Crafty Baba


32 St Peters Street, Ipswich, Suffolk

Facebook blue small Pinterest circle red small Twitter blue small untitled-1_151

Crafty Baba

Privacy Policy

This policy explains the way that we collect, use and protect your data as well as your choices with regard to your data.


We’ve tried to be as clear as we can be and to avoid unnecessary jargon, while including all the relevant information – but please do contact us at if anything doesn’t make sense or needs expanding on. Because, by necessity, this is a long document and because we’re all pressed for time, we've summarised the key points – you can click on each one to get more detailed information. Please do read the whole thing if you can.



Our aims and duty of care

We recognise our duty of care with regards to your data and will always endeavour to do the right thing with the personal data you choose to share with us, including: not compromising your anonymity; protecting your privacy; storing your data securely and giving you control over your own data.


Your data - what we store and why

We store any enquiries you’ve made, your email address and phone number if given. For registered members we also store username, password and email address.


We store your email address to register you and contact you (if you have asked for email newsletters).


Your permissions and choices

You can change your data and your email preferences stored with us at any time by contacting us at


How long is your data held


Any personal data you give us, or that we collect when you use the website, make a purchase or a booking, will be retained by us for as long as it’s needed to perform its function. Registration data is held permanently unless you inform us otherwise. There’s no one-size-fits-all time limit, but we regularly review the data we hold to ensure it is still necessary.


Where is your data stored


Your data is stored by us on Google Clud services with password protection. Unless you have turned cookies off, some data technology companies (such as Google) store your cookies; they do not have access to any personal information about you beyond your browsing habits.


If there are obvious safeguarding reasons, or if we are contacted by the police about a possible breach of the law, we may share your personal information with public authorities without your permission. If we are compelled to do so by a court order, we will share your personal data to the extent specified in the order. That is unlikely to happen so we wouldn't stress about this one.



Complying with the law and best practice around data


The way we store and process data is compliant with the UK 1998 Data Protection Act, the 2018 EU General Data Protection Regulation (GDPR), and other relevant pieces of legislation. We always aim to comply both with the spirit as well as the letter of the law and to be responsible with your data.


If our data is compromised


If our security is breached, our data is compromised or if we fail to comply with the law, we will tell affected users as soon as we become aware of the failure. We will report any data breach to the Information Commissioner and, if appropriate, the police, in a timely fashion.




Further updates will be noted here as and when they are made.