privacy notice & cookies
This Privacy Notice ("Privacy Notice") sets out how Raven's Haven Limited and Sarah Raven's Cutting Garden Limited process your personal data in connection with our website at www.sarahraven.com ("Site") and the services we each offer to our customers, including through our Site (together each of our "Services").
Unless expressly stated otherwise, any reference to "Sarah Raven" in this policy shall be deemed to include and refer to each of Raven's Haven Limited and Sarah Raven's Cutting Garden Limited.
Sarah Raven is committed to protecting your privacy. We will only use the information that we collect about you lawfully in accordance with the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 in addition to the General Data Protection Regulation ("UK GDPR") and/or the EU General Data Protection Regulation ("EU GDPR").
about us
Raven's Haven Limited(company no: 16540702) | Registered office:Perch Hill Farm, Brightling, Robertsbridge, England, TN32 5HP |
Sarah Raven's Cutting Garden Limited(company no: 03890637) | Registered office:Perch Hill Farm, Brightling, Robertsbridge, East Sussex, TN32 5HP |
For the purposes of the UK GDPR and/or the EU GDPR:
- Raven's Haven Limited and Sarah Raven's Cutting Garden Limited will be considered independent controllers of your personal data.
how to contact us
If you have any questions about this Privacy Notice or want to exercise your rights as data subject set out in this Privacy Notice, you can contact us as follows:
- Site - Contact us using out enquiry form found in the chat button on our Site
- Email - privacy@sarahraven.com
- Post - Perch Hill Farm, Brightling, Robertsbridge, England, TN32 5HP
why do we process your personal data?
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
Consent
In specific situations, we can collect and process your data with your consent.
When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.
Contractual obligations
In certain circumstances, we need your personal data to comply with our contractual obligations. For example, if you order an item from us for home delivery, we’ll collect your address details to deliver your purchase and pass them to our courier.
Legal compliance
If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity affecting Sarah Raven to law enforcement.
Legitimate interest
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, we will use your purchase history to send you or make available personalised offers. We also combine the shopping history of many customers to identify trends and ensure we can keep up with demand, or develop new products/services. We will also use your address details to send you direct marketing information by post, telling you about products and services that we think might interest you.
Below, we set out in detail why we collect your data and the lawful basis that we rely on for each processing activity.
who do we collect personal data about?
We collect and process personal data from the following people:
Site visitors
If you browse our Site or register an account on our Site, we will collect and process your personal data in connection with your interaction with us and our Site.
Customers
If you buy our Services, we may collect and process your personal data in connection with the supply of goods or services to you.
People who contact us with enquiries
If you contact us with an enquiry through our Site, submit a complaint through our Site or provide any feedback to us in our surveys and feedback forms, we will collect and process your personal data in connection with your interaction with us and our Site.
Visitors to Perch Hill
If you visit us at Perch Hill, we may process personal data that you volunteer in connection with your visit and any enquiries you make. CCTV footage may also be collected for security purposes.
Event attendees
If you attend one of our courses or events, we will process personal data about you in connection with your attendance. For example, we may ask you to complete a registration or feedback form, or other document relating to the course or event.
Job applicants
If you apply for a job with us, whether through our Site or otherwise, we will collect and process your personal data in connection with your application.
what personal data do we collect?
In providing our Site and Services, we may collect and process different types of personal data about you for different processing purposes. The types of personal data we collect depends on who you are and how you use our Site and Services and includes the following:
Identity Data | First name; last name. |
Contact Data | Delivery address; billing address; email address; telephone number or mobile number. |
Registration Data | First name; last name; email address; date of birth; country; company name; job title; password; contact preferences; any other personal data that you may provide when you register an account with us. |
Financial Data | Bank account details; payment card details. |
Transaction Data | Details about payments made between you and us; details of Services purchased from us; details of returns and complaints. |
Profile Data | Account username; password; profile picture or avatar; purchase/order details; interests and preferences; contact preferences; whether you have participated in any promotions or competitions; feedback and survey responses; the content of any messaging you send using any Enquiry Form or chat function on the Site. |
Behavioural Data | Data relating to your browsing activity or interaction with our emails, obtained through the use of cookies, pixel tags and other similar technologies; information about when your current or previous sessions started; details about any Services you viewed or purchased through the Site. |
Technical Data | IP address; browser type and operating system; geolocation, to ensure we’re showing you the correct notices and information; any other unique numbers assigned to a device. |
Marketing and Communications Data | Marketing preferences; service communication preferences. |
how and when do we collect your data?
We use your personal data for the purposes set out in this section. If we wish to make any changes to these purposes, or if we wish to use your personal data for any purpose that is not listed in this section, we will notify you using the contact details we hold for you.
Processing activity | Category of data processed | Legal basis for processing |
|---|---|---|
If you visit our Site and use your account to buy products and services | When you browse our Site, we collect and process Behavioural Data and Technical Data to help us understand how you are using and navigating our Site. We do this so that we can better understand which parts of our Site are more or less popular and improve the structure and navigation of our Site. | It is necessary for us to use your personal data to perform our obligations in accordance with any contract that we may have with you for the Services, or it is in our legitimate interest to use personal data in such a way to ensure that we provide access to our Site in a secure and effective way and so that we can make improvements to our Site. |
If you create an account on our Site | You may be required to register an account with us to gain access to certain features and functionality of our Site and/or to receive certain offers and benefits. Account applicants will need to complete the registration form, providing all required Registration Data. We will use this data in order to process your registration. | It is necessary for us to use your personal data to perform our obligations in accordance with any contract that we may have with you, or it is in our legitimate interest to use personal data in such a way to ensure that we provide access to the Site and our Services in a secure and effective way and so that we can make improvements to our Site. |
If you engage with us on social media | If you click on one of the social media links on our Site or otherwise interact with our social media pages such as on Meta or Instagram (including interacting with any ‘like’ or similar embedded features on our Site or social media accounts), we and the relevant social media platform may receive information relating to such interaction and may share your personal data in connection with this purpose, such as certain Behavioural Data and Technical Data. For more information about how we use this personal data, please see our Cookie policy below. | It is in our legitimate interest to use personal data in the ways described to ensure that we provide the Site in an effective way and to promote our Site via social media. |
If you contact us by any means with queries or complaints | There are various ways in which you are able to contact us. In particular, our Site features a chat button, which invites you to submit general enquiries about our Site via our Enquiry Form. From time to time, you may also be able to submit specific enquiries on other pages of our Site, including in secure account areas. | It is in our legitimate interest to use your personal data in the ways described to ensure that we are able to help you with your enquiry, provide a good standard of service and improve our customer services. |
If you enter prize draws or competitions | From time to time, we may run prize draws, prize competitions and other promotions on our Site and/or on our social media accounts. For the purposes of administering such promotions, we may process your Identity Data, Contact Data, Registration Data, Transaction Data, Profile Data, Behavioural Data and/or Technical Data and any other personal data volunteered by you in relation to your promotion entry. | It is necessary for us to use your personal data to perform our obligations in accordance with any contract that we may have with you (e.g. the promotion terms and conditions) or it is in our legitimate interest to use your personal data to enable us to administer our promotion fairly and effectively and to ensure that we comply with self-regulatory codes governing the operation of promotions. |
When you book to attend a course or event | From time to time, we may organise and host courses and events for the purpose of promoting our business or for other reasons. We may process your Identity Data and Contact Data to communicate with you about such events where you have specifically requested information about such events or where we have another lawful basis for sending that information to you. | It is necessary for us to use your personal data in this way to perform our obligations in accordance with any contract that we may have with you where you have signed up to attend an event, or it is in our legitimate interest or a third party’s legitimate interest to use personal data in such a way to ensure that the event is operated in an effective way. |
When you choose to complete any surveys we send you | From time to time, we will invite you to provide feedback about us, our Site and Services, in the form of online surveys. We will collect and process your Identity Data, Contact Data and, if applicable, certain Profile Data and Transaction Data, as well as any other personal data you choose to volunteer in your survey response or other feedback. | It is in our legitimate interest to use the personal data provided by you so that we can improve our Site and Services and provide them in an effective way. |
When you comment on or review our products and services | You may voluntarily provide feedback on our products and services via email. | It is in our legitimate interest to use the personal data provided by you so that we can improve our Site and Services and provide them in an effective way. |
When you’ve given a third party permission to share with us the information they hold about you | When you give a third party permission to share the information they hold about you with us, we will collect and process your Identity Data (such as name, title), Contact Data (such as postal address, email address, telephone number) and, where relevant, Transaction Data or Preference Data (such as details of products or services you are interested in or have purchased from that third party). | We process this data where you have given your consent to that third party to share your information with us, and it is in our legitimate interests to use the information in this way so that we can understand your interests and provide you with relevant products, services and marketing. |
When you ask us to contact you when a specific product is back in stock | When a product is out of stock, you may request via our website that we contact you if that product is back in stock. To do so, we may collect and process Identity Data and Contact Data. | It is in our legitimate interests to use your personal data in this way so that we can respond to your request and let you know when the product you are interested in is back in stock. |
When you place an item in your basket | When you place an item in your basket we may have the ability to retain some of your information, even if you don’t complete your registration. Such contact Data and, if applicable, Profile Data and Behavioural Data may be used to contact you to enquire why you did not complete your registration/transaction, i.e. an abandoned basket email. | It is in our legitimate interest to use the personal data in the way described so we can send you a reminder that you have not completed your order. |
how we protect your data
We know how much data security matters to all our customers. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. We have implemented information security policies, rules and technical measures to protect the personal data under our control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. The following list contains examples of how we maintain the confidentiality and security of your personal data:
- We secure access to all transactional areas of our websites and apps using ‘https’ technology.
- Access to your personal data is password-protected, and sensitive data such as payment card information is secured and tokenised to ensure it is protected.
- We use the latest secure server technology to ensure all information is protected to the highest standards.
- We use encryption to safeguard your credit card information and only accept orders from web browsers that permit communication through Transport Layer security Layer (TSL) technology - this means you cannot inadvertently place an order through an unsecured connection.
how long will we keep your personal data?
Whenever we keep your personal data we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of the retention period your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
your mailing preferences
We want to give you the best possible customer experience. One way to achieve that is to get the richest picture we can of who you are by combining the data we have about you.
We then use this to offer you promotions, products and services that are most likely to interest you.
It is in our legitimate interest to do this as it allows us to understand our customers and provide the highest levels of service.
There are several ways you can stop or start direct marketing email communications from us:
- Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails. This will take you to a dedicated page, where you will have the option to either:
- Fully unsubscribe from our direct marketing email database. We will then stop any further marketing emails
- Reduce the number of marketing emails you receive from Sarah Raven to one a month. If you select this option, please note that you may still receive transactional or automated emails from Sarah Raven more frequently if you take certain qualifying actions, such as making a purchase
- If you have an account, log in into your account, visit the ‘My Account’ area and change your preferences. Please be aware that you will not have the option to reduce your email frequency via your Sarah Raven Account: this option is only accessible via the email ‘unsubscribe’ link
- Email info@sarahraven.com
If you would like to stop or start receiving the Sarah Raven catalogue or other postal mailings:
- Email info@sarahraven.com
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated. If you change your mind at any point, that’s fine, just let us know through any of the methods above.
Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for.
who we may share your data with
We only share personal data with others when we are legally permitted to do so. When we share personal data with others, we put contractual arrangements and security mechanisms in place to protect the personal data shared and to comply with our data protection, confidentiality and security standards and obligations. We will never share your email address with anyone.
When processing your personal data, we may need to share it with third parties (including other entities within our group of companies), as set out below. At Sarah Raven, we select our partners carefully and require that they comply with high security standards for the protection of your personal data. This list is non-exhaustive and there may be circumstances where we need to share personal data with other third parties. If we need to share personal data with other third parties, we will inform you before doing so.
Companies who we work with in order to carry out our everyday business such as data bureaus, credit card, order processing, fulfilment and postal/courier companies. We also have a number of direct despatch suppliers.
- Companies who we may work closely with to provide our online service and the relevant marketing such as Big Commerce, Ometria, Trust Pilot, Ibehaviour, Sub2.
- Companies who we may work with on a short term basis to provide customers with special offers and other relevant promotions such as Radio Times, Riverford, River Cottage, Liz Earle and other similar companies. We will only do this if you have given consent for us to share your data with 3rd parties.
- We work with Epsilon Abacus (registered as Epsilon International UK Ltd), Sub2, Experian and Club Canvasse that manage prospect pools on behalf of UK retailers. This members–only club includes shops active in the clothing, collectables, food & wine, gardening, gadgets & entertainment, health & beauty, household goods, and home interiors categories. We all share information on what our customers buy and this information is analysed to help us understand your buying patterns. This helps us plan what we send you, based on what you like to buy. If you don’t want us to hold this information about you and you can change it at any time by updating your mailing preferences – see Mailing Preferences above for information on how to do this.
- When you first made contact with us you were asked if you were happy to receive mailings and offers from third party companies and charities whose products we thought might interest you. If you did not object at the time, but have now changed your mind and no longer want third party mailings, please email us at info@sarahraven.com. See Mailing Preferences above for further information.
- We may disclose your data with law enforcement or other government and regulatory agencies or third parties when this is required by the law of any jurisdiction to which Sarah Raven may be subject.
Statement regarding Epsilon Abacus
We work with Epsilon Abacus (registered as Epsilon International UK Ltd), a company that manages the Abacus Alliance on behalf of UK retailers and charities. The participating retailers are active in the clothing, collectables, food & wine, gardening, gadgets & entertainment, health & beauty, household goods, home interiors and travel categories. They share information on what their customers buy. Epsilon Abacus analyses this pooled information to help the retailers understand consumers’ wider buying patterns. From this information, retailers can tailor their communications, sending people suitable offers that should be of interest to them, based on what they like to buy.
Statement regarding Trustpilot
We work with Trustpilot, a company that manages our online reviews. A feedback request falls under the remit of market research rather than marketing communication. Provided you have given us your details as part of a transaction, we can contact you regarding a review as long as it’s directly related to that transaction. Trustpilot hold very little of your personal data. They can securely keep the review and associated data, but only for the purposes of replying to you in the event of a Subject Access Request.
your rights over your personal data
You have certain rights in relation to the personal data we hold about you. If you would like to exercise any of these rights, please contact us using the details set out in the "How to Contact Us" section.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
Your right of access | You have the right to request access to the personal data we hold about you, titled a "subject access request". To exercise this right, email info@sarahraven.com. Your request will be acknowledged upon receipt and we will respond within 30 working days. |
Your right to erasure | You have the right to request that all your personal data is deleted from our systems. To do this, email info@sarahraven.com. Your request will be acknowledged upon receipt and we will respond within 30 working days. Please note that, if you ask us to delete your data, we may still need to retain a minimal record of your request for administration purposes. |
Your right to rectification | You have the right to request the correction of your personal data when it is incorrect, out of date or incomplete. |
Your right to restrict processing | You can ask us to "block" or suppress the processing of your personal data in certain circumstances such as where you contest the accuracy of that personal data or you object to us processing it for a particular purpose. This may not mean that we will stop storing your personal data but, where we do keep it, we will tell you if we remove any restriction that we have placed on your personal data to stop us processing it further. If we’ve shared your personal data with others, we’ll let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal data with so that you can contact them directly. |
Your right to object | You can ask us to stop processing your personal data, and we will do so, if we are: (i) relying on our own or someone else’s legitimate interest to process your personal data, except if we can demonstrate compelling legal grounds for the processing; or (ii) processing your personal data for direct marketing purposes. |
Your right to withdraw consent | If we rely on your consent as our legal basis for processing your personal data, you have the right to change your mind at any time and withdraw that consent. Please see "Your Mailing Preferences" for further information on how to do this. |
Your right to lodge a complaint with the supervisory authority | If you have a concern about any aspect of our privacy practices, including the way we have handled your personal data, please contact us using the contact details provided in the "How to Contact Us" section above. |
our cookie policy
What are cookies?
Cookies are small pieces of information that are stored on your computer when you visit a website. Cookies are widely used by many different websites and do not harm your computer – instead they are used to analyse the way you use the internet, and can personalise websites to suit your preferences.
How does the Sarah Raven website use cookies?
We use cookies to improve your experience on our website and to provide extra functionality, such as our LiveChat. We also use cookies to understand how you interact with our website and what interests your about our website and what does not. Cookies, and similar technologies like pixels and tags, can also be used to provide you with personalised advertising tailored to your interests.
We may also use the services of third parties to collect and use anonymous information about your visits and interactions with our website through the use of cookies to personalise advertisements for goods and services. To learn more, or to opt-out of receiving online display advertisements tailored to your interests by our third party partners, visit the European Interactive Digital Advertising Alliance at http://youronlinechoices.eu/
If you opt out or disallow cookies you may still see online advertising from us, but the adverts may not be as personalised in terms of offers, products and interests.
What cookies are used on the Sarah Raven website?
When you visit our website, cookies are either set by us (first-party cookies) or by our business partners (third-party cookies). Third-party cookies are often set for advertising and marketing purposes, but may also be used to add extra functionality to the website. The cookies used on our website are categorised into four groups. These groups are:
Strictly Necessary Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems.
Analytics Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site.
Functional Cookies
These cookies enable the website to provide enhanced functionality and personalisation. If you do not allow these cookies then some or all of these services may not function properly.
Marketing Cookies
These cookies may be set through our site by our advertising partners. If you do not allow these cookies, you will experience less relevant advertising.
You can see a list of the cookies used on our website here.
How do I manage my cookies?
You can view or change your cookie preferences on our website at any time, simply click the 'Manage Cookies' button below. You can also view the list of cookies used on our website by clicking the 'View Cookie List' button.
You can also disable cookies by changing the cookie settings in your browser. The instructions for doing this are different for every browser. However, please be aware that blocking cookies in your browser may stop our website from functioning correctly and you may be unable to use our website for shopping purposes.
You can also disable cookies by changing the cookie settings in your browser. The instructions for doing this are different for every browser. However, please be aware that blocking cookies in your browser may stop our website from functioning correctly and you may be unable to use our website for shopping purposes.
external sites
Our website and emails may contain links to other websites of interest. However, once you have used these links to leave our website, we do not have control over that website. Therefore we cannot be responsible for the protection and privacy of your information whilst visiting such sites. Please exercise caution and read through their privacy statement in order to understand whether and how they will process data about your visit to their site.
We also use Youtube, Facebook, X (Twitter), TickTock, Instagram, Pinterest, LinkedIn, Google+ and WordPress. We cannot prevent these sites from collection information on your usage of this embedded content. If you are not logged in to these services, they may still gather anonymous information regarding your usage.
