Skip to content

Free UK Delivery Over £25

Legal

Privacy Policy

Last updated: February 2026

1. Introduction

House of Pegs (“we”, “us”, or “our”) is a trading name of The Barkworth & Hathaway Collection. We are committed to protecting and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy explains how we collect, use, store, and protect your personal data when you visit our website at houseofpegs.com (the “Site”) or purchase products from us.

2. Data Controller

The data controller responsible for your personal data is The Barkworth & Hathaway Collection. If you have any questions about this policy or our data practices, please contact us at hello@houseofpegs.com.

3. Data We Collect

We may collect and process the following personal data:

  • Identity data: Your name as provided during checkout or via our contact form.
  • Contact data: Your email address, delivery address, and telephone number (if provided).
  • Transaction data: Details of your purchases, order history, and payment information. Payment card data is processed securely by Stripe and is never stored on our servers.
  • Technical data: IP address, browser type and version, operating system, device type, time zone, and browsing actions on our site.
  • Marketing data: Your newsletter subscription preferences and communication opt-ins.

4. How We Use Your Data

We use your personal data for the following purposes:

  • Fulfilling orders: Processing your purchase, arranging delivery via Amazon Multi-Channel Fulfilment (MCF), and sending order confirmation and shipping notifications.
  • Customer service: Responding to your enquiries, managing returns, and resolving issues.
  • Marketing: Sending you newsletters and promotional communications where you have opted in. You may unsubscribe at any time.
  • Analytics: Understanding how visitors use our Site to improve the user experience.
  • Legal obligations: Complying with tax, accounting, and regulatory requirements.

5. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contractual necessity: To fulfil our contract with you when you place an order.
  • Consent: For marketing communications and non-essential cookies. You may withdraw consent at any time.
  • Legitimate interests: To improve our products and services, prevent fraud, and understand how our Site is used.
  • Legal obligation: To comply with UK tax and regulatory requirements.

6. Third-Party Services

We share your data with the following trusted third-party service providers, each of whom processes data in accordance with their own privacy policies:

  • Stripe: Processes payment card data securely. Stripe is PCI DSS Level 1 certified. We do not store your card details.
  • Amazon (Multi-Channel Fulfilment): Receives your name and delivery address to fulfil and ship your order from UK fulfilment centres.
  • Supabase: Provides our database and authentication infrastructure. Data is stored in secure, EU/UK data centres.
  • Vercel: Hosts our website. May process technical data such as IP addresses and request logs.
  • Google Analytics (GA4): Collects anonymised usage data to help us understand site traffic and user behaviour. Only active with your cookie consent.
  • Meta Pixel: Tracks anonymised conversion data for advertising purposes. Only active with your cookie consent.
  • Email service provider: We use a transactional email service to send order confirmations, shipping updates, and marketing emails.

7. Cookies

Our Site uses cookies and similar technologies. Essential cookies are necessary for the Site to function (e.g., shopping cart, session management). Analytics and marketing cookies (Google Analytics, Meta Pixel) are only activated after you provide consent via our cookie banner.

You can manage your cookie preferences at any time through our cookie settings or your browser settings. Blocking essential cookies may affect the functionality of the Site.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. Order data is retained for a minimum of 6 years to comply with UK tax and accounting requirements. Marketing data is retained until you unsubscribe. Technical and analytics data is retained for up to 26 months.

9. Your Rights

Under UK GDPR, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to restrict processing: Request that we limit how we use your data.
  • Right to data portability: Request a machine-readable copy of data you have provided to us.
  • Right to object: Object to processing based on legitimate interests, including direct marketing.

To exercise any of these rights, please email us at hello@houseofpegs.com. We will respond within one calendar month.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit (HTTPS/TLS), secure database access controls, and regular security reviews.

11. International Data Transfers

Some of our third-party service providers may process data outside the United Kingdom. Where this occurs, we ensure that appropriate safeguards are in place, such as the use of Standard Contractual Clauses (SCCs) or an adequacy decision by the UK government.

12. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated “last updated” date. We encourage you to review this policy periodically.

13. Complaints

If you have concerns about how we handle your data, please contact us first at hello@houseofpegs.com. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.