Privacy Policy

Privacy Policy

This privacy policy tells you how we look after your personal data when you visit our website and when we communicate with you, and explains your privacy rights and how the law protects you under the UK GDPR, the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR).

Our website is operated by Granny Eats Wolf Ltd (“We”). We are registered in England and Wales under company number 13915518 and have our registered office at Unit 302, 11 Meldola Yard, London, E9 5NW.

If you have any questions about this privacy policy or our privacy practices, please contact us on the following email: hello@grannyeatswolf.com

Purpose of Privacy Policy
The main reason we ask for your personal information (in most cases just your email address) is to perform a contract with you or to take steps at your request before entering into a contract, and to identify whether you would be interested in the further supply of services. We may also use your details to send you marketing communications where we are legally permitted to do so (see “Use of your Personal Data” and “Marketing and PECR” below). We may share this information with some third parties from time to time, as explained in this policy.

We also collect some other types of your data in the ways described in this policy.

Below we have aimed to set out information on how we collect and process your personal data through your use of this website, including any data you may provide through this website when you purchase a product or register an interest in purchasing a product from our website.

This website is not intended for children and we do not knowingly collect data relating to children.

Your Personal Data
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Contact Data including your email address and any other contact details you choose to provide.

  • Marketing and Communications Data including your preferences in receiving marketing from us and our third parties and your communication preferences.

  • Technical Data including browser type and version, time zone setting and location, browser plug‑in types and versions, operating system and platform, and other technology on the devices you use to access this website.

  • Usage Data including information about how you use our website, products and services.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

Use of your Personal Data
Most commonly, we will use your personal data in the following circumstances (each a lawful basis under UK GDPR):

  • Where it is necessary for the performance of a contract with you, or to take steps at your request before entering into a contract.

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Our legitimate interests include running our business, managing client relationships, improving our services and promoting our work.

  • Where we need to comply with a legal obligation.

  • Where you have given your consent, for example to receive certain types of marketing communications.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will obtain your consent where required by PECR before sending direct marketing communications to you via email or other electronic means, unless a “soft opt‑in” exemption applies. You have the right to withdraw consent to marketing at any time by contacting us or using the unsubscribe link in our messages.

Marketing and PECR

We may use your Contact Data and Marketing and Communications Data to send you information about our services and projects that we think may interest you.

  • We will only send electronic marketing communications (such as email newsletters) to individuals where we have your consent, or where PECR allows us to rely on the “soft opt‑in” (for example, where you are an existing client and we are marketing similar services and you have not opted out).

  • You can ask us to stop sending you marketing at any time by following the unsubscribe links in any marketing message or by contacting us at hello@grannyeatswolf.com.

  • Even if you opt out of marketing, we may still need to contact you for administrative or contractual purposes.

Cookies

This website uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app. For information about viewing the cookies dropped on your device, visit “The cookies Squarespace uses”.

These functional and required cookies are always used, which allow Squarespace, our hosting platform, to securely serve this website to you.

Analytics and performance cookies are used on this website only when you acknowledge our cookie banner or otherwise provide consent. These cookies help us to understand site traffic, activity, and other data. You can withdraw your consent for non‑essential cookies at any time through your browser settings or, where available, through our cookie banner preferences.

Website Visits

This website is hosted by Squarespace. Squarespace collects personal data when you visit this website, including:

  • Information about your browser, network and device

  • Web pages you visited prior to coming to this website

  • Web pages you view while on this website

  • Your IP address

Squarespace needs the data to run this website, and to protect and improve its platform and services. Squarespace analyses the data in a de‑personalised or aggregated form where possible. For more details, please see Squarespace’s own privacy notice.

Disclosures
We may share your personal data with:

  • Service providers and professional advisers who provide IT, hosting, analytics, email, marketing, legal, accounting or other support services to us.

  • External third parties where required by law, regulation or to protect our rights.

  • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third‑party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Currently, we do not knowingly transfer your personal data outside the UK. If we do so in future (for example, because a service provider stores data abroad), we will ensure that appropriate safeguards are in place in accordance with UK data protection law.

Data Security

We have put in place appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration or disclosure. We limit access to your personal data to those employees, freelancers, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator where we are legally required to do so.

Data Retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.

When deciding how long to keep data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process it, whether we can achieve those purposes through other means, and the applicable legal requirements. After the retention period ends, we will securely delete or anonymise your personal data.

Your Legal Rights

Under UK data protection law, you have the following rights in relation to your personal data (subject to certain conditions and exemptions):

  • The right to request access to your personal data (a “data subject access request”).

  • The right to request correction of the personal data that we hold about you.

  • The right to request erasure of your personal data.

  • The right to object to processing of your personal data where we are relying on legitimate interests.

  • The right to request restriction of processing of your personal data.

  • The right to request the transfer of your personal data to you or to a third party (data portability).

  • Where we rely on consent, the right to withdraw consent at any time.

If you wish to exercise any of these rights, please contact us at hello@grannyeatswolf.com. We will respond in accordance with our obligations under the UK GDPR and the Data Protection Act 2018.

Complaints
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Last Updated | Nov 2025