Privacy Policy


We recognise that your privacy is important and this policy aims to tell you, as clearly as we can, what we do with your data. So you can understand how, where and when we use it, how we store it and why we use it.

This policy covers all information gathered, whether through the use of this website, services rendered, when you contact us through our contact form or in any other way (e.g. Direct message through socials, e-mail etc), whether initiated by you or we get in touch.

This policy applies wherever you come to us from in the world but is guided and subject to English Law.

Who ‘we’ are

Our website address is: is controlled by ‘TO Account Limited’. Company Registration number 12597867. Whenever reference is made to ‘we’, ‘us’, ‘Tory Offord’, ‘our’ – collectively all refer back to the ultimate controlling party.

Should you wish to contact us, please do so at:


Letter to our registered office: 16 Kiddles, Yeovil, BA21 4EP.

What personal data we collect and why we collect it

We may collect, use & store different kinds of personal data about you such as follows:

  • Identity Data; first name, last name, username or similar identifier, title, date of birth and gender.
  • Contact Data; billing address, delivery or postal address, email address and contact numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Usage Data includes information about how you use our website, products and services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.


We may collect ‘Sensitive Data’ that refers to details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. If you have chosen to disclose it to us.

It is your duty to tell us if anything we have collected about you requires updating at any time.

Why we collect it

Both for legal and for the consented reason you give us data, we may use it to:

  • Send you information about your account and order.
  • Perform our contractual duties with you.
  • Respond to your requests, including transaction details and complaints.
  • Process payments and prevent fraud.
  • Comply with any legal obligations we have.
  • Improve our offerings.
  • Inform our marketing strategy and send you marketing messages, if you choose to receive them.
  • Location, IP address and browser type: we’ll use this for purposes like geolocating users, reducing fraudulent activities, estimating taxes and shipping if applicable.
  • To study how our customers use our products/services.
  • To keep our services up to date and relevant.


How is your personal data collected?

We use different methods to collect data from and about you including through:


You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you (where applicable):

  • Apply for our products or services;
  • Subscribe to our service or publications;
  • Request marketing to be sent to you;
  • Enter a competition, promotion or survey; or
  • Give us some feedback or contact us.

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here:  After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Please see separate Cookie Policy also, for more general information on our Cookies!

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content. We encourage you to view their own privacy policies upon visiting their site.


We use Google Analytics, their privacy policy can be found at:

Who we share your data with

Your data will only be shared for compliance with the regulatory aspects of our business if we are required to e.g., HMRC or if we are required by law.

Or in the normal course to allow us to do business with you e.g. Take payments through a third party.

We send email through Mailchimp. When processing emails, some of your data will be passed to Mailchimp, including information required to process or support the email marketing services, such as the name, email address and any other information that you intend to pass or collect including all collected information through subscription.

Please see the Mailchimp policy (who are part of ‘Intuit’ at:

Visitor comments may be checked through an automated spam detection service.

If we wish to share your data in any other respect we will ask for your consent to do so.

In such an instance we ask the third party to respect your data as we would and treat it in accordance with English Law.


Under the Privacy and Electronic Communications Regulations, we may send you marketing communications from us if (i) you made a purchase or asked for information from us about our goods or services or (ii) you agreed to receive marketing communications and in each case you have not opted out of receiving such communications since. You can still opt out of receiving marketing emails from us at any time.

How long we retain your data

Under English law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years for tax purposes. If you are not a customer we shall retain your data for 2 years following your last engagement with us.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

What rights you have over your data

Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.


If you wish to exercise any of the rights set out above, please contact us.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

How we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.
  • To keep you updated about our products and services where you have consented to this. We shall send this information to you by email.  You have the right to withdraw consent to marketing at any time by contacting us or by clicking on the ‘unsubscribe’ button in our emails.
How we protect your data

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

How often will we update this Privacy Policy?

We may update this Privacy Policy from time to time in order to reflect, for example, changes to the providers we use or for other operational, legal or regulatory reasons. Please therefore re-visit this Privacy Policy regularly to stay informed. The date at the bottom of this Privacy Policy indicates when it was last updated.

February 2022.