Your Basket

Your basket is empty

Discover our curated selection of artisan foods.

Legal

Privacy Policy

Last updated: 18 March 2026

This Privacy Policy explains how Gourmet Dried Ltd ("we", "us", "our") collects, uses, stores and protects your personal data when you visit our website at thegourmetdried.com or purchase our products. We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Our ICO registration number is ZB000000. If you have any questions about this policy, please contact us at [email protected].

1. Who We Are

The data controller responsible for your personal data is Gourmet Dried Ltd, registered in England and Wales, with our principal place of business at London, United Kingdom.

For all data protection enquiries, you may contact our Data Protection Officer at [email protected].

2. What Personal Data We Collect

We collect and process the following categories of personal data:

Category	Examples	Purpose
Identity Data	Name, username	Account creation, order processing
Contact Data	Email address, delivery address	Order fulfilment, customer communications
Transaction Data	Order history, payment references	Processing purchases, fraud prevention
Technical Data	IP address, browser type, device	Website security, analytics
Usage Data	Pages visited, products viewed	Improving our service
Marketing Data	Email preferences, newsletter opt-in	Sending promotional communications (with consent)

We do not collect or store any payment card data. All payment processing is handled securely by Stripe, Inc., which is PCI DSS Level 1 certified.

3. Legal Basis for Processing

We process your personal data under the following legal bases as defined by UK GDPR Article 6:

Contract (Art. 6(1)(b)): Processing necessary to fulfil your order, including delivery and customer service.
Legal Obligation (Art. 6(1)(c)): Processing required to comply with UK tax law, consumer protection regulations and fraud prevention obligations.
Legitimate Interests (Art. 6(1)(f)): Improving our website, preventing fraud, and maintaining the security of our systems.
Consent (Art. 6(1)(a)): Sending marketing emails and placing non-essential cookies. You may withdraw consent at any time.

4. How We Use Your Data

We use your personal data to:

Process and fulfil your orders, including arranging delivery and handling returns.
Send order confirmation and shipping notification emails.
Respond to your enquiries submitted via our Contact Us form.
Send marketing communications where you have provided consent (newsletter).
Comply with our legal and regulatory obligations under UK law.
Detect and prevent fraudulent transactions and abuse of our services.
Improve our website and product offering through anonymised analytics.

5. Data Sharing and Third Parties

We share your personal data only with trusted third parties who process it on our behalf under strict data processing agreements:

Third Party	Purpose	Location
Stripe, Inc.	Payment processing	USA (SCCs in place)
Royal Mail / DPD / DHL	Order delivery	UK
Resend, Inc.	Transactional email delivery	USA (SCCs in place)
Manus (hosting provider)	Website hosting and infrastructure	USA (SCCs in place)

We do not sell, rent or trade your personal data to any third party for their own marketing purposes.

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

Order and transaction data: 7 years (HMRC tax record requirements).
Account data: For the duration of your account, plus 2 years after last activity.
Marketing preferences: Until you withdraw consent or unsubscribe.
Contact form enquiries: 2 years from the date of enquiry.

7. Your Rights Under UK GDPR

You have the following rights in relation to your personal data:

Right of Access (Art. 15): Request a copy of the personal data we hold about you.
Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data.
Right to Erasure (Art. 17): Request deletion of your data ("right to be forgotten"), subject to legal retention obligations.
Right to Restrict Processing (Art. 18): Request that we limit how we use your data.
Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format.
Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent: Withdraw consent for marketing or non-essential cookies at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days as required by UK GDPR.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

8. Cookies

We use cookies and similar tracking technologies on our website. For full details of the cookies we use and how to manage your preferences, please see our Cookie Policy.

9. Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. These measures include SSL/TLS encryption, secure server infrastructure, and access controls. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Where required by law, we will seek your consent before implementing significant changes.

11. Contact Us

If you have any questions, concerns or requests regarding this Privacy Policy or our data processing practices, please contact us:

Gourmet Dried Ltd

London, United Kingdom

Email: [email protected]