend activity on your account or refuse access to your account and/or cancel an order.

4. Security, Data Retention and International Data Transfer

We take the security of your personal information seriously and employ technical and organisational measures to protect the integrity and privacy of your personal information. We only retain your personal information for clearly established periods.

4.1 Our Security

Our website uses Secure Socket Layer (SSL) encryption technology to ensure that your information is protected. Our web pages will start with https and a padlock will be displayed in front of the web page name to show that we always encrypt the information that you send us.

We maintain and enforce physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your personal information. However, whilst we take appropriate technical and organisational measures to safeguard your personal data, please note that we cannot guarantee the security of any personal data that you transfer over the internet to us.

Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you, including in relation to a subject access request.

4.2 Payment Security

We are committed to ensuring the protection of your payment card details and are compliant with the Payment Card Industry's Data Security Standard (PCI-DSS). Payments made via our sites are processed and managed by specialist payment card companies which are not part of Thomas Peck Ltd. We can only access the last four digits of your payment card number, the card type and the card expiry date. The full payment card number is never stored on any of our systems and is only stored and processed by our payment card processing provider, Sage Pay.

Sage Pay use 3D Secure to provide additional fraud protection and to protect your payment card from unauthorised use. During the checkout process, you may be asked by 3D Secure to provide your Verified by Visa, Mastercard Secure Code or American Express Safe Key password.

4.3 Personal Security and Identity Fraud

Using public wifi networks can be risky, and hackers may try to capture your online transactions and personal details. You should only connect to networks that you trust. If you use a shared computer, make sure that you log out once you have finished using the website.

Criminals and fraudsters create authentic looking but false or "spoof" websites and send phishing emails to steal confidential information. These emails pretend to be from a legitimate company and try to trick a person into giving away their personal details (such as user names and passwords) so that security details can be updated or passwords changed.

We will never ask you to provide your personal details via email. If you receive an email like this that claims to be from us and contains an embedded link and a request for you to enter any personal details, treat it as suspicious and do not enter any personal information, even if the page appears legitimate. If you suspect that your account details are subject to such fraudulent activities, please let us know directly through our website.

4.4 Data Retention

We retain your personal information for as long as you are a customer and we need it in order to fulfil the purposes described above. After you stop being a customer, we may keep your data for a certain period of time, after which we take steps to delete your personal information or hold it in a form which no longer identifies you (as we may still need to use your data in an anonymised format for research and other business purposes).

We may keep your personal information for a number of reasons after you have stopped being a customer. This includes: to respond to any questions or complaints, for legal, regulatory or technical reasons, for research and analytics, to investigate fraudulent activities, and to show that we treated you fairly.

If you'd like to know more information about how long we keep your personal information, you'll find more details below.

4.5 Keeping your information

We will keep your personal information for as long as you are a customer of Thomas Peck Ltd and for a period of time afterwards if you stop doing so.

Here are our time periods for retaining customer information:

• Customers that have registered but never shopped: we keep your personal information for eight years after the date of first registration.

• Customers that have not shopped for an extended period of time: we keep your personal information for eight years after the date of your last shop.

• Customers who have asked for their accounts to be closed: we keep your personal information for eight years after the date your account was closed.

• Telephone Message: we delete message recordings after eight years unless we need the data to investigate fraud, to respond to questions or complaints or for legal reasons.

• Customer account notes: after eight years we delete notes made unless we need the data to investigate fraud, to respond to questions and complaints, or for legal reasons.

4.6 Sending information outside the European Economic Area

Our operations are based in the UK and the personal data that we collect from you is mainly processed, stored and used within the UK and other countries in the European Economic Area (EEA). However, in order to offer you the best service we can provide, we also work with service providers from other parts of the world. This means that the data we collect sometimes needs to be transferred, stored and used by companies operating outside the European Economic Area who work for us or one of our service providers. We want you to know that we have taken steps to ensure there is an appropriate level of security for the processing carried out in these countries, such that data is protected in the same way as if it was being used within the EEA.

You can find out more about the above data protection safeguards on the European Commission Justice website.

For more information on how we safeguard transfers of your personal information, please contact us at

5. Your Choices and Rights

You have certain rights in the information we hold about you, including the right to:

a) Object to our use of your personal information.

b) Request a copy of it, update it or to have it deleted.

These rights may be limited in some circumstances.

5.1 Requesting access to your personal data

You have the right to access a copy of the personal information we hold about you. You have the right to request that this information is provided in a machine readable format in the event that you wish it to be transferred to yourself.

5.2 What if you want us to stop using your personal information?

You can also object to certain processing activities which use your personal information, in particular where the processing is based on our legitimate interests. You can ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. You can also ask us to restrict the use of your personal information in certain circumstances. These rights are known as the right to erasure and the right to restrict processing. We will keep a note of your name if you ask for your personal data to be erased. You will also need to use a different email address if you decide to re-register as a customer with us as your old email address will no longer be valid.

There may be reasons why the above rights may be limited in some circumstances. For example, we can refuse to provide information if fulfilling your request would reveal personal information about another person, if you ask us to delete information which we are required to have by law, have compelling legitimate interests to keep, or need to access in order to exercise our legal obligations. In such situations, we would only use your information for these purposes and not use or share your information in other ways. We will always ensure your privacy is protected and data will always be retained in accordance with the Data retention section of this policy.

You may be unable to continue using our services if you require us to stop using your personal information, since this information is necessary for us to accurately fulfil and provide our services.

5.3 How to withdraw your consent

Where we have asked for your consent, you may withdraw consent at any time, but this will not affect any processing that has already taken place.

You can ask us to stop sending you marketing messages by contacting us at any time or you can opt out of receiving our marketing communications. This is an option when you place an order with us or at any time after that simply by doing one of the following:

a) Clicking on the unsubscribe link contained in marketing emails.

b) Emailing us at if you wish to opt out of any electronic marketing.

If you decide to opt out or unsubscribe it could take up to 72 hours to process the update through our systems. We may also ask you to confirm or update your marketing preferences, if there are changes in the law, regulation, or the structure of our business.

5.4 Letting us know if your personal information is incorrect

If the information we hold about you is wrong or incomplete, then let us know what needs updating and we'll correct it. This is your right. Email us at

6. Cookies and Similar Technologies

When you use our website we use our own and third-party cookies and similar technologies (such as pixels and tracking URLs) to identify your device. This enables us to personalise and improve your customer experience and, where appropriate, serve you relevant advertisements. All these technologies are together referred to in this policy as “cookies”.

Without certain cookies, it would be very difficult for a website to allow a visitor to fill up a shopping trolley.

6.1 How we use cookies?

Here are the types of cookies we use on our website, and the purposes for which they are used:

6.2 Managing cookies

If you do not want to allow cookies at all, or only want to allow use of certain cookies, please refer to your browser settings. You can also use your browser settings to withdraw your consent to our use of cookies at any time, and delete cookies that have already been set. Please note: by deleting certain cookies or disabling them for future use, you may not be able to access certain areas or features of our website. In some cases this can disable your ability to shop at all on any of our website.

To find out more about cookies please visit: or see which contains further information about behavioural advertising and online privacy.

To opt-out of Google Analytics for Display Advertising and customize Google Display Network ads please go to or Google Analytics' currently available opt-outs for the web.

7. Updates and How to Contact Us

If you have any questions about this Privacy & Cookies Policy, would like to make a complaint, or find out how we notify you of any changes to the Privacy & Cookies Policy, further details can be found in this section.

7.1 Updates and Changes to Our Privacy & Cookies Policy

You may change your personal information retained by us at any time. Simply email us at

We may change the terms of this Privacy & Cookies Policy from time to time and you should check it regularly. The date on which the Privacy & Cookies Policy was most recently amended will be displayed at the beginning of the policy.

7.2 Contact us

If you have questions about your personal information and our Privacy & Cookies Policy, or wish to exercise any of your rights described in this policy, please email us at:

8. How To Complain

If you are not satisfied with the way we have dealt with your concerns, you have the right to complain to the Information Commissioner's Office. Please go to to find out more or write to:

Information Commissioner's Office
Wycliffe House
Water Lane
Tel: 0303 123 1113