This privacy policy describes the principles according to which HÄN Group Oy, as the data controller, collects and processes the personal data of the customers of its online store. Personal data is any information related to an identified or identifiable person, such as name, address and email address.
HAN Group Oy
Business ID: 3430016-7
Domicile: Helsinki, Finland
Vaunukalliontie 25
01200 VANTAA
FINLAND
Email: contact@hanfashionboutique.eu
hanfinland.com
Tel: +358 9 424 58760
We collect, store and process personal data only for predefined purposes and only on legal grounds. We process personal data mainly for the following purposes and on the following grounds:.
Purpose
Processing orders made in the online store
Description of the processing activities
We collect, store and process personal data in order to process online store orders, deliver the ordered products and handle other communication related to orders, such as processing payments, complaints and returns.
Processed personal data
Legal basis: Contract. The basis for the processing of this personal data is the preparation and execution of the contract concluded through the online store.
Legitimate interest. The above-mentioned purpose is also in accordance with our legitimate interest related to managing the customer relationship and we consider that based on the relationship between you and our company, it is also a processing that you can reasonably expect and that does not conflict with your fundamental rights and freedoms.
Purpose
Processing orders made in the online store
Description of the processing activities
We collect, store and process personal data in order to process online store orders, deliver the ordered products and handle other communication related to orders, such as processing payments, complaints and returns.
Processed personal data
Legal basis: Contract. The basis for the processing of this personal data is the preparation and execution of the contract concluded through the online store.
Legitimate interest. The above-mentioned purpose is also in accordance with our legitimate interest related to managing the customer relationship and we consider that based on the relationship between you and our company, it is also a processing that you can reasonably expect and that does not conflict with your fundamental rights and freedoms.
We receive personal data mainly from the data subject in connection with contacting, registering an account or buying in the online store as well as relating to the use of our website.
As a general rule, only our own staff processes your personal data for the purposes described in this privacy policy. We may share personal data with others, especially in the following situations:
following situations:
As a rule, personal data is processed only within the EU/EEA area. Personal data can be transferred outside the EU/EEA area mainly in the situation if one of the service providers we use is located outside the EU/EEA area.
If personal data were to be transferred outside the EU/EEA to a country that is not included in the EU Commission's decision on the adequate level of data protection, we will ensure that the processing, transfer and storage of your data takes place on the grounds required by law and with an adequate protection mechanism, such as standard contract clauses confirmed by the EU Commission. The standard contract clauses can be found here (part of the text is in English): https://ec.europa.eu/info/law/law-topic/data- protection_fi. The standard contract clauses have different modules for different situations, most likely modules 1 (data controller-data controller) or 2 (data controller-processor) would be applied depending on the situation.
We do not store personal data longer than is necessary for the purpose of their use or as required by contract or law. Personal data can also be deleted in a situation where the data subject withdraws consent or requests the deletion of the data (and there is no other legal basis for the processing). Data retention periods can also be affected by legislation (e.g. accounting law, tax laws) and the expiration of deadlines related to presenting legal claims (e.g. statutes of limitations). The required storage time can vary, but typically it can mean a few years. Customer data is generally stored for the duration of the customer relationship and for a reasonable period after it (e.g. taking into consideration deadlines for presenting legal claims). Accounting documents are typically kept for 6-10 years.
You have the following rights related to your personal data:
Managing your own data
As a registered customer, you may have a limited opportunity to log into the service, view your own information and make changes to it.
The right to access personal data
You have the right to receive confirmation from us as to whether we are processing personal data concerning you and to know what personal data concerning you we are processing (e.g. a copy of the data). In addition, you have the right to receive additional information about the basis of the processing of your personal data. However, the right to access personal data can be restricted based on legislation, the protection of privacy of other persons and the protection of trade secrets.
The right to correct data
You have the right to have your incomplete, incorrect or outdated personal data supplemented or corrected.
The right to delete data
You have the right to request the deletion of your personal data. Your data will be deleted if there is no longer a legal basis for processing personal data.
The right to restrict processing
You may have the right to restrict the processing of your personal data. In this case, the controller generally does not process personal data other than by storing the data. You may have this right, for example, when you dispute the accuracy of your personal data, if the processing is against the law, or if you have objected to the processing of your personal data and are waiting for a response to the request for action in question.
Right to object
If we process your personal data based on our legitimate interest, you have the right to object to such processing based on your personal reasons.
The right to transfer data from one system to another
If we have processed your data on the basis of your consent or to fulfill a contract and the processing has taken place automatically, you have the right to receive the data you have provided us electronically in a commonly used machine-readable format so that the data can be transferred to another data controller.
Withdrawal of consent
If the processing of personal data is based on consent, you have the right to withdraw it at any time. Withdrawal of consent does not affect the legality of the processing of personal data that took place before the withdrawal.
The right to prohibit direct marketing
You always have the right to object to the processing of your personal data for direct marketing purposes and the right to withdraw any consent you may have given for marketing purposes.
You can exercise your rights described above by contacting us, for example, using the contact information mentioned above. The use of your rights is basically free of charge for you. If you submit a request electronically, we will deliver the information electronically as far as possible, unless you request otherwise. If necessary, we may ask you to verify your identity or specify your request. You can easily prohibit email marketing, for example, by clicking the link in the header or footer of any email marketing message.
If you believe that we do not process your personal data in accordance with this privacy policy or the applicable national and European Union data protection legislation, you can file a complaint with the supervisory authority if you wish. In Finland, the authority in question is the office of the Data Protection Ombudsman (www.tietosuoja.fi).
Personal data in electronic form is stored on servers that are protected by technical means in accordance with the general practices of the industry. The personal data we collect and process is confidential, and we do not disclose it to anyone other than those who need the information in their work, or in accordance with this privacy statement to our partners or other recipients.
We use cookies on our website so that we can offer the best possible user experience to the site's visitors. Cookies are short text files that the web server stores on the user's terminal device. Cookies give us information about how users use our website. We can use cookies to develop our website, operate the online store, analyze website usage, and target and optimize marketing. Non-necessary cookies are processed only with the consent of the website visitor. Consent is given, it is revocable and it is managed by the cookie tool on our website, which also provides more information about use of cookies on our website.
The processing of certain personal data is mandatory, for example for the conclusion and execution of contracts and for invoicing purposes in our online store. As far as possible and when you do business with us, we try to tell you which information is mandatory to fulfill the contract or create a customer account and which information you can provide if you wish.
We do not make such automatic decision-making and profiling that would have legal effects or other similar effects on the person.
We may make updates to this privacy policy as our operations, privacy principles or applicable legislation change. Unless otherwise stated, the changes will take effect when we have published the updated privacy statement on our website.
Stay ahead of the curve. Be the first to know about new brand launches, exclusive offers, and boutique updates.
© 2025 | HÄN BOUTIQUE | All Rights Reserved