Privacy Policy

This Policy explains when and why we collect Personal Data about the people who visit Bromesberrow Estate and our website how we use such data, the conditions under which we may disclose it to others and how we keep it secure.

We may change this Policy from time to time so please check this page occasionally to ensure that you are happy with any changes. We will notify you of any material changes on how we use your Personal Data prior to implementing them. Notification of any such material change will be made by email or prominent notice on our website. By using our Platforms, you’re agreeing to be bound by this Policy.

Who are we?
We are Bromesberrow Estate (we or us), whose registered office is at Bromesberrow Place, Ledbury, HR8 1RZ. We are committed to protecting and respecting your privacy.

If you would like any more information or you have any comments about our Policy, please either write to us at Data Protection Representative, Bromesberrow Place, Ledbury, HR8 1RZ, or email us at

What Information We Collect
We will not process your Personal Data without your consent and, unless we tell you otherwise, consent will be the basis on which we process your Personal Data. We collect this information to supply you with products.


Your Rights

Subject Access Requests
You are entitled at any time to obtain information about all your Personal Data that we hold about you, in accordance with the Act. We may request proof of your identity before providing this information and may not be able to allow you to access certain Personal Data in some cases. For example, if your Personal Data is connected with Personal Data of other persons, or for legal reasons. In such cases we will provide you with an explanation why you cannot obtain this information. Please note there may be a small administration fee for the provision of the information requested.

If you would like access to the Personal Data that we hold about you, you can do this by emailing us at (or writing to us at the address stated above)

Your new rights under GDPR
Your rights were enhanced when the European General Data Protection Regulation (GDPR) came into force on 25th May 2018.
You now have the following rights:

  • to prevent automated decision-making and profiling;
  • a right to be forgotten and to have Personal Data erased;
  • a right to complain to the regulatory authority (Information Commissioners Office).

The types of Personal Data we collect
When you use or visit our Website, we may collect information from you. Some of it may be Personal Data.

To supply goods, we will require:
Name and address; Telephone number and email address.

When you give us Personal Data, you are telling us that the information is true, accurate, complete and current. You are also telling us that you have the authorisation to provide it to us.

How we collect your Personal Data
We collect your Personal Data:

  • Directly from you – For example, when you provide us with your Personal Data when you sign in to our Website.
  • From third parties – This can include when you log in using a third-party platform, such as Facebook.


Why we collect your Personal Data

Using your Personal Data
Personal Data about our customers is an important part of our business and we shall only use your Personal Data for the following purposes and shall not keep such Personal Data longer than is necessary to fulfil these purposes:

  • To provide you with the products you are purchasing
  • To display more relevant advertising and recommendations or suppress advertising and content that you might find irrelevant.

How we share your Personal Data
We will not share your Personal Data with third parties.

How we store and protect your Personal Data
Our servers and data centres are located in the European Union (EU).

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your Personal Data, we will use strict procedures and security features to try to prevent unauthorised access.

Please remember that communications over the internet, such as emails and webmails (messages sent through a website), are not secure unless they have been encrypted. Your communications may go through a number of countries before they are delivered – this is the nature of the internet. We cannot accept responsibility for any unauthorised access or loss of Personal Data that is beyond our control.

How long we keep your Personal Data
We will only keep your Personal Data for the purposes outlined in this Policy and when these purposes have expired, or are no longer relevant.