• Your shopping cart is empty!

Privacy Policy

Last updated: 05 June 2025

Thank you for choosing Hong Kong Hahong Co., Limited. We design and sell women’s apparel—including **Tops, Swimwear & Beachwear, Skirts, Shorts, Dresses, and Co-ords—**through our websites, mobile apps, AR/VR showrooms, flagship boutiques, and partner marketplaces worldwide. Protecting your privacy is fundamental to our commitment to award-winning, responsible fashion.

1. Who We Are

Hong Kong Hahong Co., Limited Ltd. (“Hong Kong Hahong Co., Limited,” “we,” “our,” or “us”) is the data controller for personal information collected under this Policy. Our registered office is:
FLAT 721, 7/F, LIVEN HOUSE, NO.61-63 KING YIP STREET, KWUN TONG, HONG KONG
If you have questions, email [email protected] or write to our Data Protection Officer (DPO) at the above address.

2. Scope

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you:

  1. Visit or make a purchase on any Hong Kong Hahong Co., Limited-owned website or app;

  2. Interact with our digital showrooms, AR/VR try-on tools, or AI-powered styling services;

  3. Engage with us on social media, at events, or through customer service;

  4. Receive marketing messages or participate in surveys, contests, or promotions.

It applies globally unless a local supplemental notice states otherwise.

3. Information We Collect

CategoryExamplesSource(s)
Account & Contact DataName, address, email, phone, passwordYou
Order & Payment DataProduct selections, shipping address, payment token (PayPal, credit card, digital wallet)You / Payment processor
Device & Usage DataIP address, browser type, referring URL, pages viewed, time spentYour device / Cookies
AR/VR & Fit DataBody measurements, avatar images (stored locally unless cloud sync chosen)You / Your device
Marketing & PreferencesWishlist items, size, style, color preferencesYou / In-app interactions
Social & UGC DataLikes, comments, photos, or reviews you postYou / Social platforms
AI-Derived InsightsTrend scores, predicted sizes, propensity to return itemsGenerated by our AI engines

Sensitive data? We do not intentionally collect or process sensitive personal data (e.g., health or biometric identifiers) unless required to fulfill a specific service you request (such as accessibility accommodations). In such cases, we obtain explicit consent or apply another lawful basis.

4. How & Why We Use Your Information

PurposeLegal Basis*
Process orders, payments, returns, and customer supportPerformance of a contract
Personalize product recommendations, size guidance, and styling contentLegitimate interests / Consent (for cookies)
Operate, secure, and improve our sites, apps, and AI forecasting platformLegitimate interests
Send marketing emails, push notifications, SMS, or in-app messagesConsent / Legitimate interests (where permitted)
Conduct contests, surveys, and loyalty programsConsent / Performance of a contract
Detect and prevent fraud, abuse, or security incidentsLegitimate interests / Legal obligation
Comply with legal, regulatory, or tax requirementsLegal obligation

* Where the EU GDPR applies, legal bases are shown. For California residents, these uses align with “business purposes” under the CCPA/CPRA.

5. Cookies & Similar Technologies

We use first-party and third-party cookies, pixels, SDKs, and local storage to:

  • Keep you signed in and remember items in your cart;

  • Measure site performance and analyze traffic (e.g., Microsoft Clarity, Google Analytics);

  • Serve personalized ads through partners such as Meta Ads and TikTok Ads;

  • Enable AR/VR rendering or 3-D garment previews.

You may manage or withdraw consent in our Cookie Preferences Center at any time.

6. How We Share Information

We never sell your personal data. We may disclose limited information to:

  1. Service Providers – payment processors (PayPal, Stripe), cloud hosting (Microsoft Azure), logistics carriers, AI analytics vendors, customer-service platforms;

  2. Retail & Platform Partners – when you choose “Buy via Partner” or opt into a co-branded promotion (e.g., Net-a-Porter, Six Senses Resorts);

  3. Professional Advisors – lawyers, auditors, insurers;

  4. Authorities – when required by law, court order, or to protect rights and safety;

  5. Business Transfers – in connection with a merger, acquisition, or asset sale (data will remain subject to this Policy).

All vendors are bound by strict contractual obligations (including EU Standard Contractual Clauses, where applicable).

7. International Transfers

We operate globally. Data stored in Microsoft Azure’s EU, US, and APAC data centers may be accessed by our teams in Hong Kong. Where local laws require, we rely on:

  • Adequacy decisions issued by the European Commission;

  • SCCs (2021/914/EU) plus additional security measures;

  • UK Addendum to the SCCs;

  • APEC CBPR/PRP certification (in progress).

8. Data Retention

We keep data only as long as necessary:

  • Orders & Invoices – 7 years (tax regulations);

  • Marketing Consent Logs – until you withdraw consent + 2 years;

  • Inactive Accounts – anonymized after 3 years of no activity;

  • AR/VR Fit Scans – stored locally; cloud copies auto-delete after 12 months or on request.

Aggregated or de-identified data may be retained indefinitely.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal data;

  • Port your data to another service in a structured, machine-readable format;

  • Object to or restrict certain processing;

  • Opt-out of targeted advertising, profiling, or automated decisions;

  • Withdraw consent at any time (marketing, cookies, AR/VR scans);

  • Lodge a complaint with your supervisory authority (e.g., ICO, EDPB, CPPA).

To exercise rights, email [email protected] or use “Privacy Settings” in your account.

10. Security Measures

  • Encryption in transit (TLS 1.3) and at rest (AES-256) for payment and account data;

  • Multi-region backups, WAF, and 24/7 SOC monitoring;

  • Annual penetration tests and ISO 27001-aligned controls;

  • Role-based access and MFA for staff.

Still, no online platform can guarantee 100 % security. Please keep your password safe and contact us immediately if you suspect unauthorized activity.

11. Children’s Privacy

Our services are not intended for individuals under 16 (or the local age of digital consent). We do not knowingly collect personal data from children. If we learn we have done so, we will delete it promptly.

12. Automated Decision-Making & Profiling

We employ AI models to predict size, fit, and style preferences and to flag high-risk transactions. These systems never deny you access to our products automatically; human review is available on request.

13. Third-Party Links

Our sites may include links to partner stores, social platforms, or event pages. We are not responsible for the privacy practices of those third parties.

14. Changes to This Policy

We may update this Privacy Policy to reflect new technologies, industry practices, regulatory requirements, or for other reasons. Material changes will be announced via email, in-app message, or a prominent banner at least 30 days before they take effect.

15. Contact Us

Questions, comments, or complaints?

  • Email: [email protected]

  • Phone: +852 5169 5138 (Mon–Fri, 09:00–18:00 local time)

  • Postal: DPO, Hong Kong Hahong Co., Limited, FLAT 721, 7/F, LIVEN HOUSE, NO.61-63 KING YIP STREET, KWUN TONG, HONG KONG .

By continuing to use our services, you acknowledge that you have read and understood this Policy and agree to its terms.