Charmed Cards & Crafts Craft Shop UK


Cookies & Privacy Notice

Charmed Cards & Crafts are committed to comply with the General Data Protection Regulation and the Data Protection Act 2018. Looking after the personal information you share with us is of utmost important to us, and we want you to be confident that your personal data is kept safely and securely and to understand how we use it.

Important Factors for your Security and Data Protection:

  • Charmed Cards & Crafts do not operate registered accounts. What this means is that no data is ever kept on the server, and none of your personal data is accessible externally. 

  • Charmed Cards & Crafts do not collect credit card details on our website. We are fully PCI DSS compliant, and all card payments are handled by Lloyds Cardnet via SagePay or PayPal. Transfer to both are sent via encrypted transmission using the very latest technology.

  • Mailing List is subscribers only. We do not send out annoying newsletters just because you have once placed an order with us.  Instead we have always operated a strict opt-in, opt-out mailing list, from which you can easily opt-out anytime you want to. Thus every single person on our mailing list is there because they want to be. You can rest assured that Charmed Cards & Crafts would never share your details with anyone else, your privacy is a top priority.

  • Site Security. Every single part of our website is protected by a secure socket layer; this means that is is extremely unlikely that any part of the page is intercepted between us and you, this security is attested by the secure sign in your browsers address bar, and also on our website on each page via the "GeoTrust" icon.   Our site is also monitored on a daily basis by "SiteLock" and the results is displayed on every page via the "SiteLock" icon. Both can be seen under the "Shop Securely" heading on each page.


The information we collect:

When you buy goods from us, you are entering into a contract with us. In order for us to get your products to you we will ask you to provide some personal information, which is;

  • full name
  • address (and shipping address) - Cardholders name and address is also checked to ensure it is indeed registered to the card you are using, for your protection.
  • contact numbers - in case we need to get in touch quickly about a problem with your order
  • email address - to send order, and shipping confirmations.


How do we use your information?

Data Protection says that we are allowed to use and share your personal data only where we have a proper reason to do so. The law says we must have one or more of these reasons and these are:

  • Contract - your personal information is processed in order to fulfil a contractual arrangement e.g. in order to send you your order.
  • Consent – where you agree to us using your information in this way.
  • Legitimate Interests - this means the interests of Charmed Cards & Crafts in managing our business to allow us to provide you with the best products and service in the most secure and appropriate way e.g. to notify you of order status updates (such as "shipped"); supply marketing communications such as new products, special offers and competitions etc, as well as providing the appropriate details to our delivery partners, e.g. Royal Mail, in order for them to deliver your parcel.
  • Legal Obligation – where there is statutory or other legal requirement to share the information e.g. when we have to share your information for law enforcement purposes.


Who we share your information with and why

  • Delivery Partners
    In order for you to receive your goods, Charmed Cards & Crafts works with a number of delivery partners. Again, we only pass limited information to them in order to ensure delivery of your items.
  • Mailing List:
    We work with EmailContact who help us manage our electronic communications with you. Again, only limited information is passed to them to ensure the delivery of email.
  • Payment processing
    Charmed Cards & Crafts works with trusted third party payment processing providers in order to securely take and manage payments, namely LLoyds Cardnet, Sagepay, and PayPal.


Your rights

You are entitled to request the following from Charmed Cards & Crafts, these are called your Data Subject Rights and there is more information on these on the Information Commissioners website

  • Right of access –to request access to your personal information and information about how we process it
  • Right to rectification –to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
  • Right to erasure (also known as the Right to be Forgotten) – to have your personal information erased.
  • Right to restriction of processing – to restrict processing of your personal information
  • Right to data portability - to electronically move, copy or transfer your personal information in a standard form
  • Right to object - to object to processing of your personal information

If you have any general questions about your rights or want to exercise your rights please contact us.

You have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed. The contact details for the Information Commissioner’s Office (ICO), the data protection regulator in the UK, are available on the ICO website where your personal information has or is being used in a way that you believe does not comply with data, however, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.



When you allow cookies to be activated it simply means that a small file is placed on your own device, containing information that will help you when you visit again, i.e. your name and address details could automatically be filled in for you because your own browser recognises the site via the cookies.

In a nutshell we use cookies:
  • To recognise the device that you are using.
  • To store the content of your online shopping bag whilst you browse the site and to complete an order.
  • To automatically fill your name and address details if you have ticked "remember me on this computer"
  • To check whether you have received our cookie notice, so that you only ever see it once.
  • For analytical purposes.

So what exactly are cookies?

First, and contrary to popular belief, cookies are NOT programs. They don’t do anything at all. They are simple ’text files’ which you can read using the Notebook program on your own PC. Typically, they contain two pieces of information: a site name and unique user ID.

When you visit a site that uses cookies for the first time, a cookie is downloaded onto your PC. The next time you visit that site, your PC checks to see if it has a cookie that is relevant (that is, one containing the site name) and sends the information contained in that cookie back to the site.

The site then ’knows’ that you have been there before, and in some cases, tailors what pops up on screen to take account of that fact. For instance, it can be helpful to vary content according to whether this is your first ever visit to a site – or your 71st.

Some cookies are more sophisticated. They might record how long you spend on each page on a site, what links you click, even your preferences for page layouts and colour schemes. They can also be used to store data on what is in your ‘shopping cart’, adding items as you click.

The possibilities are endless, and generally the role of cookies is beneficial, making your interaction with frequently-visited sites smoother - for no extra effort on your part. Without cookies, online shopping would be much harder.

Are cookies safe?

Yes. The information stored in cookies is safe and anonymous to any external third party, and your security is never compromised. You can find more information about cookies at and For a video about cookies visit



Lloyds Cardnet PCI DSS Compliance

BBC WebWise