ONLINE SHOP TERMS & CONDITIONS

Age restriction
You must be of the legal age to purchase alcohol to order from us. In the UK it is illegal for any person under the age of 18 to buy or attempt to buy alcohol. It is also illegal to buy alcohol on behalf of anyone under the age of 18. If you are outside the UK the legal age varies in different countries, and we suggest that you should check that you are not breaking the law before ordering from us. We are not responsible if you break the law.

Prices
All prices quoted are in GB Pounds, and include UK VAT and Excise Duty. These are retail prices. For trade pricing and enquires please contact us.

SAVE £5 applies to Campfire Cask Aged Gin 70cl bottles and Campfire Cask Aged Gin Gift Set with two glasses. Must be purchased via the Puddingstone Distillery website using the coupon code at time of purchase or in the distillery shop. Coupon code cannot be applied retrospectively. Coupon code not required for the distillery shop. Campfire Cask Aged Gin refills in the distillery shop will have a £2 saving applied. Offer ends 31 March 2024.

FREE 5cl Campfire Cask Aged Gin will be added to any 70cl gin order placed via www.puddingstonedistillery.com whilst stocks last. One 5cl bottle per order.

Product information
Occasionally there may be information on our site or in the service that contains typographical errors, inaccuracies or omissions that may relate to product descriptions, pricing, promotions, offers, product shipping charges, transit times and availability. We reserve the right to change or update information without prior notice, including after you have submitted your order. We apologise in advance if this causes you any inconvenience. We accept no liability arising from these errors.

Data protection
Data Protection Legislation: (i) unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 1998.

Both parties will comply with all applicable requirements of the Data Protection Legislation. This requirement is in addition to, and does not relieve, remove or replace, a party’s obligations under the Data Protection Legislation.

The parties acknowledge that for the purposes of the Data Protection Legislation, the Customer is the data controller and the Provider is the data processor (where Data Controller and Data Processor have the meanings as defined in the Data Protection Legislation).

The Customer will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Personal Data to the Provider for the duration and purposes of this agreement.

The Provider shall, in relation to any Personal Data processed in connection with the performance by the Provider of its obligations under this agreement:

(a) Process that Personal Data only on the written instructions of the Customer unless the Provider is required by the laws of any member of the European Union or by the laws of the European Union applicable to the Provider to process Personal Data (Applicable Laws). Where the Provider is relying on laws of a member of the European Union or European Union law as the basis for processing Personal Data, the Provider shall promptly notify the Customer of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit the Provider from so notifying the Customer;

(b) ensure that it has in place appropriate technical and organisational measures, reviewed and approved by the Customer, to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it);

(c) ensure that all personnel who have access to and/or process Personal Data are obliged to keep the Personal Data confidential; and

(d) not transfer any Personal Data outside of the European Economic Area unless the prior written consent of the Customer has been obtained and the following conditions are fulfilled:

(i) the Customer or the Provider has provided appropriate safeguards in relation to the transfer;

(ii) the data subject has enforceable rights and effective legal remedies;

(iii) the Provider complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any Personal Data that is transferred;

(iv) the Provider complies with reasonable instructions notified to it in advance by the Customer with respect to the processing of the Personal Data;

(e) assist the Customer, at the Customer’s cost, in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;

(f) notify the Customer without undue delay on becoming aware of a Personal Data breach;

(g) at the written direction of the Customer, delete or return Personal Data and copies thereof to the Customer on termination of the agreement unless required by Applicable Law to store the Personal Data; and

(h) maintain complete and accurate records and information to demonstrate its compliance with Data Protection Legislation and allow for audits by the Customer or the Customer’s designated auditor.

The Customer does not consent to the Provider appointing any third party processor of Personal Data under this agreement. The Provider confirms that it has entered or (as the case may be) will enter with the third-party processor into a written agreement incorporating terms which are substantially similar to those set out here. As between the Customer and the Provider, the Provider shall remain fully liable for all acts or omissions of any third-party processor appointed by it.

Either party may, at any time on not less than 30 days’ notice, revise these terms by replacing it with any applicable controller to processor standard clauses or similar terms forming party of an applicable certification scheme (which shall apply when replaced by attachment to this agreement).

Copyright
Chalk & Charcoal Limited have the copyright and the intellectual property rights on everything on this website. You must not republish anything from this site without our consent. If you require images or copy for your own use, please contact us.

About us
This website is owned and operated by Chalk & Charcoal Limited t/a Puddingstone Distillery. Our company registration number is 9494435, and our VAT number is 865 4678 74. Our trading address is Unit 1 Artisan Workshop, Lower Icknield Way, Wilstone, Tring, Hertfordshire HP23 4NT and our registered address is Audley House, Northbridge Road, Berkhamsted, Hertfordshire HP4 1EH. If you need to get in touch with us contact hello@puddingstonedistillery.com.