Athenbys Knitting Store Privacy Policy

Last Updated May 2018

This privacy policy sets out how Excelsior Data Design Ltd T/A Athenbys (hereafter referred to as Athenbys) uses and protects any information that you give Athenbys when you use this website and purchase knitting goods.

Athenbys is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

Athenbys may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 1 May 2018

This Privacy Statement, which applies whether you visit our website, use your mobile device or contact us over the telephone, provides you with information about:

  • what personal data we collect;
  • how we use the data we collect from you;
  • whether we will disclose your details to anyone else;
  • how we ensure your privacy is maintained;
  • your choices and rights regarding the personal data you provide to us; and
  • the use of cookies on our website.

We understand that there is a lot of information in this Statement, but we want you to be fully informed about your rights and how Excelsior Data Design Ltd T/A Athenbys uses and looks after your data


Athenbys may collect the following information about you:

  • your name, age/date of birth and gender;
  • your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and email address;
  • purchases and orders made by you;
  • your on-line browsing activities on the Athenbys website, including information gathered by use of cookies in your web browser;
  • your Athenbys password(s) (for security – these are kept in an encrypted format);
  • when you make a purchase or place an order with us, your payment card details or bank account details. If you provide us with your debit or credit card details, we will encrypt and record them so that you can save time and use them when you next order with us;
  • your communication and marketing preferences;
  • your interests, preferences, feedback and survey responses;
  • your geographical location;
  • your correspondence and communications with Athenbys, including recordings we may make when you contact our customer services; and
  • other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).

This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Statement. Some of the above personal data is collected directly, for example when you set up an on-line account on our website, send an email to our customer services team or enter a competition. Other personal data is collected indirectly, for example, from your browsing or shopping activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.

We also collect information about how you use our website or other content online, our mobile app and the device(s) you use to access our services. This includes collecting unique online identifiers such as IP addresses, which are numbers that can uniquely identify a specific computer or other network device on the internet. For more information, please see the “Cookies” section of this Statement on Athenbys use of cookies and similar technologies.

Our website is not intended for children and we do not knowingly collect data relating to children.


Athenbys may use the personal information that you provide or that is obtained by us for a number of purposes including the following:

To make our services available to you:

  • to register you with our website and to administer our website services;
  • to provide our goods and services to you and for associated purposes, including carrying out our obligations arising from any contracts entered into between you and us;
  • to process any orders you make with us, including contacting you if we have any queries regarding your order;
  • to respond to your queries, refund requests and complaints;

We need to process your personal data so that we can manage your customer accounts, provide you with the goods and services you want to buy and help you with any orders and refunds you may ask for. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service.

To contact and interact with you:

  • to contact you about our products, services, offers which we think may be of interest to you, subject always to your marketing preferences;
  • to contact you in relation to and to administer any prize draws, competitions or other promotions that you have entered or subscribed to;
  • to invite you to take part in and manage customer surveys, questionnaires and other market research activities carried out by Athenbys and by other organisations on our behalf, including contacting you for your feedback on our products and services, to enable us to review, develop and improve the products and services we offer. If you tell us that you do not want us to contact you for market research, we will respect this choice.

To manage and improve our services and operations:

  • to manage and improve our website and mobile apps, and to improve your browsing experience, by developing and improving the design and layout of our website and mobile apps, through analysis of your usage. We use cookies to improve your customer experience – for more about Cookies, please see the Cookies section below.
  • to help develop and improve our product range, services, information technology systems, know-how and the way we communicate with you. This allows us to serve you better as a customer.
  • to enable us to comply with any legal or regulatory requirements and in the detection and prevention of theft, fraud or other crimes.
  • to protect our business and your account from fraud and other illegal activities.
  • to send you communications required by law (for example, a product recall notice or legally required information relating to your order) or which are necessary to inform you about changes to the services we provide. These service messages will not include any promotional content and do not require prior consent. If we do not use your personal data for these purposes, we would be unable to comply with our legal obligations.

We may supplement the information that you provide to us with information we receive from third parties.

We strive to provide you with choices regarding certain personal data uses, particularly around marketing. If you choose to subscribe to our marketing programme, we may use your information to make decisions about you using computerised technology, for example, automatically selecting products or services which we think will interest you. We may keep you informed of such products and services (including special offers, discounts, offers, competitions and so on) by email, telephone or post. If you wish to amend your marketing preferences, you can do so by contacting our customer services team by emailing We won't send you marketing messages if you tell us not to but we will still need to send you occasional service-related messages.

Please be aware that if you choose not to share your personal data with us, or refuse certain contact permissions, we may not be able to provide some services you’ve asked for. For example, if you  withdraw your general consent to hear from us, we won’t be able to tell you about any of our great new product offerings, or whether a product you were interested in has come back into stock.


The law on data protection sets out a number of different reasons for which a company may collect and process your personal data. The basis for our processing of your personal information may vary depending on the different purposes set out in the section above. These include:

Contractual obligations: We will need your personal data to comply with our contractual obligations, which includes selling and supplying goods to our customers. For example, where you have placed an order from our website the basis of our processing your personal information will be to process your order and perform the sales order contract between us. We’ll need to collect your address details to deliver your purchase, and pass them to our supplier or courier.

Legal compliance: If the law requires us to, we may need to collect and process your data. For example, in the prevention or investigation of fraud, other criminal or anti-social activity affecting our business, we may pass on details to law enforcement agencies, or where we are complying with our legal and regulatory obligations.

Legitimate interests: In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, we may use your purchase history to send you or make available personalised offers, or to improve and develop our website and/or our services and products made available to you, or in promoting, marketing and advertising our products and services.

Consent: In specific situations, we can collect and process your data with your consent. For example, where you have registered to receive email notifications and/or promotional information from us the basis of our processing will be subject to your consent, which we will ask for and can be withdrawn by customers at any time.  Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.

We will communicate with you according to the preferences you set within your account. You may change your preferences at any time. This includes an automated soft opt-in setting based on your purchase history that is in accordance with the Privacy and Electronic Communications Regulations. Any elections you make in the Preference centre will override the soft opt-in settings.

When collecting your personal data, we will make clear to you which data is necessary in connection with a particular service.


We will share your personal information with third parties where required by law, where it is necessary to administer our agreement with you or where we have another legitimate interest in doing so.

Service providers and suppliers

We work with carefully selected and trusted service providers who carry out certain functions on our behalf. These include companies that help us with technology services, storing and combining data, taking and processing payments and delivering your orders. For example, we share your name, address and contact details with courier companies to enable them to deliver the goods you have ordered to you.

When you are using our secure online payment gateway, your purchase is processed by a third-party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions.

Please be assured that:

  • We only share personal data that enables our service providers to provide their services to us or to facilitate them providing their services to you.
  • All our third-party service providers and suppliers are required to take appropriate security measures to protect your personal information.
  • We do not allow our third-party service providers and suppliers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
  • If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.

We will not sell or rent your information to third parties.

What about other third parties?

We may share personal data with other organisations in the following circumstances:

  • if required to by law, under any code of practice by which we are bound or we are asked to do so by a public or regulatory authority such as the Police;
  • if we need to do so in order to exercise or protect our legal rights, systems and services (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk);
  • for debt collection with a debt collection agency (where appropriate);
  • with third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Statement; in response to requests from individuals (or their representatives) seeking to protect their legal rights;
  • for the administration of prize draws, competitions or promotions;
  • we will share your purchase and contact details when required to do so by a regulatory authority.

To help personalise and monitor your journey through our website we currently use third parties who will process your personal data as part of their contracts with us. These currently include:

Google Tag Manager             Google


We may also interact with you through social media sites such as Facebook, Twitter or Pinterest.


When you email our customer services: Any data you provide to customer services is retained in line with our retention policy.

When you email us: We will monitor any emails sent to us, including file attachments, for viruses or malicious software. 

When you place an order through our website: We use a third party provider, NamesCo, to record all information relevant to that order including name, address, email address and contact number.

When you complain to us: When we receive a complaint from a person we put together a file containing the details of the complaint which is entered into our Email application. This normally contains the identity of the complainant (and any other individuals who may be involved in the complaint). We will only use the personal information we collect to process and resolve the complaint and to check on the level of service we provide. We will keep personal information contained in complaint files in line with our retention policy.


We will keep your personal information for as long as necessary and consistent with the purpose for which you have given it to us, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will always retain your personal information in accordance with law and regulation and never retain your information for longer than is necessary.

At the end of that retention period, your data will either be deleted or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for business planning or statistical analysis. Where we anonymise data, we may use such information without further notice to you.

We will keep the personal data, including details of the product you purchase, which you provide to us when you place an order with us for six years so we can comply with our legal and contractual obligations, including the Consumer Rights Act 2015.


What is a cookie?                                                                                                   

A cookie is an element of data, which often contains a unique identifier that is sent to your computer, tablet or mobile phone web browser, which may then store it on your device’s hard drive. Cookies are used by us to provide you with a customised visitor experience and to make our services easier for you to use. For example, we use cookies to keep track of what you have in your basket and to remember you when you return to our website. To shop at Athenbys you will need to have all cookies enabled, though you can still use the Athenbys website for browsing or research purposes without all cookies being enabled.

Our cookies do not contain confidential information such as your home address, telephone number or credit card details. We do not exchange cookies with any third party websites or external data suppliers.

Your web browser also generates other information, including which language the site is displayed in, and your Internet Protocol address (IP address). An IP address is a set of numbers which is assigned to your computer during a browsing session whenever you log on to the Internet via your internet service provider or your network (if you access the Internet from, for example, a computer at work). Your IP address is automatically logged by our servers and used to collect traffic data about visitors to our website. We do not use your IP address to identify you personally.


You can rest assured that shopping online with Athenbys will be as safe and secure as shopping in a store. We have safeguards in place to prevent your personal information from being lost, stolen or damaged and to prevent cyber-attacks, phishing or other malicious activity.

How does Athenbys keep my personal information safe?

  • We require you to create a unique user name and password to sign into your Athenbys account. For tips on keeping your password secure, please see below.
  • We use up to date technology to provide you with reliable access to your account, and we have processes to back up all user data on a regular basis.
  • We use additional security to protect payment information – please see How secure is my payment information?
  • Before you enter any personal information or payment details, your browser will go into secure mode, protecting any information you input. 

How can I keep my password secure?

We do appreciate that remembering passwords can be tricky, but setting effective and secure passwords on all the sites you use is vital in combating possible fraudulent activity using your personal details.You can control the safety of your password. Here are some important things to keep in mind:

  • We will never ask you to disclose your password to us or anyone else, and you should not share it with anyone. For security, we store your password in an encrypted format.
  • We recommend that you change your account password periodically.
  • A strong password contains a mix of numbers, letters and symbols and should only be used for your Athenbys account. Avoid using obvious phrases like “password” or your name or phone number.
  • You should log out of our website when you use a computer you share with other people.
  • You can find useful guidance on how to secure your password, prevent online fraud and identity theft on many sites – for example the Google Safety Centre.

How secure is my payment information?

We realise how important it is to store securely any payment information that you provide. Our website uses high-level Secure Socket Layer (SSL) encryption technology. This technology prevents you from inadvertently revealing personal information when using an insecure connection. Encryption creates billions of code combinations to protect each transaction made on our website, so your card details cannot be viewed by anyone else using the internet. If you are using one of the more recent browser versions, our website supports 128 bit encryption.

We use Card Verification Value levels (CVV2) for “card not present” purchases. All online purchases therefore require this additional information to ensure that the person using the card has actual possession of it.

You can tell whether a web page is secure as ‘https’ will replace the ‘http’ at the front of the address in your browser address window. A small locked padlock will also appear at the bottom of your browser window.

Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Using an unsecured network in a public place can be risky as unauthorised people may try to intercept anything you're doing online. We recommend you only connect to secure wireless networks that you trust, and to always be aware of the risks associated with using public WiFi.

If you experience any strange activity on your account or suspect that your account has been compromised, please contact our Customer Services team who will arrange to secure your account and then investigate your concerns.

We may occasionally send you emails, but we would never send an email asking for your personal information, security information or log in details, or direct you to a web page that asks for this information. If you receive an email that appears to be from Athenbys that you suspect is fraudulent, do not click on any links contained within the email or provide any credit card or log in details, but do let us know about it.

If you have any further concerns about security, please contact us.


Our website may contain links to and from the websites of social media networks, our commercial partners. If you follow a link to any of these websites, please note that they have their own privacy policies and are also likely to use cookies, and we therefore suggest you check these before you submit any personal information to these websites. They will govern the use of personal information you submit when visiting these websites, which may also be collected by cookies. We do not accept any responsibility or liability for the privacy practices of such third party websites, even if you access them from our website, and your use of such websites is at your own risk.


You have the right to:

  1. have access to the personal information we hold about you (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  2. have rectified any incomplete, inaccurate or out-of-date personal information that we hold about you;
  3. have personal information we hold about you erased from our systems;
  4. object to processing of your personal data;
  5. have the processing of your personal information restricted; and
  6. request the transfer of the personal information we hold about you to you or to another party.

Please note that these rights may only apply in certain circumstances. You may only request details about yourself and no other person.

You also have the right to withdraw consent at any time where we are relying on consent to process your personal data.

If you wish to exercise any of the rights set out above, please contact us.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

If you do contact us to exercise any of these rights we may ask you to verify your identity and to provide other details to help us to respond to your request. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We will only use this information in order to verify your identity.

Where you believe Athenbys have not taken their responsibilities seriously with regard to your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. Further information, including contact details, is available at


We may need to update this Privacy Statement and our Cookies Policy from time to time so you may wish to check occasionally to ensure you’re happy with any changes. We will mark each with the date of the most recent updates. If you do not agree to these changes, please do not continue to use this website or submit personal information to Athenbys. If material changes are made to either this  Privacy Statement or the Cookies Policy, for instance affecting how we would like to use your personal information, we will provide a more prominent notice (including, for certain services, email notification of Privacy Statement changes).


Athenbys ('we'/'us'/'our'), a limited company Excelsior Data Design Limited (trading as Athenbys), registered in England and Wales under company number: 02966581 having our registered office at 1 The Elms, Tushingham, Whitchurch, Shropshire SY13 4QS. Our VAT Number is: 625 4561 42


We hope that you have found this Privacy Statement helpful in setting out the way we look after and handle your personal data. If you have any questions about how Athenbys uses your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by any of the following means:

  • e-mail us at:;  or
  • write to us at: The Data Protection Manager, Athenbys, Unit 5 Hampton Heath Industrial Estate, Malpas, Shropshire SY14 8LU.

How do I change any details stored on

You can review, update, change or delete most information about yourself by going to the Athenbys ( website, entering in your login name and password. Once logged in, change any of the details shown and click 'My Account'. If you have any questions about how to change or update your information, you can contact our Customer Services team for help.

How can I get my name removed from the Athenbys mailing list?

If you have registered to receive information from us, you can remove your contact details from our list by updating your account online as detailed above or by contacting our Customer Services team. We’ll action your request as soon as we reasonably can.

If you receive communications from us and wish to opt out:

  • from email, please click the 'Unsubscribe' link on one of the emails, or
  • email the customer services team on

This Privacy Statement was most recently updated in May 2018