We only use the personal information for the purposes for which it was collected, such as registering you for an account, fulfilling orders, communicating about our products/services, administering contests, market analysis, and fraud detection.
The legal basis for processing your personal information includes legitimate interest, contractual necessity, or your consent. For example, we process your information to administer your account or fulfil your order.
We may use your personal information to inform you about our products and services with your consent. You can withdraw your consent to receive marketing communications from us at any time. After five years of your last interaction with our marketing program, we retain your data for statistical purposes.
We engage in automated decision-making known as 'profiling' at H H, using specific aspects of the personal data collected to understand our customers better and improve their experience with H H. This includes analysing data sets to identify common behavioural patterns and personalizing your experience on our website, digital advertising, and electronic marketing communications. For instance, if we detect that you have browsed several products with a shared feature over a specific period, we can recommend similar products that may interest you.
You have the right to object to this type of processing. We do not use automated decision-making techniques that significantly or legally affect you unless we have a lawful basis for doing so. In the future, if we plan to engage in this type of profiling, we will first obtain your consent.
Data security is of utmost importance to H H and is integrated into our business culture and practices. We take all reasonable measures to safeguard personal information against misuse, both through our technology systems and staff procedures. Personal data is stored and processed digitally within secure databases, with access restricted to authorized personnel who undergo regular data protection training and adhere to a strict code of conduct for data management.
We comply with the Payment Card Industry (PCI) and Data Security Standard (DSS) and never store card details. All credit card details related to transactions are securely passed to our payment provider. An external IT specialist conducts regular checks on our behalf. Our website employs the Secure Sockets Layer (SSL) protocol to encrypt data between your browser and our servers to ensure your information's security.
Please note that we cannot guarantee the security of data disclosed online, and customers accept the inherent risks of conducting transactions online. We have robust protocols in place to manage any major security breach and minimize its impact on our customers. The breach management plan involves notifying relevant parties, including the Information Commissioner's Office and affected customers, where necessary.
H H stores personal data digitally within the UK and EU, with partners transferring data outside the EEA only if appropriate protection and compliance with GDPR regulations are demonstrated. We use minimization techniques to retain data only necessary to process orders for the minimum required time. Storage duration depends on the processing purpose, and periodic reviews determine which data is no longer required.
We adhere to GDPR regulations, and customers have control over their data. They can access, rectify, complete, or request erasure of their data in certain circumstances, restrict processing, object to processing for marketing purposes or profiling, withdraw consent for electronic marketing, and transmit their data to another provider. If data erasure is requested, we may continue processing data for fraud detection, statistical purposes, or suppression from further use, retaining only minimum data and removing personal identifiers whenever possible.
What are cookies?