Privacy policy

We, Martin Magnusson & Co AB, corporate registration number 556127‑7475, located at Äspåsvägen 5 (hereinafter referred to as “Hestra”), process personal data as a data controller in accordance with applicable legislation, such as the General Data Protection Regulation (GDPR). We are committed to respecting your privacy and protecting the security of your personal data. This document describes how we handle personal data in compliance with GDPR. 

This Privacy Policy (“Policy”) is intended to help you understand what types of personal data we collect, how we collect them, and how we use them. It is also intended to inform you about your rights and choices regarding such data. The Policy applies to all personal data that we collect, use, share, or otherwise process about you. 

The data controller responsible for ensuring that your personal data is processed in accordance with GDPR is Martin Magnusson & Co AB. Our address is HESTRA / Martin Magnusson & Co AB, Äspåsvägen 5, SE335 71 Hestra, Sweden. You can contact us by email at b2c@hestragloves.com or by telephone at +46 (0)370 – 33 97 00.

When you have any form of contact with Hestra – whether as an employee, job applicant, customer, website visitor, event participant, newsletter subscriber, downloader of our webbased materials, or as a representative or contact person for a business partner – Hestra will process the personal data you provide. This is done to fulfill Hestra’s commitments toward you or your organization.

We may collect personal data such as names, usernames, job titles, billing and delivery addresses, email addresses, phone numbers, details of payments to and from you, and information about products you have purchased from us. We also collect technical data, including IP addresses, login details, browser type and version, time zone settings, browser plugins, operating system, platform, and other technology used to access our website. In addition, we collect usage data relating to how you use our website, products, and services, as well as marketing and communication preferences, such as your choices regarding marketing communications from us or our partners.

Hestra’s online services are not intended for children under the age of 16. If you believe that we have collected personal data relating to a child under 16 without a lawful basis, please contact us so that we can take appropriate measures to remove such information.

We process your personal data for several purposes. This includes fulfilling contractual obligations, such as delivering products you have purchased, managing payments, and administering other contractual commitments we have toward you. We may also process your data for marketing purposes, including direct marketing. Where required, we will request your consent before engaging in such activities, including the use of electronic communication such as email, and you may withdraw your consent at any time.

In some cases, we process personal data to comply with legal obligations. We may also process your data where it is reasonably necessary for our legitimate business interests, provided that such interests do not override your fundamental rights and freedoms.

Your personal data is primarily processed by Hestra. It may also be processed by companies within the Hestra Group that assist with customer service, by IT service providers acting as data processors on our behalf, and by suppliers that support our operational systems.

Payments are handled by our payment service providers. If you choose to pay via one of the providers we cooperate with, such as Shopify Payments, the payment provider will collect the personal data necessary to complete the transaction and act as an independent data controller for that processing. Hestra does not collect or process personal data for the execution of payments. Please refer to the respective payment provider’s privacy policy for further information.

Your personal data may also be processed by our transport and delivery partners for the purpose of delivering your orders and handling returns. To ensure delivery, we must transfer certain personal data, such as name, delivery address, email address, order number, and in some cases phone number. This processing is necessary for the performance of our contract with you in accordance with Article 6.1(b) GDPR. Transport and delivery partners act as independent data controllers and process personal data in accordance with their own privacy policies.

Additional recipients of personal data may include providers of customer service and chat solutions, marketing partners, digital platforms used for tailored marketing, and thirdparty analytics providers that analyze website usage.

Hestra has agreements in place to ensure that any data processors engaged by us process personal data in accordance with this Policy and our instructions. Personal data may be transferred within or outside the UK and the EU/EEA. Where transfers outside these regions take place, Hestra ensures that appropriate safeguards are implemented and that such transfers are performed in compliance with applicable law without diminishing your statutory rights.

We apply appropriate technical and organizational security measures to protect personal data against accidental loss, unauthorized access, misuse, alteration, or disclosure. Access to personal data is limited to employees and partners who require such access for legitimate business purposes and in accordance with applicable legal grounds.

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, accounting, and reporting requirements. Personal data may be stored in different systems for different purposes. Data that is deleted from one system may continue to be processed and stored in another system for a different lawful purpose.

In accordance with data protection legislation, you have the right to request access to your personal data, request correction of inaccurate data, request erasure of your data, object to processing, request restriction of processing, request data portability, and withdraw any consent you have given.

If you wish to exercise your rights or have questions regarding them, please contact us using the contact details provided in this Policy. Our Data Protection Officer is bound by confidentiality obligations.

You also have the right to lodge a complaint with a data protection supervisory authority. In Sweden, the competent authority is the Swedish Authority for Privacy Protection (IMY), located at Box 8114, SE104 20 Stockholm, Sweden. IMY can be contacted by telephone at +46 (0)8 657 61 00, by email at imy@imy.se, or via its website at https://www.imy.se/privatperson/utfora-arenden/lamna-ett-klagomal/.

Where processing is based on legitimate interests, you have the right to object. If you object, we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, or if the processing is necessary for the establishment, exercise, or defense of legal claims.

This website may contain links to thirdparty websites, plugins, or applications. By clicking on such links, third parties may collect or share data about you. Hestra does not control these thirdparty websites and is not responsible for their data processing practices.

We may update this Policy to reflect changes in data protection legislation or internal procedures. This Privacy Policy was adopted by Martin Magnusson & Co AB on 28 November 2024.

If you have questions or complaints regarding this Policy or our privacy practices, please contact us at HESTRA / Martin Magnusson & Co AB, Äspåsvägen 5, SE335 71 Hestra, Sweden. You can reach us by email at b2c@hestragloves.com or by telephone at +46 (0)370 – 33 97 00.

Our Data Protection Officer can be contacted by email at dpo@hestragloves.com or by telephone at +46 (0)370 – 33 97 00.

When you visit a website for the first time, a small text file known as a cookie is stored on your device. Cookies may be temporary session cookies, which are deleted when you close your browser, or persistent cookies, which are stored for a defined period and can be deleted manually via your browser settings.

We use cookies to provide a better and simpler user experience on our website. Depending on the choices you make on pages associated with hestragloves.com, different types of cookies may be stored. Cookies are not used to store personal information.

We use session cookies to save your country or region selection when you first visit our website, allowing you to return to the selected region during the same browsing session. Persistent cookies are used when you add items to your shopping cart or visit campaign pages associated with hestragloves.com. These cookies are stored for up to 30 days.

We also use thirdparty cookies for statistical analysis through tools such as Google Analytics and for marketing purposes, including targeted and activitybased advertising (retargeting) via Google and Facebook platforms. Personal data such as name, address, phone number, or email address is never shared with third parties. If you do not wish to receive targeted digital advertising, you may disable this functionality.

Through your browser settings, you can manage or delete cookies at any time. You can also choose to block cookies altogether or receive notifications when a new cookie is sent to your device. Please note that disabling cookies may affect the availability and functionality of certain features on the website.

A cookie is a small data file stored on your device when you visit a website to help remember information about you, such as language preferences or login details. Cookies set by us are referred to as firstparty cookies. We also use thirdparty cookies from domains other than the website you are visiting for advertising and marketing purposes.