Privacy Policy

PRIVACY POLICY

  1. Introduction

This Privacy Policy sets out the types of personal data Hallone Limited, a limited company incorporated in England and Wales under company number 14517587, may collect about you when you interact with us and explains how we process your personal data. References in this Privacy Policy to “Hallone”, "we", "us" or "our" are to Hallone Limited.

This Privacy Policy applies if you are a visitor to our websites or our social media pages, if you purchase any products from Hallone. We may collect, use, store and transfer different kinds of personal data about you when you visit our websites or social media pages, register for an online account with us, join our loyalty programme, contact us, subscribe to our newsletter, or purchase any of our products.

Hallone is the “data controller” in respect of your personal data and we are responsible for deciding how we hold and use personal data we collect or receive about you. We respect your privacy and are committed to protecting your personal data. We will ensure that your personal data is stored and used in accordance with this Privacy Policy.

Please read this Privacy Policy carefully. This Privacy Policy may change from time to time. We will regularly review this Privacy Policy and any updates we make will be posted on our websites. We encourage you to frequently check this page for any changes to stay informed about how we are collecting and processing personal data about you.

This Privacy Policy has been drafted with brevity and clarity in mind. It does not provide exhaustive detail on all aspects of our collection and use of personal data. However, we would be happy to provide any additional information or explanation upon request. If you have any questions or concerns about any of your personal data or information contained within our privacy policy, please contact us using the details below.

Our website is not intended for children and we do not knowingly collect data relating to children. Without limiting the foregoing, our website is not intended for children under 16 years of age. No one under age 16 may provide any information to or on the website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this website or through any of its features, register on the website, make any purchases through the website, use any of the interactive or public comment features of this website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 16, we may delete that information. If you believe we might have any information from or about a child under 16, please contact us at info@hallone.co.uk

  1. How to contact us

The person responsible for data protection matters within our organisation is currently our Founder who can be contacted using info@hallone.co.uk

If you have any questions or concerns about this Privacy Policy or our privacy practices or if you wish to exercise any of your rights over your data as set out in section 12 below, please do not hesitate to contact us by one of the following methods:

By post: at our registered office, Hallone Limited 3 Newbridge Square Swindon Wiltshire SN1 1BY

By email: info@hallone.co.uk

European Representative

At this time, we do not ship outside of the UK so we ask for any customers who are located within the EEA not to supply any personal data on our website.

Any data subject requests relating to EEA customers can at this time also be directed to our Founder who can be contacted using info@hallone.co.uk

  1. What data do we collect?

Personal data is any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

Whenever we collect, store, use, disclose or delete your personal data, this is referred to as processing your personal data. As a website user, visitor or customer, we will process different kinds of personal data about you which we have grouped together as follows:

  • Identity data – data which identifies you including your name, title, user name, date of birth and gender.
  • Contact data – your contact details such as your billing address, delivery address, email address and telephone numbers.
  • Purchase data – information concerning the products you have purchased from us including how frequently you purchase from us, whether you have used any discount or gift card codes, or other offers, which products you have purchased, how much you have spent with us.
  • Security data – for your security we keep an encrypted record of your login password.
  • Customer Service data – information relating to your interactions with our customer service team by email, phone, or by post or by submitting an enquiry form on our website or contacting us via our social media pages. For example, information you provide when you make a general enquiry, ask us for product advice or in the unfortunate case that you need to complain to us.
  • Financial data – data we collect if you purchase a product from us such as your bank account and your payment card details.
  • Review data – information you provide to us when you review our products or services such as via Trust Pilot or when you provide feedback to our customer services team.
  • Marketing data – data which we capture when you sign up to receive our newsletter or other marketing communications, including your preference regarding us contacting you this way, opt-out data and any vouchers or other offers we have sent you as well as data on how you respond to and interact with our marketing communications.
  • Technical data – electronic information which is automatically logged/stored by processing equipment including details of the device(s) you use to access our services, internet protocol (IP) address, your login data, browser type and version, time zone setting and location, country and telephone code where your device is located, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our websites or apps or open our emails.
  • Usage data – information about how you use our sites, including how you navigate and interact with our site, which pages and products you view, the time on our site, information about your previous visits, the advertisements you view and click on, the contents of your shopping basket, products on your wish list and which you show an interest in, any search terms you enter and whether you encounter any problems. We also collect data about how you arrive at our websites (e.g., through a search and the search keywords used).
  • Social Media data – data you provide to us directly about your social media accounts or which we have access to when you connect with us or like or follow our social media accounts, including your social media handle, photograph, date of birth, location, occupation, interests and other information and content you make available via your social media accounts.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.

We do not collect any special categories of personal data about you (such as information about your health, race, political opinions, religious beliefs or sexuality). Nor do we collect any information about criminal convictions and offences.

  1. When do we collect your data?

Direct interactions: We collect personal data directly from you when you interact with us or correspond with us directly via our websites, by email, by post or on social media. This includes personal data you provide when you:

  • visit our website;
  • create an account on our website;
  • become of member of Earth Owners Club;
  • place an order for any of our products;
  • subscribe to receive our marketing communications;
  • engage with us on social media, such as by following us, liking our posts, commenting on our posts or sending direct messages;
  • contact us by any means including filing out an enquiry form on our website or by sending us an email;
  • give us feedback or respond to our request for feedback;
  • request marketing to be sent to you;
  • enter a competition, promotion or survey; or
  • comment or review our products.

Automated technologies or interactions: When you interact with our website, our systems will automatically collect information about your equipment, browsing actions and patterns. We collect this personal data (namely Technical and Usage data) by using cookies, tracking pixels, server logs and other similar technologies. Please see the section headed Cookies below.

We also collect information using a pixel contained in our marketing emails. We collect and use this information when you interact with our website and our emails to improve our site content, recommend products of interest to you and to tailor our marketing communications to you.

Other third parties. We may also receive personal data about you from various third parties as set out below:

  • our third party ecommerce website provider (currently Shopify) whose services enable us to process electronic orders and payments for products and other providers of technical, payment and delivery services;
  • analytics providers such as Google Analytics and Shopify Analytics who provide us with Technical and Usage data;
  • advertising networks such as Google Adwords and Facebook who provide us with Technical and Usage data;
  • operators of social media platforms, including Facebook, Instagram, Twitter, LinkedIn, YouTube and TikTok, which may be based outside of the UK and EEA; and
  • review platforms such as Trustpilot who may provide Review data.
  1. How and why we use your personal data

We will only use your personal data when the law allows us to. The legal basis will vary depending on the reason we are collecting your personal data. Sometimes we might rely on more than one legal basis when we process your personal data depending on why we are using your data. Please contact us as any time if you need more information about how we are using your personal data and which legal basis we are relying on.

We have summarised below the legal basis we rely on to use your personal data and examples of how this works in practice:

  • Where it is necessary for the performance of a contract to which you are party or to take steps at your request before entering into such a contract

We will need to process your data when you purchase products from us in order to process and deliver your order including taking payment from you. We are likely to process your IdentityContactPurchaseCustomer Service and Financial data on this basis.

  • Where we have your consent to do so, subject to your right to withdraw consent

We may send you marketing communications by email or by SMS if you have subscribed to receiving these communications from us in this way. Our marketing email provider uses a pixel contained in our emails to track how you interact with them (such as whether they are delivered, opened, marked as spam or unsubscribe) and which features you click on and to collect Technical data (such as the type of device you use to open them and your location). This means that we can send you email content that’s more relevant and tailored to you. If you want to opt-out of email tracking at any time, then you can opt-out of receiving marketing emails.  

We may rely on the ‘soft opt-in’ to send you marketing emails and/or texts without asking for your express opt-in consent. For further information on the soft opt-in, please see the section on legitimate interests below.

You can easily opt-out of our marketing emails by clicking the ‘unsubscribe’ link or by contacting us by email at info@hallone.co.uk
You can easily opt-out of our marketing texts by texting ‘STOP’ at any time.

We will also obtain your consent to collect certain Usage and Technical data when we ask you to consent to cookies. Please see the section headed “Cookies” below for more information.

We will get your opt-in consent before we share your personal data with any third party for marketing.

Where we process information on the basis of consent, if at any time you want us to stop processing this information, you can withdraw your consent.

  • Where it is necessary to comply with a legal or regulatory obligation that we are subject to

We are subject to legal and regulatory obligations that require us to process your personal data, for example, anti-money laundering obligations, compliance with subpoenas and government requests, and consumer contracts legislation. We are likely to process your IdentityContactPurchaseSecurityFinancial, and Technical data in connection with this purpose.

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests

We may analyse your personal information including IdentityContactCustomer ServiceReviewMarketingPurchaseTechnical, Usage and Social Media data so that we can form a view of what you may want or need or what may be of interest to you to send you marketing communications relevant to you. We may make use of additional information about you where it is available from third parties for this purpose.

Our legitimate interests in processing your personal data for our own business purposes include the following:

    • To manage our relationship with you and notify you of changes to our terms and conditions or this Privacy Policy (which may include processing IdentityContactPurchaseSecurityCustomer ServiceReviewMarketingUsageTechnical and Social Media data);
    • To promote our products and our business, including via our website, via email, via our app and via social media (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsageTechnical and Social Media data);
    • To personalise our marketing to you to provide you with a better and more engaging experience (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsageTechnical and Social Media data);
    • Where we have obtained your contact details in the course of a sale or negotiations for a sale of a product or service to you, we may rely on the ‘soft opt-in’ to send you direct marketing emails and/or texts in relation to similar products or services if you do not choose to opt out (which may include processing IdentityContactPurchase and Marketing data).
    • To correspond with you concerning your account for our website or our app or your purchases, and to respond to your queries, refund requests and complaints (which may include processing IdentityContactPurchaseCustomer ServiceMarketingUsage and Social Media data);
    • To conduct our business and operate as a retailer of clothing, to further our business and community interests and operate profitably (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsageTechnical and Social Media data);
    • To develop and grow our business, improve our products and offerings, our website, app and our customer service (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsageTechnical and Social Media data);
    • To process orders for products including managing payments and collecting and recovering money owed to us (which may include processing IdentityContactPurchaseFinancialCustomer ServiceReviewMarketingUsage and Social Media data);
    • To send you survey and feedback requests to help us improve our products and services (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsage and Social Media data).
    • To administer and protect our business, our website, our online store and our app (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsage and Technical data);
    • To create and maintain accurate business records (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsageTechnical and Social Media data);
    • To protect our business and financial interests and for the purpose of establishing, exercising or defending legal claims (which may include processing IdentityContactPurchaseSecurityCustomer ServiceFinancialReviewMarketingUsageTechnical and Social Media data);
    • To ensure our website and online store and app are being used in compliance with relevant terms and conditions (which may include processing IdentityContactPurchaseSecurityCustomer ServiceFinancialReviewMarketingUsageTechnical and Social Media data); and
    • For fraud prevention, anti-money laundering, and for the prevention or detection of crime (which may include processing IdentityContactSecurityFinancialUsage and Technical data).
  1. Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we wish to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. We may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

  1. If you fail to provide personal data

Where we need to collect personal data from you in order to comply with our legal obligations or to perform a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the relevant contract (for example deliver your products or process your payment). In this case, we may have to cancel the relevant contract.

  1. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Your personal data is available to authorised personnel of Hallone who need access to the information in order to fulfil their duties. All Hallone personnel who have access to your personal data will only process your personal data on our instructions and they shall be subject to a duty of confidentiality.

We also have place procedures to deal with any suspected personal data breach. We will notify you and any applicable regulator of a breach where we are legally required to do so.

Unfortunately, however, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

  1. How long will we keep your data?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In relation to marketing consents, we may ask for your updated consent from time to time if we have not heard from you in a while to check that you still want to receive our emails or texts. If you decide to opt-out we will keep a record of this alongside your email address or other contact details to ensure that we do not send you marketing communications going forward.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

We shall not have any liability whatsoever to you for the deletion of personal data in accordance with our data retention policy.

  1. Who do we share your data with?

We may share your personal data with the following third parties in order to perform a contract with you, comply with a legal or regulatory obligation, in our legitimate interests of conducting our business or where you have consented:

  • Third parties who support our website and our app and provide other business systems such as Shopify, our ecommerce provider.
  • Operational companies such as delivery couriers;
  • Our returns carriers (currently DPD UK);
  • Third party payment providers and ‘buy now, pay later’ finance providers such as Stripe, Klarna, Clearpay, Afterpay, PayPal, ApplePay and mollie;
  • Our accounting software providers;
  • Marketing and advertising providers such as Seguno;
  • Our Impact and Reforestation partner, One Tree Planeted;
  • Data analytics companies such as Google Analytics and Shopify Analytics;
  • Social media platforms and online search engines such as Facebook, Instagram, Twitter, LinkedIn, YouTube, TikTok and Google to show you products that might interest you while you’re browsing the internet and using social media platforms;
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Hallone Limited’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Hallone Limited about our users and customers is among the assets transferred. We may also seek to acquire other businesses or merge with them;
  • Other companies and organisations for the purposes of fraud protection and credit risk reduction, HM Revenue & Customs, the police, regulators and other authorities and public bodies;
  • Professional advisers, including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accountancy services;
  • Courts, tribunals, litigants, tax authorities and government agencies in compliance with any court order, law, or legal process, including to respond to any government, or regulatory request or subpoena or to enable us to enforce any agreement with you; and
  • Our group companies including for the purposes of our regular reporting activities on company performance, operating our business, providing our products and/or services, for system maintenance, support and hosting of data or in the context of a business reorganisation or group restructuring exercise.

We require all our data processors to respect the security of your personal data and to treat it in accordance with the law. We do not allow our data processors to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

In some instances where we share data with third parties, such as HMRC, those third parties will also be controllers of your personal data. We shall not be responsible or liable for the way in which other data controllers hold or process your personal data. Please contact those third parties for further information regarding how they will use your data. We shall only share your personal data with third parties in accordance with this Privacy Policy.

Shopify, our ecommerce provider, may share your data with NoFraud LLC who provide fraud prevention services to detect potentially fraudulent transactions on our website. NoFraud act as an independent data controller when providing these services. A copy of NoFraud’s privacy policy can be found athttps://www.nofraud.com/end-user-privacy-policy.

  1. International transfers

If we need to transfer your data outside of the UK or EEA, we ensure your data receives essentially equivalent protection as if it were being processed inside the UK or EEA by ensuring at least one of the following safeguards is implemented:

  • We will transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by UK adequacy regulations (in the case of data transfers from the UK) or EEA adequacy regulations (in the case of data transfers from the EEA).
  • In some instances, we will take steps to ensure that the recipient has an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal information and that appropriate and suitable safeguards are in place to comply with data protection legislation. Please contact us if you want further information on and a copy of such arrangements.

In the case of data processed by Shopify, our ecommerce provider, details of the data transfers which they make outside the UK can be found at:https://help.shopify.com/pdf/cross-border-whitepaper.pdf

  1. What are your rights over your data?

You have certain rights in respect of the personal data that we process about you (where we are the data controller because we determine the purpose and means for which that personal data shall be processed):

  • the right to request access to your personal data that we hold and to receive certain information relating to that data;
  • the right to ask us to rectify inaccurate data or to complete incomplete data;
  • the right to receive or ask for your personal data to be transferred to a third party in a structured, commonly used and machine-readable format (note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you);
  • the right to request the erasure of personal data if it is no longer necessary in relation to the purposes for which it was collected or processed or if you have successfully objected to processing (note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request);
  • the right to object to how we process your personal data in certain circumstances, including the right to ask us not to process your personal data for marketing purposes;
  • the right to restrict processing of your personal data, for example if you want us to establish the accuracy of the data or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it; and
  • where we are processing personal data relating to you on the basis that we have your consent to do so, you may withdraw your consent at any time (this will not affect the lawfulness of any processing carried out before you withdraw your consent). If you withdraw your consent, we may not be able to provide certain products or services to you.

If you wish to exercise any of the rights set out above, please contact us.

We may ask you to verify your identity if you make a request to us to exercise any of the rights set out above. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We will try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

  1. Marketing preference

There are several ways you can stop direct marketing communications from us:

  • You can click the ‘unsubscribe’ link in any email or text STOP in response to any SMS message that we send you.
  • You can contact us by email at info@hallone.co.uk

Please note that you may continue to receive communications for a short period after changing your preferences while our systems are updated.

  1. Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and to improve our website, products and services. You can find out more about the way cookies work on www.cookiecentral.com and www.allaboutcookies.org. Please note that we are not responsible for the content of third party websites.

For more information about the cookies we use and the reasons why we use them, please see our Cookie Policy below. We request your consent before using analytical or performance cookies, functionality cookies or targeting cookies, but do not require your consent to use strictly necessary cookies.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies (and the above websites tell you how to do this). If you disable or refuse cookies, please note that some parts of our website may become inaccessible or not function properly.

  1. Third party links

Our website may contain links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third party websites and are not responsible for their privacy statements. When you leave our website we encourage you to read the privacy policies of every website you visit.

  1. How to complain

Please let us know if you are unhappy with how we have used your personal data. You can contact us by email at info@hallone.co.uk

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please do contact us in the first instance and we shall endeavour to resolve your complaint.

  1. Changes to your data

It is important that the personal data we hold about you is accurate and current. Please let us know if your contact details change during your relationship with us. You have the right to correct any information we hold about you that you think is wrong or incomplete. Please contact us if you want to do this.

This Privacy Policy was last updated on 08/11/2023.

We Are Fair Fashion

Hallone aim to develop pieces that are designed to last.

Our commitment is the promise of a range of unique and sustainable garments that meet ethical and demanding criteria.

We are particularly keen on creating collections of responsible products and are committed to a long-term relationship with you.

And with the planet.

Our promise includes the labels and certifications awarded to our manufacturers.

It is important to note that Hallone is a brand, not a manufacturer.

This page is designed to give you guidance and trust, and to help you better understand our commitments, as well as, our involvement in the choice of partners in our production process.

Click below for more information on our Fabric commitments.

  • Items that contain a minimum of 95% organic raw materials.

  • Items that contain a minimum of 5% organic raw materials blended with conventional or synthetic raw materials.

  • Items designed with a minimum of 5% and a maximum of 95% recycled raw materials blended with other raw materials.

  • Garments that contain a minimum of 95% recycled raw materials.

  • The GRS standard aims to check the recycled content of intermediate and finished products. This is to ensure that company manufacturing processes as well as social and environmental practices are sustainable and responsible.

  • Expertise Vegan Europe, better known under the EVE VEGAN label (a registered trademark), is an international control and labelling organisation specialised in vegan products, i.e. animal friendly and excluding any animal-derived products.

  • Guarantees the absence of any harmful substances or those that may pose a threat to human health or the environment.

  • Sorona® is a partially plant-based polymer. A new and innovative material, it used in the padding of our down jackets and is an eco-responsible alternative to replace fur or other animal feather paddings. Sorona® is a trademark registered by Affiliates of DuPont de Nemours, Inc. used under licence.