This paper reports on a series of in-depth interviews with UK consumers, to investigate their views on the collection and use of personal information by commercial organisations in connection with shopping. The interviews were used to analyse the construction of accounts of privacy infringement. No single type of information was found to count as personal in all situations. Rather, privacy infringement was constructed as a situated account. This "situated privacy" depended upon: the visibility of a mediating technology; the perceived legitimacy of information requests; the representation of intrusion or disruption of legitimate activity; perceived imbalances of power and control; and representations of the social context. By focusing on the daily activity of shopping instead of asking direct questions about privacy, we found that privacy concerns were rarely independently raised by interviewees as an important feature in making decisions about purchasing. However, almost all of those interviewed were able to draw on a repertoire of concerns about use of personal information, when prompted specifically to discuss privacy issues in relation to shopping.