Privacy policy


Who we are

The website at is the online shop for ‘Twelve Nunns’, a specialist mail order plant business.

What personal data we collect and why we collect it

We collect information about you during the checkout process on our store. While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and delivery
  • Delivery address: we’ll ask you to enter this so we can, for instance, estimate delivery before you place an order, and send you the order

We’ll also use cookies to keep track of shopping basket contents while you’re browsing our site. Please see more information on our cookie usage below.

When you purchase from us, we’ll ask you to provide information including your name, billing address, delivery address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them
  • If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. Please see ‘How long we retain your data’ for details of our data retention periods.


Our website uses cookies, as almost all websites do, to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites

Our cookies help us:

  • Make our website work as you’d expect
  • Save you having to login every time you visit the site
  • Remember your settings during and between visits
  • Improve the speed/security of the site
  • Continuously improve our website for you
  • Make our marketing more efficient (ultimately helping us to offer the service we do at the price we do)

We do not use cookies to:

  • Collect any personally identifiable information (without your express permission)
  • Collect any sensitive information (without your express permission)
  • Pass data to advertising networks
  • Pass personally identifiable data to third parties
  • Pay sales commissions

You can learn more about all the cookies we use below.

Granting us permission to use cookies

If the settings on your software that you are using to view this website (your browser) are adjusted to accept cookies we take this, and your continued use of our website, to mean that you are fine with this. Should you wish to remove or not use cookies from our site you can learn how to do this below, however doing so will likely mean that our site will not work as you would expect.

Our own cookies

We use cookies to make our website work including:

  • Making our shopping basket and checkout work
  • Determining if you are logged in or not
  • Remembering your search settings
  • Allowing you to add comments to our site

There is no way to prevent these cookies being set other than to not use our site.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Third party functions

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Anonymous Visitor Statistics Cookies

We use cookies to compile visitor statistics such as how many people have visited our website, what type of technology they are using (e.g. Mac or Windows which helps to identify when our site isn’t working as it should for particular technologies), how long they spend on the site, what pages they look at etc. This helps us to continuously improve our website. These so called “analytics” programs also tell us if, on an anonymous basis, how people reached this site (e.g. from a search engine) and whether they have been here before helping us to put more money into developing our services for you instead of marketing spend. We also use enhanced ecommerce tracking that allows us to see anonymous data about shopping activity, including product page views, adding and removing products from shopping carts, initiated, abandoned, and completed transactions.

Services we use:

  • Google Analytics – you can opt out of Google Analytics using this tool

Turning Cookies Off

You can usually switch cookies off by adjusting your browser settings to stop it from accepting cookies (Learn how here). Doing so however will likely limit the functionality of our’s and a large proportion of the world’s websites as cookies are a standard part of most modern websites

It may be that your concerns around cookies relate to so called “spyware”. Rather than switching off cookies in your browser you may find that anti-spyware software achieves the same objective by automatically deleting cookies considered to be invasive. Learn more about managing cookies with antispyware software.

Who we share your data with

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and delivery information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

We share information with third parties who help us provide our orders and store services to you:

CompanyRoleData accessPrivacy policy

Payment processor

Payment processor
Order & customer information
Order & customer information
EvriCourier serviceOrder & customer informationLink
Parcel2GoCourier serviceOrder & customer informationLink
Google AnalyticsWebsite analyticsAnonymous visitor data & shopping behaviourLink
MailchimpMarketing & transactional emailsOrder & customer informationLink
MailgunTransactional emailsOrder & customer informationLink
Supernova DesignWebsite administration & technical supportOrder & customer informationLink

How long we retain your data

Data typeRetention period
Inactive accounts2 years
Pending orders1 year
Failed orders1 month
Cancelled orders1 month
Completed orders3 years
Anonymous analytics data26 months

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.

You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

We send your data to the following services for the purpose of running the website and maintaining backups:

  • DigitalOcean (London) – Website hosting service
  • Amazon S3 (Europe) – Backup storage

Contact information

Any queries relating to this privacy policy can be addressed to

Additional information

How we protect your data

We have implemented a number of security measures to keep your data safe & private.

Our website is encrypted using SSL – this ensures all data moving between you and the website remains private. A firewall protects the website against a number of common web-based attacks as well as a large amount of attacks specifically targeted at the technology we use to run the website. We also block brute-force attacks that attempt to guess user passwords in order to gain access. To help prevent these sort of attacks all user accounts are required to have strong passwords, and we periodically review and if necessary reset passwords that are deemed to pose a security risk.

What data breach procedures we have in place

In the event of data being accessed by unauthorised parties, we will disclose information to affected users with details of the steps we’ve taken to address the issue, and measures to mitigate possible adverse effects. We will disclose details as soon as possible once we become aware of any data breach.