At How They Drew It Up, we are committed to protecting and respecting your privacy and data. Throughout this policy, “How They Drew It Up”, “we”, “us”, “our” is referring to Creative Bear Media, based in Norwich, United Kingdom.

What data we collect from you

We collect the necessary personal information; name, email, address, when you make a purchase through our Site. This enables us to fulfil your order request.

We collect name and email addresses from our subscription and contact enquiry forms.

When browsing our Site, cookies will collect information such as IP address, browser, device and site behaviour from you. See the cookie section below for further details.

We do not collect or retain any payment data/information. This is done securely through our Third-party, PCI-DSS compliant payment gateway (Stripe).

How we use your data

The data we hold allows us to; fulfil purchase, service/enquiry requests made by you and to send promotions and special offers, of which you can unsubscribe at any time.

We use data to provide analytical reports and Site usage statistics, which help us make improvements to the user experience of our Site, products and services.

We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.

How we store your data

Your data collected by us is held securely and retained for a period of 6 months from the point of inactivity, which refers to making no additional purchases or service requests and no engagement on email correspondence sent to you.

At any time, you can be request for your data held by us to be completely removed.

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. Data is never sold or distributed to outside businesses.

Secure payments

We do not hold any payment card details. When making a purchase, transactional data will be handled by our payment gateway provider, Stripe. Transactions follow PCI-DSS requirements and industry standards. Upon redirect through the payment gateway, you are no longer governed by this Privacy Policy.


When you provide us with personal information to complete a transaction, make an enquiry, sign up to a mailing list, we imply that you consent to our collection and use of your data as outlined above and are ‘opted in’.

Upon simply browsing the Site, you will be notified to acknowledge that cookies will collect data.

If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, use or disclosure of your information, by contacting us at

Cookies / Remarketing

We uses cookies and similar technologies, such as single-pixel gifs and web beacons, as well as third-party cookies such as Google Analytics. We use both session-based and persistent cookies.

These are used to provide us with data and analytics to better understand our customers, to provide a better user experience on our Site and other digital media outlets.

Changes to this privacy policy

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes will take effect immediately upon their posting on the website.
Should this Site be acquired or merged with another company, your information may be transferred to the new owners so that they continue to communicate with you.

Contact us

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, please contact us at