Why do we use your personal data?
We use your personal data to provide you with the information, products and services that you request or purchase from us, either online and in stores. In this context, we use your personal data to be able to process your purchase order and payment transactions and to manage your deliveries, claims, returns and refunds in a secure and effective manner.

Purchase order and payment data collected for the purpose above will also be used, under certain conditions and limitations, for marketing, business development and analytics purpose and to detect fraud and thefts in connection with online and offline sales and to comply with applicable laws. 

Why do we use your personal data?
We use your personal data to provide you with the information, products and services that you request or purchase from us, either online and in stores. In this context, we use your personal data to be able to process your purchase order and payment transactions and to manage your deliveries, claims, returns and refunds in a secure and effective manner.

Who has access to your personal data?
We share your personal data within the H&M Group whenever necessary to fulfill the intended purpose. For the same reason, personal data is also shared with suppliers carrying out certain tasks on our behalf, such as order fulfillment and payment processing. H&M is always fully responsible for its suppliers. 

We may from time to time also share personal data with independent third parties, such as electronic communication providers, banks and financial service providers, and postal services. Please be aware that many of  these recipient have an independent right or obligation to process your personal data in their own rights.

Except as explicitly stated herein, we never pass on, sell or swap your data to any third parties. 

What is the legal ground to process your personal data?
When making products and services available to you H&M will process your personal data necessary for concluding a contract with you and to fulfill any obligations derived from that contract, whether the contract refers to a purchase order and payment, or the use of other services provided by us or by third parties.

How long do we keep your personal data?
We will keep and process your personal data no more than necessary for us to perform our contractual obligations. 

However, we may continue to use and store your data for additional purposes.

Purchase order data will also be used for the purpose of Development and Improvement of products, services and supply chains. 

Purchase order data will also be used for the purpose of Security and Safety by fraud detection and loss prevention. 

If you are a user of an H&M Account or a member of H&M Membership we will continue to use your purchase order data to the extent necessary for us to deliver upon our promises and to distribute Ads & Promotions acccording to your expectations.  

In addition to the above, for the purpose of Compliance with Laws, we are compelled to continue to save and sometimes use your purchase order data to abide with applicable tax and accounting legislation and to protect consumer rights. 

You can read more about why and how the H&M Group re-use personal data under each section of this Privacy Notice. 

Automated credit assessments
Payment credit applications are usually processed automatically whereby decisions are made by computer algorithms and not humans. In case your credit application has been assessed by an computer algorithm and been denied you have the right to to express your point of view and to contest the decision. 

Why do we use your personal data?
We will use your personal data to generate and send ads and promotions, including style and shopping recommendations, notifications, information, surveys and invitations through multiple communication channels.  

Ads, promotions and other direct marketing communication will be distributed according to your preferences through electronic mail, text messages, phone calls or postal mail as well as displayed in your mobile app, social media channels or web browser. 

To optimize online customer experience, we provide you with personalized ads and promotions resulting from algorithmic analysis and predictions of your preferences, interests and behaviour.   

How do we use your personal data?
We only use data obtained directly from you, when you created your account, shopping with us, signing up for membership, subscribing to newsletters or engaging with us in any other way.    

We will never retreive, use, and store personal data from data brokers or other external sources nor having access to such data for pursuing a marketing purpose unless we explicitly say so.

H&M collaborates with advertising partners such as Facebook, Instagram, Snapchat, Pinterest and YouTube for advertising on social networks and with Google for online advertising networks such as Google Ads and Google Marketing Platform.

Advertising partners use data provided by us and collected from cookies and other technologies in order to predict your preferences and interests, and take this into account when choosing the adverts on the advertising spaces mediated via their online advertising networks. This is standard industry practice commonly known as "retargeting". Retargeting allows us to run advertising campaigns which is as relevant to you as possible and to measure the efficiency and reach of the advertising materials, but also to measure the advertising partners’ performance and efficiency of campaigns. 

Advertising partners use cookies and similar technologies to trace your usage of our websites and services by accessing data stored on your device or in apps.

Read more about cookies and other tracing technologies in the Cookies' section of this Privacy Notice. 

Each advertising partner is responsible for their own part of the processing as controllers, including (if any) international transfers of personal data.

Who has access to your personal data?
We may share your personal data within the H&M Group whenever necessary to fulfil the intended processing purpose. For the same reason, personal data is also shared with suppliers carrying out certain tasks exclusively on our behalf, such as data analytics and marketing content creation. H&M is always fully responsible for its suppliers. 

We may from time to time also share personal data with independent third parties, such as Advertising Partners, media agencies and electronic communication providers. Please be aware that many of these recipients have an independent right or obligation to process your personal data as controllers. 

Except as explicitly stated herein, we never pass on, sell or swap your data with any third parties.

What is the legal ground to process your personal data?
The processing of your personal data for marketing purpose is based on our legitimate interest if you are either a customer, member or an account holder. 

If you are neither a customer, member nor an account holder, we will first obtain your consent before preparing and sending you any ads, promotions or other marketing communication.

Regardless of the above, we will always obtain your consent before we send you newsletters through e-mail.

How to exercise your rights
You have the right to exercise your rights against H&M to such personal data vested in H&M's possession and control.   

Personal data in our possession is data obtained directly from you when shopping with us, creating an account or membership, subscribing on newsletters or when engaging with us by other means online or offline. 

You have, at any time, the right to withdraw your consent for marketing purpose, or object to it if the processing is based on our legitimate interest .

Your consent withdrawal or objection to further marketing communication means a ceasure of all future ads, promotions and other marketing messages originating from the H&M Group, including the underlying processing of personal data for this purpose. 

If you, however, continue to receive marketing communication from us displayed in your social media feed or web browser, this is a matter entirely between you and your platform provider. 

You can revoke your consent or opt out from further marketing communication by the following means:

* following the instruction in each marketing post
* by editing the settings of your H&M account
* configurate the privacy settings on your social media account or browser, or
* contact Customer Service

How long do we keep your data?
H&M will process your data no longer than necessary to provide you with ads, promotions and other direct marketing messages.

We will cease processing your data for marketing purpose once you have closed your customer account or membership, actively rejecting further marketing communication from us. Thereafter your data will be permanently erased. 

Why do we use your personal data?
H&M will use your personal data in order to administrate your H&M account (“My Account”) including the collection of consents, identify and certify the identity of the user of the account, prevent unauthorized access and use, restrict usage by minors, communication of notices and notifications, take actions against misuse of the account, enforce violations of terms of use, and to manage withdrawals of consents.  We will also use your personal data to bring you a personalised online experience and to make your purchase information instantly available to you. 

We will use no more data than necessary for providing you with all the benefits associated with a H&M account. This means that we will only use personal data obtained directly from you when you signed-up for an account.  

In order to make the experience even more relevant to you we may personalise the content before we display it to you based on what we know (or perceive we know) about your interests and preferences. If you as a H&M account holder have signed-up to receive ads and promotions, your promotions and offers will be based on your profile data, shopping and web browsing history. Personalisation comes through analyzing and predicting aspects concerning your interests, preferences, behavior etc., by making use of a combination of personal data obtained from you or from third parties.

We may also use personal data received from web cookies, pixels, plug-in or other web tracing technologies for the same objectives.

To find out more about the use of such technology, please read the specific section on Cookies in this Privacy Notice. 

How do we process your personal data?
We use no more data than necessary for providing you with all the benefits that comes with a H&M account. This means that we will only use personal data obtained directly from you when you signed-up for it. 

To make it even more relevant to you we personalise the content before we display it to you based on what we know (or perceive we know) about your interests and preferences. Personalisation comes through analyzing and predicting aspects concerning your interests, preferences, behavior etc., by making use of a combination of data derived from previous purchase orders and data retrieved through cookies and other tracing technologies. 

You can read more about Cookies in the specific section of this Privacy Notice. 

Who has access to your personal data?
We may share your personal data within the H&M Group whenever necessary to fulfill the intended processing purpose. For the same reason, personal data is also shared with suppliers carrying out certain tasks on our behalf, such as data analytics and marketing content creation. H&M is always fully responsible for its suppliers. 

We may from time to time also share personal data with independent third parties, such as electronic communication for sending messages and notifications or reaching out to you for any other reason, Please be aware that many of these recipient third parties have an independent right or obligation to process your personal data in their own names. 

Except as explicitly stated herein, we never pass on, sell or swap your data to any third parties.

What is the legal ground to process your personal data?
The processing of personal data for your account is based on your consent when you created your H&M account.

The processing of your personal data in order to provide you with a personalised online experience such as product recommendations is based on our legitimate interest. 

Your right to withdraw your consent:
You have, at any time, the right to terminate your account by withdrawing your consent. If you decide to withdraw your consent all processing of your personal data will immediately cease. You will no longer be able to gain the benefits of being a user of an H&M Account. 

How to withdraw you consent?
You can withdraw your consent either yourself by managing your account settings in My Account or contact our Customer Service at customerservice.us@hm.com.  

How long do we keep your data?
We will use your personal data no longer than necessary for making the account available to you.  

Personal data solely collected and used for the purpose of providing you with a H&M account will be erased upon termination.

We may however continue to keep and use your data if we have outstanding obligations to you or by any other reasons are prevented from erasure, for example if you have an open order or unsettled debt.

Your right to object to processing of your data:
You have the right to object to processing of your personal data that is based on H&M's legitimate interest by contacting dataprotection.us@hm.com. Your account will then be deleted and we will not be able to carry out our services to you.

Why do we use your personal data?
We use your personal data to create and manage your H&M Membership account and to give you all the granted benefits and rewards. The H&M Membership is as further described in the Terms & Conditions and on our official website. 

We process your personal data to keep your membership account up-to-date and always current. By doing so we will be able to provide you with your shopping history, details about your orders, H&MxKlarna credit and your status as a member

Furthermore, we will use your personal data to serve you with personalized information, ads, promotions, recommendations, rating services etc. Any member will also receive invitations for upcoming events, competitions and customer surveys.  

How do we use your personal data?
We use no more data than necessary for providing you with all the benefits that comes with the membership. This means that we only will use personal data obtained directly from you when you signed-up for it. 

To make the membership even more relevant to you we personalise the content before we display it based on what we know (or perceive we know) about your interests and preferences. Personalisation comes through analyzing and predicting aspects concerning your interests, preferences, behavior etc., by making use of a combination of data derived from previous purchase orders and data retreived through cookies and other tracing technologies.

You can read more about Cookies in the specific section of this Privacy Notice. 

We use e-mail communication to reach out to you but also, where applicable, sending notifications to your mobile app, browser and/or through available social media messaging services. 

Who has access to your personal data?
We may share your personal data within the H&M Group whenever necessary to fulfill the intended processing purpose. For the same reason, personal data is also shared with suppliers carrying out certain tasks on our behalf, such as data analytics and marketing content creation. H&M is always fully responsible for its suppliers. 

We may from time to time also share personal data with independent third parties, such as electronic communication for sending messages and notifications or reaching out to you for any other reason, Please be aware that many of these recipient third parties have an independent right or obligation to process your personal data in their own names. 

Except as explicitly stated herein, we never pass on, sell or swap your data to any third parties.

What is the legal ground to process your personal data?
The processing of your personal data to create and manage your membership account and to provide you with the personalised services of the H&M Membership is necessary to fulfil the H&M Membership agreement. 

The use of your personal data to email you offers, style updates, bonus vouchers, birthday offers and special invites to sales and events is based on your consent.

For any other purpose referred to herein, we process your personal data to satisfy our legitimate interest as a business.

How long do we keep your data?
We keep and continue to process your personal data for as long as necessary to fulfill our contractual obligations, at the latest until the H&M Membership is terminated.  

You have the right to terminate your membership at any time. If you choose to do so, your membership will cease to exist, and your personal data will be deleted. 

We will keep your personal data for a longer period of time if there are any legal requirements or if there is an ongoing dispute.

                                                      Please read our full  Privacy Policy

Why do we use your personal data?
We will use your personal data to give you service and support and to improve the overall experience of the service through email, chat function, telephone, and social media. In this context, we will use your personal data to manage your questions, handle complaints and warranty matters, and to provide technical support. We will also analyze data on an aggregated level to gain insights into customer preferences, expectations, and trends, etc. 

We may also contact you through email, telephone, social media, or any other means if there is a problem with your order or if we request your participation in a customer survey, which is voluntary.

How do we use your personal data?
We will only use such personal data necessary for providing the service to you in a secure and efficient way. We will use the personal data you provide us with when you contact us, such as contact details, birth date, and other necessary information. In order to resolve your case, we may also need to access and use transaction data, such as order, payment, and delivery information. 

Occasionally, we may co-listen your calls and conversation. This will take place only upon suspicion of bad quality of service and for the purpose of technical troubleshooting.

We may from time to time record telephone calls for training and technical troubleshooting, but only upon your prior consent.

Who has access to your personal data?
We may share your personal data within the H&M Group whenever necessary to fulfill the intended purpose. For the same reason, personal data is also shared with suppliers carrying out certain tasks on our behalf, such as externally operated call centers.

H&M is always fully responsible for its suppliers.

We may from time to time also share personal data with third parties, such as electronic communication providers, providers of messaging services, and social media platforms for sending notifications or reaching out to you regarding a customer service matter. Please be aware that many of these third party recipients have an independent right or obligation to process your personal data in their own names.

When engaging with us on social media pages, such as Facebook and Instagram pages, all text messages and pictures are shared with us and the named platform provider. You do this according to the platform's terms of use and privacy policy to which you have agreed when you signed-up as a user. H&M assumes no responsibility for the platform provider's processing of your personal data.    

Except as explicitly stated herein, we never pass on, sell, or swap your data to any third parties.

What is the legal ground to process your personal data?
In order to provide you with the best possible customer service, we must collect and use your personal data. This is justified in our legitimate interest as a business.

Regardless of purpose, we will not record any telephone conversations without your consent.

How long do we keep your data?
We will keep your data for as long as we need to handle your case. We may continue to keep and use your data if we have outstanding obligations to you or by any other reason are prevented from erasure.

Case logs are stored for a maximum period of seven days. No recordings will be stored for more than 72 hours. 

Your right to object to processing based on legitimate interest:
You have the right to object to the processing of your personal data that is based on H&M's legitimate interest by contacting Customer Service at customerservice.us@hm.com.

Why do we use our data?
We will process your data when you enter our competitions online. Your personal data will be used  for H&M to contact contestants regarding the competition, before and after an event, to identity contestants, verify the age of contestants, to contact winners, deliver and follow up on prize deliveries.

What types of personal data do we process?
We will process following categories of personal data 

* contact information such as name, address, e-mail address and telephone number
* age
* information submitted in the contest

Who has access to your personal data?
Data that is forwarded to third parties, is only used to provide you with the services mentioned above, to shipping suppliers for delivery of prizes. 

What is the legal ground to process your personal data?
The processing of your personal data is based on your consent when you choose to enter a competition.

Your right to withdraw your consent:
You have the right to withdraw your consent for the processing of your personal data at any time. When you do so H&M will not be able to provide you with the services mentioned above.

How long do we save your data?
We will keep your personal data for 45 days after the competition has ended. 

Why do we use your personal data?
We always want to exceed the expectations of our customers and users. Only with the right offers and by providing the best user and shopping experience, we can stay relevant. For this reason, we may use your personal data to evaluate, develop and improve our products, services, systems, supply chain and store premises. 

This includes analysis to make our services more user-friendly, such as modifying the user interface to simplify the flow of information or to highlight features that are commonly used by our customers in our digital channels and to improve IT systems in order to increase the security for our visitors and customers in general.

The analysis is also used to develop and constantly improve the logistics flow of goods by forecasting purchases, stocks and deliveries as well as our resource capacity from a sustainability point of view by streamlining purchasing and scheduling of deliveries.

In addition we use the data to be able to plan new establishments of stores and warehouses and improve our product range. 

How do we use your personal data?
We will only use personal data for a development and improvement purpose if it is strictly necessary and cannot be achieve with less invasive means. This means that we will protect and secure your data to the extent reasonably possible, for example by appropriate pseudonymiszation and encryption techniques or by data anonymization.  

In no event we analyse data on a level where your identity is traceable. 

Any data used for the purpose of development and improvement of products, services and systems etc have usually been collected for different objectives. We may for example use your purchase data and contact information from the check-out to develop new features, functionality, performance and security of the ordering processing systems, and hence improving the overall shopping experience.

Notwithstanding the above, we may reach out to you to respond to enquieries and surveys. In such case, any personal data used and obtained from you will only be processed for the specific purpose described therein.

We may also use personal data received from web cookies, pixels, plug-in or other web tracing technologies for the same objectives.

To find out more about the use of such technology, please read the specific section on Cookies in this Privacy Notice. 

Who has access to your personal data?
Only pseudonymised personal data may be shared within H&M Group whenever sharing is necessary to fulfill the intended processing objectives. For the same reason, personal data may be shared also with suppliers carrying out certain tasks on our behalf, such as external web-analytics companies to analyze online behavior, software development or externally hosted development tools. H&M is always fully responsible for its suppliers. 

We will never use personal data to identify individuals. All analysis is carried out on an aggregated data level.

Except as explicitly stated herein, we never pass on, sell or swap your data to any third parties.

What is the legal ground to process your personal data?
The processing of your personal data for the purpose to develop and improve our services and products, is based on our legitimate interest as a business.

How long do we keep your personal data?
We will process your personal data no more than necessary for us to fulfill the purpose. Thereafter the data will be immediately erased for this type of use. 

Your right to object to the processing of your data:
You have the right to object to the processing of your personal data that is based on H&M's legitimate interest, by contacting dataprotection.us@hm.com.

How do we process your personal data?
We use your personal data to collect and verify accounting data to comply with our obligations. For this purpose we may keep your name, contact details, order history and other relevant transactional information. 

Which categories of personal data we must process depends on its purpose and is generally stipulated by applicable laws.

How do we process your personal data?
We may share your personal data within the H&M Group whenever necessary to fulfill the intended purpose.  For the same reason, personal data is also shared with suppliers carrying out certain tasks on our behalf, such as provider of book-keeping systems or information storage.

We may from time to time also share personal data with independent third parties, such as external accountants, book-keeping service and competent public authorities. Please be aware that many of these third party recipients have an independent right or obligation to process your personal data in their own names.

Except as explicitly stated herein, we never pass on, sell or swap your data to any third parties.

Who has access to your personal data?
We may share your personal data within the H&M Group whenever necessary to fulfill the intended purpose.  For the same reason, personal data is also shared with suppliers carrying out certain tasks on our behalf, such as provider of book-keeping systems or information storage.

We may from time to time also share personal data with independent third parties, such as external accountants, book-keeping service and competent public authorities. Please be aware that many of these third party recipients have an independent right or obligation to process your personal data in their own names.

Except as explicitly stated herein, we never pass on, sell or swap your data to any third parties.

What is the legal ground to process your personal data?
The processing of your personal data is necessary for H&M to fulfill its legal obligations of the country of operation.

How long do we keep your personal data?
The data retention time will vary depending on the purpose, context and specific legal requirements in your country. 

Why do we use your personal data?
In order to protect our customers, users, visitors, assets and business against violence, fraud, theft, misuse and other malicious activities, H&M has put in place a range of different security and safety measures. Some of these measures will require collection and processing of personal data.

How do we use your data?
How we process your data and what personal data we use differs from application and field of use. We may for instance use your order history, payment data and shopping behaviour to detect online loss or fraud.

We may use personal data received from web cookies, pixels, plug-in or other web tracing technologies for the same objectives.

You can read more about Cookies in the specific section of this Privacy Notice. 

In many of our stores we use surveillance cameras to detect and prevent thefts, fraud and enhance the security and safety of visitors and staff.  

Who has access to your personal data?
We may share your personal data within the H&M Group whenever necessary to fulfill the intended purpose. 

We may share your personal data also with third parties for security and safety purposes. For example, we will share your data with companies that help us detect and prevent potential fraud and thefts. 

We may share relevant information with insurance companies for claim handling and to law enforcement agencies in so far as we are compelled to do so by legal obligation. 

Such thrid party recipients have an independent right and/or duty to process your personal data in their own interest or by a legal obligation. 

What is the legal ground to process your personal data?
Unless there is a specific legal obligation, the processing of your personal data for security and safety purposes is based on our legitimate interest.

How long do we use and keep your personal data?
We will keep your personal data no more than necessary for each purpose.

We will keep images from our surveillance cameras for a maximum period of 30 days, unless we are obliged by law or public authority to keep and/or process data for a longer period.

Your right to object to the processing of your data:
You have the right to object to the processing of your personal data that is based on H&M's legitimate interest by contacting dataprotection.us@hm.com. 

Why do we use cookies?
The H&M Group uses cookies and other tracking technologies to give you the full functionality of the website, to customize your user experience, perform analytics and deliver personalized advertising on our websites, apps and newsletters across internet and via social media platforms.

Who is responsible for cookies?
H & M Hennes & Mauritz GBC AB and the named publisher are both responsible for setting cookies on your device when you access any of our official websites and for the access and collection of data from the same device. 

What is a cookie?
A "cookie" is a small text file that is downloaded onto your device such as computer or smartphone when you access our websites. 

We use cookies and other similar technologies in order to make our website work efficiently and secure and to improve perosnalised user experience. 

When referring to cookies we include:
first- and third party cookies, 
tracking pixels and plug-ins, including technologies those from third party publishers,
other tracing technologies.

All cookies have a publisher which tells you who the cookie belongs to. The publisher is the owner of the domain specified in the cookie. Whenever you visit our website, we place cookies onto your device for different reasons. Such cookies are called “first-party” cookies, whereas cookies set by a third-party company, such as a social media platforms or ad network/ad tech providers, are called “third party” cookies.

Below you will find more detailed information about our cookies and the reason for using them.

How to withdraw your cookie consent?
You can at anytime disable your non-essential cookie by withdrawing your consent. You manage your cookie consents in Cookie Settings at the bottom of this website.

In addition to your consent withdrawal, you can easily stop your browser from accepting cookies by configuring your browser’s cookie settings.

All commercial web browsers are featured with cookie management functionality.

Please check your web browser to find out more how to delete or disable cookies etc.

If you choose to disable cookies, you may face limitation on functionality and a deteriorated user experience.  

What types of cookies do we use and why?

Why do we use your personal data?
We want to share and inspire you and others about different ways of wearing our products and to give you the chance to show the world your cool style. 

H&MxMe  is a service created for you and your audience and a platform for customer engaged marketing.

To read more about the HMxMe terms of use click here.

How do we use your personal data?
Photos and/or videos of yourself are regarded as personal data. Such personal data will be published on our official website, and/or on our social media pages and other promotional channels. To be able to do this we need your photo and/or video and in return we will link your photo to your Instagram account. 

Who has access to your personal data?
We may share your personal data within the H&M Group whenever necessary to fulfill the intended processing purpose. For the same reason, personal data is also shared with suppliers carrying out certain tasks on our behalf, such as IT, data analytics and media agencies. H&M is always fully responsible for its suppliers. 

Please note, by hash-tagging your picture or video clip you voluntarily share the content and other personal data with Instagram or other social media platforms. This relationship is outside of H&M's control and a matter between you and the social media service provider.  

Except as explicitly stated herein, we never pass on, sell or swap your data to any third parties.

What is the legal ground to process your personal data?
We will collect, use and share your username, photos and/or videos to the extent necessary for us to perform the service and meet your expectations when using HMxME and other user generated content services.

How long do we keep your data?
We will keep your username and generated content for 24 months  from the date of posting.

If you want to remove Photos or Moving Content, please visit the Photo or the Moving Content were its placed on hm.com and press "report photo" or contact customer service. 

Why do we use your personal data?
When you connect to our free WiFi service, we will collect personal data from your device (MAC address) in order to be able to provide the WiFi service to you. When you login and use the WiFi service, we will also use your personal data to verify your compliance with the Terms & Conditions of the service. By using anonymization techniques, we might also turn personal data into anonymized (non-personal data) for statistical purposes.

Anonymized personal data might be used for the purpose of creating statistics on movements, behaviors and flows in our store premise. Statistics will help us gain better insights on how to operate our stores in a more efficient way by optimized assortment, floor space and staff utilization. Any data used for this purpose is anonymized and not retraceable to you as an individual.

What types of personal data do we process?
When you connect to the WiFi service, we will collect the MAC (Media Access Control) address, a unique identifier assigned to your device and related information referring to device hostname, geographic location and time. 

Who has access to your personal data?
We may use third parties when providing the WiFi services to you, for this reason, we share personal data with such third parties. We also share data with an internet service provider when granting you access to the internet via the WiFi service. When creating statistics out of anonymized data, we may also share this with other companies of the H&M Group.

What is the legal ground to process your personal data?
When you connect to our free WiFi service, you permit us to collect and use you the personal data necessary to provide the requested WiFi service (fulfillment of a contract) and, by using anonymization techniques, turn personal data into anonymized (non-personal data) for statistical purpose (legitimate interest).

How long do we save your data?
We will keep your personal data as long as necessary for us to provide the WiFi service, in accordance with the agreed Terms & Conditions and to ensure your compliance with these. The retention period will be up to 14 months from when you last connected to the WiFi network.

Personal data used for statistical purpose is anonymized by technical means after collection. Once your data is anonymized, your personal data is irreversibly erased.   

H&M Hennes & Mauritz GBC AB (“H&M Sweden”) and H&M Hennes & Mauritz L.P. (“H&M USA”) (collectively, “H&M,” “us,” “we,” and “our") provides this California Privacy Notice (the “California Privacy Policy”) for visitors, users, and others who reside in the State of California.  The California Privacy Policy supplements the information contained in the Privacy Notice (available by clicking here) and applies solely to visitors, users, and others who reside in the State of California.  To the extent any provision in this California Privacy Policy conflicts with a provision of the Privacy Notice, the California Privacy Policy shall govern with respect to visitors, users, and others who reside in the State of California. 

Collection of Personal Information:

We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”).  In particular, we collect the following categories of personal information:

A.      Identifiers, such as real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, or other similar identifiers.
B.      Categories of personal information described in Cal. Civ. Code § 1798.80(e), such as name, signature, physical characteristics or description, address, telephone number, bank account number, credit card number, debit card number, or any other financial information.
C.      Characteristics of protected classifications under California or federal law, such as age, citizenship, and sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions).
D.      Commercial information, such as records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E.       Biometric information, as defined in Cal. Civ. Code § 1798.40(b).
F.       Internet or other electronic network activity information, such as browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement. 
G.      Geolocation data.
H.      Audio, electronic, visual, thermal, olfactory, or similar information.
I.        Inferences drawn from other personal information to create a profile about a consumer reflecting a consumer’s preferences, characteristics, and trends.

Personal information does not include: publicly available information lawfully made available from government records, deidentified or aggregated consumer information, or information excluded from the California Consumer Privacy Act.

Use of Personal Information:

We may use or disclose the personal information collected for one or more of the following business or commercial purposes:

• To fulfill or meet the reason for which the information is provided.  For example, to create your personal account at hm.com or to process your orders.
• To provide you with information, products, or services that you request from us, including answering your queries and to notify winners in promotions.
• To provide you with phone calls, text message notifications, email alerts, and other notices concerning our products or services.  For example, to notify you of delivery status, to be able to send you relevant marketing offers and information such as newsletters and our catalogues, to contact you in the event of a problem with delivery of your items, and to inform you of new or changed services.
• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection and managing your account by carrying our credit checks.
• To be able to analyze your personal data to provide you with relevant marketing offers and information.
• To be able to validate that you are of legal age for shopping online.
• To improve our website.
• Testing, research, analysis, and product and service development.
• As necessary or appropriate to protect the rights, property, or safety of us, our employees, our customers, or others.
• To respond to law enforcement requests and as required by applicable law, court order, or government regulations.
• As described to you when collecting your personal information.

Sale of Personal Information:

We do not, and will not, sell your personal information.

Rights of California Residents:

California residents have the following rights:

1. Right to Know About Personal Information Collected, Disclosed, or Sold

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months.  Once we receive and confirm your verifiable consumer request (instructions and description below), we will disclose to you:

• The categories of personal information we collected about you;
• The categories of sources for the personal information we collected about you;
• Our business or commercial purpose for collecting or selling that personal information;
• The categories of third parties with whom we share that personal information;
• The specific pieces of personal information we collected about you; and/or
• If we sold or disclosed your personal information for a business purpose, including lists of sales, identifying the categories of personal information that each category of recipient purchased or obtained.

We have collected the following categories of personal information from consumers within the last twelve (12) months:

A.      Identifiers, such as real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, or other similar identifiers.
B.      Categories of personal information described in Cal. Civ. Code § 1798.80(e), such as name, signature, physical characteristics or description, address, telephone number, bank account number, credit card number, debit card number, or any other financial information.
C.      Characteristics of protected classifications under California or federal law, such as age, race, color, ancestry, national origin, citizenship, marital status, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, and genetic information.
D.      Commercial information, such as records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E.       Biometric information.
F.       Internet or other electronic network activity information, such as browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
G.      Geolocation data.
H.      Audio, electronic, visual, thermal, olfactory, or similar information.
I.        Inferences drawn from other personal information to create a profile about a consumer reflecting a consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We have obtained the categories of personal information listed above from the following categories of sources:

• Directly from you, the consumer;
• Indirectly from third parties and service providers, including partners and affiliates;
• Directly and indirectly from our website.

We collected the categories of personal information listed above for the following business or commercial purposes:

• To fulfill or meet the reason for which the information is provided.  For example, to create your personal account at hm.com or to process your orders;
• To provide you with information, products, or services that you request from us, including answering your queries and to notify winners in promotions;
• To provide you with phone calls, text message notifications, email alerts, and other notices concerning our products or services.  For example, to notify you of delivery status, to be able to send you relevant marketing offers and information such as newsletters and our catalogues, to contact you in the event of a problem with delivery of your items, and to inform you of new or changed services;
• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection and managing your account by carrying our credit checks;
• To be able to analyze your personal data to provide you with relevant marketing offers and information;
• To be able to validate that you are of legal age for shopping online;
• To improve our website;
• Testing, research, analysis, and product and service development;
• As necessary or appropriate to protect the rights, property, or safety of us, our employees, our customers, or others;
• To respond to law enforcement requests and as required by applicable law, court order, or government regulations; and/or
• As described to you when collecting your personal information.

We shared the categories of personal information listed above with the following categories of third parties:

• Affiliates, including H&M USA;
• Service providers;
• Third parties to which consumers authorized us to disclose personal information in connection with products or services provided to consumers.

2. Right to Request Deletion of Personal Information

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (instructions and description below), we will delete, and direct our service providers to delete, your personal information from our records, unless an exception applies.

We may deny your request to delete your personal information if retaining the information is necessary for us or our service providers to:

• Complete the transaction for which we collected the personal information, fulfill the terms of a written warranty or product recall in accordance with federal law, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract with you;
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
• Debug or identify and repair errors that impair existing intended functionality;
• Exercise free speech, ensure the right of another consumer to exercise that consumer’s right of free speech, or exercise another right provided for by law;
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546, et seq.;
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent;
• Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
• Comply with a legal obligation; and/or
• Make other internal and lawful uses of the personal information that are compatible with the context in which you provided it.

3. To exercise your right to know about, access, or delete personal information, please submit a verifiable consumer request to us by either:

Calling us at: 855-HNM-SHOP [855-466-7467 (Toll-free)]

Emailing us at: dataprotection.us@hm.com

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your personal information.  You or your authorized agent may only make a verifiable consumer request for access or data portability twice within a 12-month period.

Your verifiable consumer request must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information, or an authorized representative;
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.  Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format:

We will confirm receipt of a request within 10 days and provide information about how we will process the request. We endeavor to substantively respond to a verifiable consumer request within 45 days of its receipt.  If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.  If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosure we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

4. Right to Non-Discrimination

We will not discriminate against you for exercising any of your rights under the California Consumer Protection Act.  Unless permitted by the California Consumer Privacy Act, we will not:

• Deny you goods or services;
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
• Provide you a different level or quality of goods or services; or
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

California Shine the Light Law:

California Civil Code Section 1798.83 permits our visitors who are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please contact Customer Service.

Online Tracking:

Please note that our Sites do not support “Do Not Track” browser settings and do not currently participate in any “Do Not Track” frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your personal or non-personally identifiable information.

Last Updated: December 2019

This Privacy Notice was last updated:
27/4/2021

Effectuated Changes to previous version

Editorial changes of section "General"; adding new paragraph ”Illinois Residents; Biometric Information Privacy Act”.

Previous changes:
18/3/2021
11/3/2021
2/11/2020