The Swedish company, H & M Hennes & Mauritz GBC AB ( Cheap Monday ), is the Controller of the personal data you disclose to us and therefore responsible for your personal data under the Swedish Data Protection Act (1998:204) and EU Directive 95/46/EC. The British company H&M Hennes Ltd is the personal data processor and processes the personal data on behalf of H&M. Your personal data is stored in EU and might be disclosed to our subsidiaries within the H&M group. This means that your data, in a few cases, can be processed outside the EEA-area. In any event of transfer of your personal data to a Country outside the EEA-area, the involved H&M subsidiary will guarantee the application of the standard contractual clauses regarding data privacy process approved by the EU.
How do we use your personal data?
In providing your personal details you consent to us using the data collected in order to meet our commitments to you and to provide you with the service you expect. We need your data for the following purposes:
To create your personal account at Cheap Monday (e.g. your name and email address)
To process your orders via our online services (e.g. your name, address, date of birth and bank details)
To be able to send text message notifications of delivery status (e.g. your mobile phone number)
To be able to send you marketing offers such as newsletters (e.g. your email address and your name)
To be able to contact you in the event of any problem with the delivery of your items (e.g. telephone number, email address and address)
To enable us to answer your queries and to inform you of new or changed services (e.g. your email address)
To notify the winners in competitions arranged online (e.g. your email address, name, home address and telephone number)
To be able to analyse your personal data to provide you with relevant marketing offers and information (e.g. name, buying habits)
To be able to validate that you are of legal age for shopping online (e.g. date of birth)
We will only keep your data for as long as necessary to carry out our services to you or as long as we are required by law. After this your personal data will be deleted. We cannot remove your data when there is a legal storage requirement, such as book keeping rules or when there is a legal ground to keep the data, such as an on-going contractual relationship.Find out more about Data Protection regarding Credit Reference and Fraud Prevention Agencies. Your rights under the Data Protection Act 1998 will not be affected.
What are your rights?
You have the right to request information about the personal data we hold on you. If your data is incorrect, incomplete or irrelevant you can ask to have the information corrected or removed. Annually, you also have the right to request written documentation on the personal information we have regarding you on our account files. To request this document please contact Cheap Monday Customer Service. You can withdraw your consent to us using the data for marketing purposes at any time (i.e.sending Newsletters or offers). You can contact us by sending an email to: email@example.com
Who has access to the data?
We never pass on, sell or swap your data to third parties for marketing purposes outside the H&M Group. Data that is forwarded to third parties, for example shipping agents in connection with deliveries of goods is used only to meet Cheap Monday´s commitments to you. Cheap Monday may also supply your personal details to organizations such as credit reference or debt collection agencies for the purpose of credit rating checks, identity checks and debt collection.
How do we protect your data?
We have taken technical and organisational measures to protect your data from loss, manipulation, unauthorized access, etc. We continually adapt our security measures in line with technological progress and developments. At Cheap Monday we protect your data using encryption. Secure Sockets Layer (SSL) is a function that encrypts all information sent between buyer and seller.
To make card purchases with us as secure as possible all information is sent in encrypted form using SSL. This means that the information is passed through a secure connection and that your card details cannot be read by external parties.
For card purchases we work with an authorized payment agent that helps us to check directly with your bank that the card is valid for purchases. Our payment agent processes your card details in the correct way according to the international security standard PCI DSS, which was developed by the card companies VISA, MasterCard, Diners, American Express and JCB. This means that your card details are processed with a very high level of security. When you pay by card we reserve the right to carry out an identity check.
Invoice purchases - country specific terms
Paying with invoice in Germany and Austria
In case the customer chooses to pay with invoice his personal data will be transferred to BFS finance GmbH, Gutersloher Str. 123, 33415 Verl. which will forward the personal data to contractually connected credit information agencies for the purposes of credit evaluation and identity verification before the order process is finalized. I case of late payment/default BFS finance GmbH has the right to involve debt collection agencies and to eventually register customers as debtors into credit information agencies Such credit information agencies are: - DeltaVista GmbH, Freisinger Landstraße 74, D – 80939 München - arvato Infoscore GmbH, Rheinstraße 99, D – 76532 Baden-Baden
Paying with invoice in Netherlands
Gothia BV will process the customers personal data in accordance with the Dutch Data Protection act (WBP) Personal data will be collected, stored and processed for the purpose of completing the customer’s order, identifying the customer, performing a credit check and for the prevention of default of payment and indebtedness. The aforementioned processing of personal data is registered at the Dutch Data Protection Authority (CBP). By selecting payment through invoice the customer gives consent for Gothia BV to perform identification control and credit check using external and internal databases. A customer is at all times entitled to access and/or to correct processed personal data.
Paying with invoice in Sweden
arvato Finance AB will process the customers personal data in accordance with the Swedish Personal Data Act (personuppgiftslagen). Personal data will be collected, stored and processed for the purpose of completing the customer’s order, identifying the customer, perform a credit check and for statistical purposes. By selecting payment through invoice the customer gives consent for arvato Finance AB to perform identification control and credit check using external and internal databases.
Paying with invoice in Denmark
arvato Finance A/S will process the customers personal data in accordance with the Danish Act on Processing of Personal Data (Persondataloven). Personal data will be collected, stored and processed for the purpose of completing the customer’s order, identifying the customer, perform a credit check and for statistical purposes. By selecting payment through invoice the customer gives consent for arvato Finance to perform identification control and credit check using external and internal databases.
Paying with invoice in Finland
arvato Finance will process the customers personal data in accordance with the Finnish Personal Data Act (Henkilötietolaki or Personuppgiftslagen). Personal data will be collected, stored and processed for the purpose of completing the customer’s order, identifying the customer, perform a credit check and for statistical purposes. By selecting payment through invoice the customer gives consent for arvato Finance to perform identification control and credit check using external and internal databases.
There are two types of cookies: permanent and temporary (session cookies). Permanent cookies are stored as a file on your computer or mobile device for no longer than 12 months. Session cookies are stored temporarily and disappear when you close your browser session. We use permanent cookies to store your choice of start page and to store your details if you select "Remember me" when you log in. We use session cookies when you use the product filtration function, to check whether you are logged in or if you put an item in your shopping bag.
You can easily erase cookies from your computer or mobile device using your browser. For instructions on how to handle and delete cookies please look under "Help" in your browser. You can choose to disable cookies, or to receive a notification each time a new cookie is sent to your computer or mobile device. Please note that if you choose to disable cookies, you will not be able to take advantage of all our features.
We use third-party cookies to collect statistics in aggregate form in analysis tools such as Google Analytics and for the purpose of marketing activities. The cookies used are both permanent and temporary cookies (session cookies). The permanent cookies are stored on your computer or mobile device for no longer than 24 months.
The site www.cheapmonday.com may include links to other websites which don't fall under our supervision. We cannot accept any responsibility for the protection of the privacy or the content of these websites, but we offer these links to make it easier for our visitors to find more information about specific subjects.
The content of this website is copyright-protected and is the property of H & M Hennes & Mauritz AB.
Controller of personal data
H & M Hennes & Mauritz AB
Mäster Samuelsgatan 46
106 38 Stockholm
Telephone: +46 (0)8 796 55 00
Fax: +46 (0)8 24 80 78
Companies register: Bolagsverket/Swedish Companies Registration OfficeCompany registration number: 556070-1715Authorised representative: Karl-Johan PerssonVAT registration number: VAT NO. SE556070171501
Controller of personal data for invoice payments
arvato Finance AB
Telephone: +46-(0)340-66 44 00