Privacy & Data Protection

The Lord Brock Trust, which governs the Old Operating Theatre Museum and Herb Garret, uses and protects any information that is provided when individuals use our website ( and any sub-domains. The Lord Brock Trust is committed to ensuring that individual’s privacy is protected.  Should we ask individuals to provide personal data when using our website, it will only be used in accordance with this privacy statement and with active opt-in consent.


A cookie is a small file which asks permission to be placed on a computer’s hard drive. Once this is agreed, the file is added and the cookie helps analyse web traffic. Cookies allow web applications to respond to individuals. The web application can tailor its operations to user needs, likes and dislikes by gathering and remembering information about personal preferences.

We use traffic log cookies to identify which pages are being used.  This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs.  We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide users with a better website by enabling us to monitor which pages are used frequently.  A cookie in no way gives us access to a computer or any information about an individual, other than the data they choose to share with us.

Managing Cookies

Individuals can choose to accept or decline cookies.  Most web browsers automatically accept cookies, but browser settings can be modified to decline cookies.  This may prevent users from taking full advantage of the website.

To find out more about cookies, including how to see what cookies have been stored and how to manage and delete them, you can visit


  • We respect your privacy and protect all personal information you provide when buying products. The information you provide will be used only by ourselves to deliver services.
  • Any customer information collected to process your orderwill be stored in a safe, secure and responsible manner, on secure servers.
  • Our online shop is hosted on and uses the direct payment gateways of which is certified Level 1 PCI DSS compliant. The Payment Card Industry Data Security Standard (PCI DSS) is a security standard for organisations that handle credit and debit card information. The Old Operating Theatre Museum does not collect or retain credit card numbers. 
  • If you purchase something from our online shop you will receive email confirmations from us about your order. If you sign up to the museum's newsletter you will receive email notifications from us about museum news and events - and you can always opt-out at any time. Otherwise, we won't contact you unless you contact us first. 
  • We do not forward our database to outside companies involved in marketing.
  • We will always work to help uphold everyone's rights under Data Protection Legislation. If you have any questions about your personal data, want to access it, rectify it, or ask that it be forgotten (ie: deleted from our servers) you can contact us at anytime.
  • View our full Information Security Policy for further details.


Our website may contain links to other websites of interest.  However, once users choose to leave our site, please note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which an individual provides whilst visiting such sites and such sites are not governed by this privacy statement. Please exercise caution and look at the privacy statement applicable to the website in question.