Privacy Policy

Date: 24/05/2018

I.C.O Registration Ref: Z8065643

Principle place of business: 1-3 Fishergate, Boroughbridge, York, YO51 9AL


Information Collection and Use

G Craggs Ltd is the sole owner of the information collected on this site. We will not sell, share, or rent this information to others in ways different from what is disclosed in this statement. G Craggs collects information from our users at several different points on our website. This includes when you send us a contact form or create an account.



We request information from the user on our order form. Here a user must provide contact information (like name and delivery address). This information is used for invoicing purposes and to fulfil customer’s orders. If we have trouble processing an order, this contact information is used to get in touch with the user. 



A cookie is a piece of data stored on the user’s device containing information about the user. Usage of a cookie is in no way linked to any personally identifiable information while on our site. Once the user closes their browser, the cookie simply terminates.



We do not share aggregated demographic information with our partners and advertisers. 



This website may contain links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects personally identifiable information. This privacy statement applies solely to information collected by this Website.



In compliance with UK Data Protection Legislation and the new General Data Protection Regulations, this website takes every precaution to protect our user’s information. When users submit sensitive information via the website, your information is protected both online and off-line. When our payment page asks users to enter sensitive information (such as credit card number), that information is encrypted and is protected by encryption software used by SagePay. We do not store credit card details on our servers these are processed directly by the credit card processing company Yorkshire Payments LTD on their secure payment system. All of our user’s information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, our invoicing manager or a customer service representative) are granted access to personally identifiable information. Finally, the servers that we store personally identifiable information on are kept in a secure environment used by police forces and the NHS.



Users who buy a product from us, but don't want any future marketing material, can keep their email address off of our mailing lists by emailing us at

Notification of Changes

If we decide to change our privacy policy, we will post those changes on our Homepage so our users are always aware of what information we collect, how we use it, and under circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.


General Data Protection Regulations (GDPR)

As of the 25th May 2018 new regulations have been introduced to give you, as the consumer, more control over how and why businesses hold your data. We have therefore made changes to our customer system to allow the following requests to be made:


Right to Be Informed

When we collect your personal information for the first time, whilst you are placing an order, we will ask you if you consent to marketing from G. Craggs, individually for SMS, Phone, Mail and Email.


Right to Access 

Our customers have the right to access any personal information we are holding. This can be exported for you in .csv format. Please note you will need the following proof of identity for this request: Bank statement, drivers licence, passport, tenancy agreement, tv licence, utility bill. 


Right to Rectification

Customers have the right to have incorrect or incomplete persona data rectified or completed. Please note we can not change delivery information on open orders for security reasons.


Right to Erasure

GDPR includes the right for an individual to have their personal data erased on request. Customer’s personal information will automatically be anonymised exactly seven years from the sales invoice creation date. This process removes all personal data from the sales invoice, meaning in order to request order information after seven years, the customer must know their unique customer ID number (e.g CABB12345 or CARP12345).

Customers now also have the right to have their personal data deleted at any time before seven years have elapsed. Please note you will need the following proof of identity for this request: Bank statement, drivers licence, passport, tenancy agreement, tv licence, utility bill.


Right to Data Portability

This gives our customers the right to obtain and reuse their personal information across different services. We can upon request export any personal data we are holding on you via a .csv spreadsheet format. 




In order to be able to offer you Klarna’s payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you.


General information on Klarna you can find here. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarna’s privacy policy.