Privacy & Cookies

This privacy policy sets out how Elliotts Retailing Limited (Elliotts) uses and protects any information that you give Elliotts when you use this website. Elliotts is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

Elliotts may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 18th Dec 2018.


  • User privacy and data protection are human rights
  • We have a duty of care to the people within our data
  • Data is a liability, it should only be collected and processed when absolutely necessary
  • We loathe spam as much as you do!
  • We will never sell, rent or otherwise distribute or purposefully make public your personal information – that’s a promise


Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:

This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residences’ specific data protection and user privacy legislation you should contact our data protection officer (details of whom can be found in section 9.0) for clarification.


We only collect personal information data that is relevant to the purpose of our website. This information allows us to provide you with a customised and efficient experience. We collect the following types of information from our users:

3.1 Order Information Data

When ordering from this website your personal information, including your name, address, contact number, email address, credit card number, expiration date and security code is collected. This information is necessary to take payment for your order, assist us with identifying you, delivering your purchase and contacting you regarding your order.

Your debit or credit card details are verified and processed by our secure, reliable and fully PCI DSS compliant online payment processing gateway, stripe. All data is encrypted to ensure it cannot be read by anybody else. We consider stripe to be a third party data processor (see section 6.0 below). Please note we will never ask you for your payment information via email.

3.2 Account Details Data

When making a purchase, during checkout, you are given the option to create an account. Doing this will mean we store your personal information, including your name, address, contact number, email address and delivery addresses in our database. The details held in this account are manageable by you and can be updated (or deleted) at any time. Your account also keeps a record of any previous orders you have placed with us.

The password you use to login to your account is encrypted, meaning the version stored in our database is not saved as “plain text”. It is still important to choose a complicated password when setting up your online account as this is one of the best ways to protect your personal information.

3.3 Contact Form Data

If you choose to contact us via our contact form you will submit your personal information, including your name, contact number, email address and whatever message you choose to send. This information is sent securely using smtp to our email address. No information is stored in our website or database.

3.4 Site Visitation Tracking Data

Like most websites, this site uses Google Analytics (GA) to track user interaction. We do this to determine the number of people using our site, to better understand how they find and use our web pages and help us to build a better service.

Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this and they are considered as a third party data processor (see section 6.0 below).


A cookie is a small file which asks permission from your browser to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow websites to respond to you as an individual, but do not necessarily identify you personally.

4.1 Shopping Cart & Checkout

To enable the shopping cart and checkout functions on this website our e-commerce platform Woocommerce sets necessary and essential cookies in your browser, these are:

  • Your session ID – a unique alphanumeric data string
  • A unique cart identifier
  • Number of items in the cart, set once you’ve added some

The session ID & cart identifier help match your cart contents to your order all the way through checkout. It means that we can pass on the correct payment amounts and your personal details to our payment processor.

Without these cookies our website simply won’t work!

4.2 Payment Processing

Payments are processed by and secured by our partner, stripe. When landing on stripe’s secure checkout pages a session ID cookie is created by them to again match your cart contents to your order and enable completion of this final stage of checkout.

The cookie is again essential and our website won’t be able to correctly process your payment without it.

4.3 Google Analytics

To enable site visitation & user tracking on this website cookies are set by the Google Analytics (GA) service, using the analytics.js implementation of GA. These cookies allow GA to assign users with a unique ID and track visits to our site in our GA account. For full details on what cookies are being set you can visit the Google Analytics developer pages.

4.4 Disabling Cookies

You can manage the cookies stored on your computer, or turn them off completely, through your browser settings. Be aware that if you disable the functional cookies detailed above you WILL affect your browsing experience or even prevent you from adding things to your bag and checking out, both of which require cookies to be set in order to work.

All modern browsers will let you change your cookie settings to give you broad control over whether cookies can be set or not. For more information, visit the help section for the browser you use.

Here are a few of the most popular:

Cookie settings in Internet Explorer
Cookie settings in Firefox
Cookie settings in Chrome
Cookie settings in Safari


The connection your web browser has to our site is secured with an SSL certificate from Let’s Encrypt meaning any data transferred from our server to your browser (or from you to us) is encrypted and secure.


6.1 Personal Data Processors (3rd Party)

We use 2 main third parties to process personal data on our behalf, stripe & Google. These third parties have been carefully chosen and they comply with the legislation set out in section 2.0.


Any unlawful data breach of this website’s database or the database(s) of any of our third party data processors will be reported to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.


8.1 Data Handling

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. You may request details of personal information which we hold about you, if you would like a copy of the information held on you please contact us. You may also request that we delete or anonymise any data we hold about you, if you would like us to do this, please contact us.

8.2 Data Controller

The data controller of this website is: Elliotts

Whose operating office is:

44-46 High Street, Lymington Hampshire, SO41 9YS

8.3 Data Protection Officer

Neil Welker


This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.

9.1 Change Log

31st January 2019 – policy instigated