Legal

Privacy Policy

How we collect, use, and protect your personal data. We take your privacy seriously and are committed to being transparent about what we do with your information.

Last updated: 10 March 2026

Who we are

About us.

House of Farrow Ltd is the data controller responsible for your personal data. Registered address: Merewood High Street, Wallcrouch, Wadhurst, TN5 7JT.

If you have any questions about how we handle your data, please contact us via our contact page.

What we collect

Personal data we collect.

We collect personal data when you interact with us through this website. This includes:

Contact form submissions: your name, email address, and the content of your message.

Email newsletter signup: your email address, submitted voluntarily to receive our weekly letter and episode notifications.

Membership and course purchases: your name, email address, and payment information (processed securely by Stripe — we do not store your card details).

Coaching applications: the information you provide in your application form, including your name, email, and details about your situation.

We do not collect data from children. Our services are intended for adults aged 18 and over.

How we use it

Purpose and legal basis.

We use your personal data for the following purposes:

To respond to your enquiries via the contact form (legal basis: legitimate interest).

To send you our newsletter and episode notifications, where you have opted in (legal basis: consent).

To process payments and provide access to memberships and courses (legal basis: contractual necessity).

To manage your coaching engagement (legal basis: contractual necessity).

To improve our website and services (legal basis: legitimate interest).

We will never sell your personal data to third parties. We will never share your data with anyone outside of the service providers listed below, unless required by law.

Third parties

Who we share data with.

We use the following trusted third-party services to operate House of Farrow. Each processes data on our behalf and under appropriate safeguards:

Vercel — website hosting and deployment.

Kit (formerly ConvertKit) — email newsletter management. Your email address is stored with Kit when you subscribe.

Stripe — payment processing for memberships and courses. Stripe handles all card data directly and is PCI DSS compliant.

Circle — community platform for The Collective membership. Your name and email are shared with Circle when you join.

We review our third-party processors regularly and only work with providers who meet appropriate data protection standards.

Cookies and analytics.

This website currently uses minimal cookies required for basic functionality.

We plan to implement Google Analytics 4 for understanding how visitors use our site. When active, this will use cookies to collect anonymised usage data. We will update this policy and our cookie policy accordingly.

For full details, see our cookie policy.

Your rights

Your data rights under GDPR.

Under the UK General Data Protection Regulation, you have the following rights:

The right to access — you can request a copy of the personal data we hold about you.

The right to rectification — you can ask us to correct inaccurate data.

The right to erasure — you can ask us to delete your data, subject to any legal obligations we may have to retain it.

The right to restrict processing — you can ask us to limit how we use your data.

The right to data portability — you can request your data in a commonly used format.

The right to object — you can object to our processing of your data where we rely on legitimate interest.

The right to withdraw consent — where we process data based on your consent (e.g. newsletter), you can withdraw at any time by unsubscribing or contacting us.

To exercise any of these rights, please contact us via our contact page. We aim to respond within 30 days.

Retention

How long we keep your data.

Contact form submissions: retained for up to 12 months, then deleted unless an ongoing relationship exists.

Email subscribers: retained until you unsubscribe. Upon unsubscribing, your data is removed from our mailing list.

Membership and purchase records: retained for as long as required for accounting and legal purposes (typically 6 years under HMRC requirements).

Coaching records: retained for the duration of the coaching relationship plus 6 years.

Security

How we protect your data.

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. This includes using encrypted connections (HTTPS), secure third-party processors, and limiting access to personal data to those who need it.

No method of transmission over the internet is completely secure. While we do our best to protect your data, we cannot guarantee absolute security.

Complaints

How to raise a concern.

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO). You can contact the ICO at ico.org.uk or by phone on 0303 123 1113.

We would appreciate the opportunity to address your concern directly first. Please contact us via our contact page.

Questions about your data? Get in touch.

Personal data we collect.