Welcome to The Oldest Sweet Shop in England

Privacy Policy

Updated 24th May 2018


At the Oldest Sweet Shop we are committed to keeping your personal data safe and secure.

This privacy & cookies notice will inform you as to how we look after your personal data when you visit or purchase from our website www.oldestsweetshop.co.uk (the “Website”), regardless of where you visit it from, or when you deal with us over the telephone (whether to order a product or make an enquiry, or otherwise) and tell you about your privacy rights and how the law protects you.

Our Privacy Policy gives you detailed information on when and why we collect your personal information, how we intend to use it and how we keep it secure. This Policy also sets out your right in relation to your personal information. This Policy works in conjunction with our terms and conditions and only applies to the personal information that we obtain, not information that may be collected from your interactions with third parties

Oldest Sweet Shop is the controller and responsible for your personal data (collectively referred to as "Oldest Sweet Shop", "we", "us" or "our" in this privacy & cookies notice).  If you have any questions about this privacy & cookies notice, including any requests to exercise your legal rights (as detailed below), please contact us using the details below.

In this Policy the term "Data Protection Legislation" means the EU General Data Protection Regulation 2016/679 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 as may be amended or replaced; together with all other applicable legislation in force from time to time relating to privacy or data protection.

If you have any questions about our Privacy Policy please email enquiries@oldestsweetshop.co.uk



This privacy & cookies notice aims to give you information on how the Oldest Sweet Shop collects and processes your personal data through your use of our Website and/or contacting us over the telephone, including any data you may provide when you sign up to our newsletter, purchase a product or service or take part in a competition.

This Website is not intended for children and we do not knowingly collect data relating to children.

It’s important that you read this privacy & cookies notice together with any other privacy & cookies notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy & cookies notice supplements the other notices and is not intended to override them.


Contact Details

This Policy relates to the Oldest Sweet Shop, 39 High Street, Pateley Bridge, Harrogate, North Yorkshire, HG3 5JZ.

Email: enquiries@oldestsweetshop.co.uk

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.


Third-party links

This Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy & cookies notice of every website you visit.


How we collect your personal information

We collect your information at the point you decide to interact with us. This could include purchasing online, signing up for our email newsletter, over the telephone, or in person when you sign up in our store to receive information from Oldest Sweet Shop.

We collect your data when:

  • When you register for an account or use oldestsweetshop.co.uk
  • When you sign up for information in our store
  • When you contact the Oldest Sweet Shop by telephone or email
  • When you enter a prize draw or competition run by the Oldest Sweet Shop
  • When you complete a survey or give us feedback
  • When completing any forms for transactional, employment or other purposes
  • When you visit our website

The Data we collect

We are committed to only collecting information about you that is necessary to carry out our business, provide the particular products or services you’ve requested and to keep you up to date about all the latest news from the Oldest Sweet Shop

It’s your choice if you want to give us your personal information. However, if you decide not to, you may not be able to buy from our website, and you may not receive the optimal customer experience.

We may collect, use, store or transfer the following

  • Title
  • Name, Surname
  • Email address
  • Contact phone number
  • Purchase and transaction history and information (including details about payments to and from you and other details of products and services you have purchased from us)
  • Payment details (i.e.your bank name, account number and sort code, and your card’s security/CVV code. Don’t worry, we don’t see or keep these)
  • Delivery address(s)
  • Billing address
  • Automatically populated IP address*
  • Information from cookies**
  • Information about your phone or laptop (including your device type and, if you choose to share it with us, your location data) as well as how you use our website and app

*When you visit oldestsweetshop.co.uk the web server may automatically record your public internet protocol (IP) address used to connect your computer to the Internet.

** Like most websites, we also use cookies to help make the experience of using our website better and to personalise the service you receive from us. For more information please see our Cookie Policy.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.


How we use your Data and why

We like to get to know our customers and provide them with the best possible experience. We use information we collect about you in a number of ways, including to provide the products and services that you have requested, offering you a personalized experience and informing you about our special events and exciting news, so that we can offer the best possible experience. We will also contact you to give you assurance that your delivery is on its way or if we have a query about your delivery.

We are permitted by Data Protection Legislation to process your personal data in the way that we do because the processing is necessary:

  • for the performance of our contract to provide you with products or services you have purchased or in order to take steps at your request prior to you entering into that contract;
  • in order to comply with a legal obligation to which we are subject; or
  • for the purposes of the legitimate interests that we pursue; which are (i) to give you the best service/products; (ii) to optimise your customer experience and provide you with a safe, smooth, efficient, and customised experience; (iii) to run and administer our business; (iv) to discharge our legal obligations; (v) to prevent and detect fraud; and (vi) to evaluate, develop and improve our products and services.

We will make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

We have set out in more detail below the specific purposes for using your information and the legal basis we are relying on to process your information.


How we use your name & contact details


To deliver purchases to you

We want to ensure we can send your delivery to you. It's part of our contract with you.

To send you services messages by text, e-mail, such as order updates about your latest delivery.

This is part of our contract with you (so we can tell you when your order is coming).

To allow third party providers to update you about your delivery

This is part of our contract with you (so we can tell you when your order is coming).

To allow our third party providers to send you emails to review your order and let us know if you are happy with the service we’ve provided.

This allows us to monitor the quality of our products and service to optimise your customer experience and develop new products.

To send you marketing and communication information by email, SMS, or post, about our new products and services; or sending you catalogue and direct mail in the post with our latest products and news. If you’ve placed an order on our website, we want to make sure you keep up to date, so we’ll send you a email newsletter

We have a legitimate interest in keeping you up to date. and letting you know about products or services that you may like. If at any time you decide you don’t want to receive this information by one or all communication methods, you can opt out by emailing enquiries@oldestsweetshop.co.uk

For fraud prevention and detection.

To prevent and detect fraud against either you or the Oldest Sweet Shop – unfortunate, but absolutely essential.

To show you Oldest Sweet Shop adverts as you browse the web.

We want you to be able to see our latest products and deals.

To find out what you, and other customers, like.

To ensure we are giving you the products you want and to ensure we keep innovating.


How we use your payment and transaction information


To take payment, and give refunds.

We’ve got to do this to perform our contract with you.

To provide the products that you order to you.

We’ve got to do this to fulfil our contract with you.

For fraud prevention and detection.

To prevent and detect fraud against either you or the Oldest Sweet Shop.


How we use your contact history


To provide customer service and support.

We’ve got to do this to perform our contract with you. After all, we’re committed to 100% Happiness for all our customers.

To train our staff.

So that, when you contact us, you get the best possible customer service.


How we use your purchase history and saved items


To sell you our products.

If you can’t put products in your basket, we can’t sell it to you.

To send you a reminder of what products you’ve left in your basket but not yet bought.

We want to ensure you have the best customer experience and don’t want you to miss out on purchasing our products!

To provide customer service and support, and handle returns.

We’ve got to do this to perform our contract with you.

Finding out what you, and other customers, like.

To ensure we are giving you what you want, and to stay ahead of the competition. It also helps us to make suggestions and recommendations to you about products or services that may be of interest to you.


How we use information about your phone or laptop, and how you use our website and app


To improve our website and set default options for you

To give you the best possible experience.

To protect our website

To prevent and detect fraud against either you or the Oldest Sweet Shop – unfortunate, but absolutely essential — and to meet our legal obligations about looking after your data.

To look at how our customers use our website.

To ensure that the content on our website is presented in the most effective manner for you.


How we use your responses to surveys, competitions and promotions


To run the survey, competition or promotion.

We want you to have a chance of winning. If we can’t use your entry, you’ve no chance of winning.

To review and rate products you’ve reviewed.

We’ll listen to what you’ve told us in your review and use it to improve our services and products.


Sharing Your Information

Except as expressly set out in this Policy we will not sell, personal information to third parties, we will not sell any of your personal data to a third party unless we have your permission or are required by law to do so.

However we may share your data with some companies as an essential part of being able to provide our products and services to you

The following categories of recipients may receive your personal information and process it for the purposes outlined in this Policy:

  • Companies that are linked to when you make a purchase with us, like our payment service providers, delivery companies, IT and system administration services or other assistance to help us fulfil our orders.
  • Professional service providers, such as marketing agencies (mailchimp), advertising and website hosting businesses that help us to run our business.
  • Law enforcement and fraud prevention agencies, so that we can help tackle fraud.
  • Other business entities if we plan to merge with or be acquired by that business entity, or if we undergo a re-organisation with that entity; or if they become a successor in interest, in the event of a liquidation or administration of the Oldest Sweet Shop.


Will We Transfer Your Information Overseas?

Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries, which is accessible by clicking here.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries, which is accessible by clicking here.
  • Where we use providers based in the USA, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see the U.S. Department of Commerce’s EU-US Privacy Shield website (https://www.privacyshield.gov/welcome).

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.


How To Un-Subscribe from our Newsletter

We like to get to know our customers and provide them with the best possible experience. We may use your information to form a view on the products or services we think you would like, or that may be of interest to you.

You will receive marketing messages from us if you have requested information from us or purchased products or services from us and, in each case, you have not opted out of receiving that marketing. We may also market to you if we have received your express consent to do so including where we have collected your details in connection with a competition or other promotion and you have agreed to receive marketing from us.

You can stop receiving marketing messages from us at any time. Once you do this, we will update profile to ensure that you don’t receive further marketing messages. Note that stopping marketing messages will not prevent us from sending you service communications; so you will still receive order updates and delivery information.

You can unsubscribe in a number of ways.

If you do not wish to receive any further posted mailings from us, please email: enquiries@oldestsweetshop.co.uk. Please ensure you include your full name and address.

You can un-subscribe our newsletters and alerts, at any time by clicking the un-subscribe link that comes within every communication we have sent to you.


Data security

We are committed to keeping your information safe and we take your online security seriously. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal information transmitted to us or provided though the website and any transmission is at your own risk.


Keeping your information

We’ll hold on to your information in line with our customer retention policy. We only retain information for as long as it is required for the purposes set out above or as may be required to comply with a legal or regulatory obligation to which we are subject. If it is reasonably necessary or required to resolve a dispute, prevent fraud and abuse, or enforce our terms and conditions, we may keep hold of some of your information, even after it is no longer needed to provide products or services to you.


Your legal rights

You have a lot of rights relating to your personal information: And it is important to us that you understand what these rights are and how you can exercise them.

  • The right to be informed about how your personal information is being used (like the information contained in this Policy!)
  • The right to access the personal information we hold about you.
  • The right to request the correction of inaccurate personal information we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. You can update your information in the My Account Section of the website or email us at enquiries@oldestsweetshop.co.uk
  • The right to request that we delete your data, or stop processing it or collecting it, where there is no good reason for us continuing to process it or where we may have processed your information unlawfully or we are otherwise required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • The right to ask us to stop or start sending you direct marketing messages, which for electronic communications you can do by emailing us on enquiries@oldestsweetshop.co.uk. 
  • The right to withdraw consent to our processing of your personal data (to the extent we are relying on consent to process your personal data). If you withdraw your consent, we may not be able to provide certain products or services to you.
  • The right to request that we transfer or port elements of your data either to you or another service provider in certain circumstances.
  • The right to complain to your data protection regulator — in the UK, the Information Commissioner’s Office regulates and supervises the use of personal data-via their helpline on 03031231113.

If you want to exercise your rights, have a complaint, or just have questions, please contact us:

Email: enquiries@oldestsweetshop.co.uk

Write to: Oldest Sweet Shop, 39 High Street, Pateley Bridge, Harrogate, HG3 5JZ

What we may need from you:

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request in order to speed up our response.

Time limit to respond – Any request for access to a copy of your personal data must be in writing. We try to respond to all legitimate requests within one month in compliance with Data Protection Legislation. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.


Cookies Policy

We use cookies when you visit our website. A cookie is a small text file which we transfer to your hard drive through your web browser when you visit our website or open certain emails. It enables our own system to recognize you when you visit our website again and improve our services to you. The information can be used to enhance the content of our website and make your use of it easier. For more information about cookies please visit www.allaboutcookies.org.

There are four main types of cookies

  • Site functionality cookies – these cookies allow you to navigate the website and use our features, such as “Add to Basket” and “Save for Later”.
  • Website analytics cookies – these cookies allow us to measure and analyse how our customers use the website, to improve both its functionality and your shopping experience.
  • Customer preference cookies – when you are browsing or shopping on the Oldest Sweet Shop, these cookies will remember your preferences (your location, preferred store), so we can make your shopping experience as seamless as possible, and more personal to you.
  • Targeting or advertising cookies – these cookies are used to deliver ads relevant to you. They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns.

By using our website, you agree to us placing these sorts of cookies on your device and accessing them when you visit the website in the future. If you want to delete any cookies that are already on your computer, the “help” section in your browser should provide instructions on how to locate the file or directory that stores cookies.

Please note that by deleting or disabling future cookies, your user experience may be affected and you might not be able to take advantage of certain functions of our site, If you don't want to enable cookies you can still enjoy browsing our website, but you'll just have to visit our store in order to purchase.