Legal & Privacy
The Swedish parent company, H & M Hennes & Mauritz AB ( “H&M”), is the Controller of the personal data you disclose to us and therefore responsible for your personal data under the Swedish Data Protection Act (1998:204) and EU Directive 95/46/EC. The Malaysian company H & M Retail SDN BHD is the personal data processor and processes the personal data on behalf of the parent company. Your personal data is stored in EU and might be disclosed to our subsidiaries within the H&M group. This means that your data, in a few cases, can be processed outside the EEA-area. In any event of transfer of your personal data to a Country outside the EEA-area, the involved H&M subsidiary will guarantee the application of the standard contractual clauses regarding data privacy process approved by the EU.
2. How do we use your personal data?
In providing your personal data, you consent to us using the data collected in order to meet our commitments to you and to provide you with the service you expect. We need your data for the following purposes:
- To create your personal account at H&M (e.g. your name and email address)
- To process your orders via our online services (e.g. your name, address, date of birth and bank details)
- To send text message notifications of delivery status (e.g. your mobile phone number)
- To send you marketing offers such as newsletters and catalogues (e.g. your email address, your name and your postal address)
- To contact you in the event of any problems with the delivery of your items (e.g. telephone number, address)
- To answer your queries and to inform you of new or changed services (e.g. your email address)
- To notify the winners in competitions arranged online (e.g. your email address, name, home address and telephone number)
- To manage your account by carrying out credit checks (e.g. name, address, date of birth)
- To analyse your personal data to provide you with relevant marketing offers and information (e.g. name, buying habits)
- To be able to validate that you are of legal age for shopping online (e.g. date of birth)
We will only keep your data for as long as necessary to carry out our services to you or for as long as we are required by law. After this your personal data will be deleted. We cannot remove your data when there is a legal storage requirement, such as book-keeping rules or when there are other legal grounds to keep the data, such as an ongoing contractual relationship.
3. What are your rights?
You have the right to request information about the personal data we hold on you. If your data is incorrect, incomplete or irrelevant, you can ask to have the information corrected or removed. Annually, you have the right to request written documentation on the personal information we have about you in our account files. To request this document please write to firstname.lastname@example.org. You can withdraw your consent to us using the data for marketing purposes (i.e. sending Newsletters or offers to your e-mail address) at any time. Please cancel further Newsletters via the opt-out link which is presented at the bottom of each Newsletter message.
4. Who has access to the data?
We never pass on, sell or swap your data to third parties for marketing purposes outside the H&M group. Data that is forwarded to third parties, for example shipping agents in connection with the delivery of goods, is only used to meet H&M’s commitments to you. H&M may also supply your personal details to organisations such as credit reference or debt collection agencies for the purpose of credit rating checks, identity checks and debt collection.
5. How do we protect your data?
We have taken technical and organisational measures to protect your data from loss, manipulation, unauthorised access, etc. We continually adapt our security measures in line with technological progress and developments. At H&M we protect your data using encryption. Secure Sockets Layer (SSL) is a function that encrypts all information sent between buyer and seller.
There are two types of cookies: permanent and temporary (session cookies). Permanent cookies are stored as a file on your computer or mobile device for no longer than 12 months. Session cookies are stored temporarily and disappear when you close your browser session. We use permanent cookies to store your choice of start page and to store your details if you select "Remember me" when you log in. We use session cookies when you use the product filtration function, to check whether you are logged in or if you put an item in your shopping bag.
You can easily erase cookies from your computer or mobile device using your browser. For instructions on how to handle and delete cookies please look under "Help" in your browser. You can choose to disable cookies, or to receive a notification each time a new cookie is sent to your computer or mobile device. Please note that if you choose to disable cookies, you will not be able to take advantage of all our features.
We use third-party cookies to collect statistics in aggregate form in analysis tools such as Google Analytics and Core Metrics. The cookies used are both permanent and temporary cookies (session cookies). The permanent cookies are stored on your computer or mobile device for no longer than 24 months.
The site hm.com and the H&M app may include links to other websites which do not fall under our supervision. We cannot accept any responsibility for the protection of privacy or the content of these websites, but we offer these links to make it easier for our visitors to find more information about specific subjects.
The content of this website is copyright-protected and is the property of H & M Hennes & Mauritz AB.
8. Controller of personal data
H & M Hennes & Mauritz AB
Mäster Samuelsgatan 46
106 38 Stockholm
Telephone: +46 (0)8 796 55 00
Fax: +46 (0)8 24 80 78
Companies register: Bolagsverket/Swedish Companies Registration Office
Company registration number: 556042-7220
Authorised representative: Karl-Johan Persson
VAT registration number: VAT NO. SE556042722001