Privacy Policy

Last updated 28th June 2023

This privacy policy explains how Flapjackery Ltd (‘we’) use personal information we collect from you.

Information we collect from you

When you purchase flapjacks from us we collect your name, address, email address and telephone number and also the name address, email address, and telephone number of the person receiving the flapjacks. This contractual data is held securely on our hosting company’s server. We also collect a debit or credit card number for payment via Paypal. This data is encrypted and held by Paypal only, who provide the payment system.

If you email us direct the email is kept securely for a maximum of one year and then securely deleted, unless required by law. If you email us via our website contact form, the contents are entered on a secure page and then encrypted before being sent to us, and a copy sent to the email address you gave us, securely. If you submit a review on our website, we ask for your name and email. This is so we can identify you have stayed with us. A copy is held on our hosting company’s server. We collect, and display reviews, submitted to Google on our website. Please refer to Google Privacy Policy: 

How we use the information we hold on you

We use your name and home address as part of the ordering process. We use your email address to send you confirmation of the order and details of the courier delivery. We use your telephone number to contact you in case of a problem with your order or a query.

How is your data stored?

All data you supply us is stored securely on our hosting company’s server. All card details are stored by Paypal, our PCI compliant payment system. Card details are erased automatically after your order has been dispatched. Neither we, nor Paypal will share your information with any third party unless there is a legal reason to do so.

If you use our website contact form, a record of your email is stored securely on the website and securely deleted after one year. We back up our website to an external secure server in a destination outside the European Economic Area (EEA) in which data protection laws may be of a lower standard than in the EAA. Regardless of location or whether the person is an employee or contractor, we will impost the same data protection safeguards that we deploy inside the EAA. All contact form information and reviews, submitted via our website, are accessible by our website manager. This information is used by the website manger as explained in this policy and is kept confidential and secure.


We send emails and newsletters to people with a legitimate interest in Flapjackery (either having placed an order or expressed an interest in our Flapjacks). The distribution list is managed by a secure third party, You may change your preferences or unsubscribe at any time at or by clicking the link in the email.

We use Hotjar in order to better understand our users' needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users' experience (eg how much time they spend on which pages, which links they choose to click, what users do and don't like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users' behavior and their devices device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.

For further details, please see the 'about Hotjar' section of Hotjar's support site .


We collect anonymous tracking information via Google Analytics, Google Webmaster Console and Bing to better understand how visitors use our website. This information is kept for 50 months. Please refer to our Cookie Policy for further information. Cookie Policy

Retaining personal information

We retain personal information about you for the period necessary to fulfil the purposes outlined in this policy, to meet contractual requirements and legal obligations. We review our retention periods for personal information on a regular basis. When your information is no longer required, we will ensure it is disposed of securely.

Data Security

No data transmission over the Internet can be guaranteed to be secure from intrusion. However, we maintain physical, electronic and procedural safeguards to protect your personal information in accordance with applicable data protection legislative requirements. We have put in places procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach as required by regulations.

Access to your information

You have a right of access to the information we hold on you, as well as the right to request we amend it or delete it, unless prohibited by law. This will be done within 30 days of the request. There is no charge to access, update or delete your information. You can contact us to request this by email: or by post to: Flapjackery Unit 8 Crelake Ind Est, Pixon Lane, Tavistock PL19 9AZ. If you receive our newsletter via MailChimp you can amend the information and marketing permissions as well as unsubscribe via the links contained in the bottom of the newsletter.