Health Programmes Members Club Wellness Facilities About Us Sustainability and Environment Blog Food The Team

Privacy Policy

Combe Grove

A privacy policy is a public statement of how our company applies data protection principles to processing data under the UK Data Protection Act 2018. Combe Grove is committed to protecting your privacy and all personal information is held securely. We do not share or sell your personal information to others and your personal information will not be disclosed to any third party without your consent unless required by law. 


Our Online Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that visitors share and that we collect. This policy is not applicable to any information collected offline or via channels other than this website. For further information about our wider Data Protection Policy, please contact us at

Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it. By using our website and any other website on which this policy is posted or expressly referenced (“Combe Grove Sites”), you are accepting and consenting to the practices set out in this policy. Please do not use the Combe Grove Sites or purchase any products over the telephone with our customer services team unless you agree with this policy.

For the purposes of the Data Protection Acts 1998-2018 and the General Data Protection Regulation 2018 (GDPR), the data controller is The Elmhurst Foundation Ltd.


Automatically Collected Information

When you visit any of the Combe Grove Sites, we may automatically collect certain information about your visit. This information will not allow you to be personally identified:

  • Browser information. This may include your browser type, browser version, host operating system, browser language and your IP address.
  • Other information about your visit. This may include the full Uniform Resource Locators (URL) clickstream to, through and from our site, products viewed or searched for, page response times, download errors, lengths of visits to certain pages, page interaction information (such as scrolling, clicks and mouse overs) and methods used to browse away from the page.
  • Aggregated Information. In addition, aggregate traffic information may also be collected from your visit.

Personally, Identifiable Information

We may also collect and process personal data that you give us. Many of the services that we offer are only made available if we have certain information about you. To access these services, you will, from time to time, be asked to submit personal data about yourself. We may collect and process the following personal information related to our services:

  • Registration information. In registering to use the Combe Grove Sites, we require certain contact information (including your name, email address and phone number).
  • Information to fulfil your order. When placing an order online at a Combe Grove Site, over the telephone with our customer service team, or in person at Combe Grove, we collect your name, phone number, address and personal payment information. We may also ask you for this information when you enter a competition or promotion sponsored by us or when you report a problem with our site and/or your order.
  • Support or customer services issues. If you contact us, we may keep a record of that correspondence and record conversations for training and/or monitoring purposes.
  • Surveys. We may from time to time ask you to complete surveys that we use for research purposes. You do not have to respond to these surveys and may opt out of future emails by clicking a link at the bottom of the email or emailing us at
  • Website Use. We may collect details of your visits to our site and any calls that you make to us. This may include location data, weblogs, other communication data and resources that you access.


Messages sent by you will be forwarded to our inbox at and may be further forwarded to the correct department to ensure that you receive a prompt and accurate response.


Automatically Collected Information

We may use information which we automatically collect about you as follows:

• To administer the Combe Grove Sites and for internal operations such as to help diagnose problems with our server, troubleshoot, analyse data and other administrative purposes.

• To improve the Combe Grove Sites and to ensure that content is presented in the most effective manner for you and your computer (this may include providing you with content and services in your country’s local language and currency).

• To allow you to participate in interactive features of our service when you choose to do so.

• As part of our efforts to keep the Combe Grove Sites safe and secure.

• To improve the services we offer, make recommendations about goods or services that may be of interest to you and to develop marketing programs.

Personally Identifiable Information

We may use personal data which you give to us as follows:

• To process and fulfil your bookings effectively and to carry out any further obligations arising from any contracts entered into between you and us.

• To provide you with information that you have requested from us and to inform you of offers or other goods or services that may be of interest to you (but only where you have consented to be contacted for such purposes).

• To notify you about changes to our service.

• To help to protect you from fraud (for instance, we may carry out identity verification, credit or anti-fraud checks against your name using third party databases which may involve disclosure of your personal details to registered credit reference or fraud prevention agencies who may retain and use your personal information).

Consent to use of Data for Marketing Purposes

When placing an order with us, we will ask for your email address and/or mobile telephone number so that we can send you information confirming your order.

We would also like to use your data and permit selected third parties to use your personal data, to provide you with information about goods and services which may be of interest to you. We will only contact you by electronic means (email) or post with information about goods and services similar to those which were the subject of a previous sale to you.

Where we permit selected third parties to use your data, we (or they) will contact you by electronic means or post only if you have expressly consented to this.

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you before collecting your data if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.

You can also request us not to use your personal data for this purpose when setting up your Combe Grove account or by emailing us at

If at any time you wish to unsubscribe to our mailing list, please let us know by sending an email to

Data retention

Combe Grove will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.


We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

We may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If Combe Grove or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, in order to enforce or apply our terms of use or terms and conditions of sale or to protect the rights, property, or safety of Combe Grove, our customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
  • To registered credit reference or fraud prevention agencies for the prevention of fraud.
  • To our nominated marketing agencies who provide marketing services on our behalf.


All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. When you proceed to make your purchase and your browser connects to the secure section of a Combe Grove Site your browser window frame will show a padlock icon to indicate that you are entering a secure area.

If you are using a computer in a public location, we recommend that you always log out and close the website browser down when you complete an online session for your security.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.


Combe Grove takes appropriate physical and technical measures to ensure the robust security of your data and monitors these measures periodically. This is in line with our responsibilities as a Data Controller under Article 32 GDPR.


You have the right to access any personal information that Combe Grove processes about you and to request information about: –

  • What personal data we hold about you
  • The purposes of the processing
  • The categories of personal data concerned
  • The recipients to whom the personal data has/will be disclosed
  • How long we intend to store your personal data for
  • If we did not collect the data directly from you, information about the source will be provided in the response.


If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.

You also have the right to request erasure of your personal data or to restrict processing (where applicable) in accordance with the data protection laws; as well as to object to any direct marketing from us. Where applicable, you have the right to data portability of your information

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.

If you have any questions about our processing of your personal data, you are welcome to contact us. You will find our contact details at the bottom of this page. If you notice any errors in your personal data, you have the right to have them corrected.

The Data Protection Acts 1998-2018 and GDPR also provide you the right to access information held about you. You may exercise this right by notifying us in writing. Whilst this Right of Access is free to obtain under updated DP legislation, we may charge you a small administrative fee only if the request is excessive in its nature or repetitive. This is to meet our costs in providing you with details of the information we hold about you.


We do not knowingly collect personal data from anyone under the age of 18. We do not knowingly obtain or store any Sensitive Personal Data, such as information about health or medical conditions, race or religious beliefs.

If we are made aware that we have received information from anyone under the age of 18 or Sensitive Personal Data in violation of this Privacy Policy, we will use reasonable efforts to locate and remove that information from our records.


The Combe Grove Sites may contain links to third party websites. If you follow a link to any such website, please note that your use of such website will be subject to the terms of that website’s privacy policy and we do not accept responsibility or liability for your use of such website. Please check the terms of the third-party website’s privacy policy before submitting any personal data to such a website.


The Combe Grove Sites use cookies to distinguish you from other users of the Combe Grove Sites. This helps us to provide you with a good experience when you browse the Combe Grove Sites and allows us to improve the Combe Grove Sites.

A ‘cookie’ is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing. When you visit a site that uses cookies for the first time, a cookie is downloaded onto your computer/mobile device so that the next time you visit that site, your device will remember useful information such as items added in the shopping cart, visited pages or logging in options.

For detailed information on the cookies we use and the purposes for which we use them see our Cookies Policy.


On occasion, Combe Grove’s website will use web beacons. “Web beacons,” “tags,” and “pixels” are electronic files that allow us to generate statistics about how the site is used and therefore, adjust our content to better respond to visitors’ interests. Facebook pixels allow us to monitor the success rates of our advertisements and create custom audiences based on site traffic.

For further information on web beacons please visit

To opt out of targeted advertising visit:




We may amend this privacy policy at any time so please review it frequently and at least each time you submit personal information to us. The date at the top of this page will be amended each time this policy is updated. Our current privacy policy applies to all information that we have about you and your account.


If you have any questions, comments or requests regarding this privacy policy, the Combe Grove Sites or our products, please send us an email at:  


The Information Commissioners Office (ICO) is the Data Protection Authority in the UK, tasked with investigating individual Data Protection related complaints. The website can be found via the following link: .