— Legal · House Policy

Privacy Policy

Effective Date: 19 May 2026 · Last Updated: 19 May 2026

HANI ARTS (“HANI ARTS,” “we,” “us,” or “our”) operates the website haniarts.com and any associated mobile applications distributed through the Google Play Store and other platforms (collectively, the “Services”). This Privacy Policy explains what information we collect, how we use it, the parties we share it with, and the rights you have over your information. It is written to comply with Google Play's User Data policy, the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and Pakistan's Personal Data Protection Bill.

By using our Services you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of the Services.

1. Information We Collect

We collect only what is necessary to operate the Services, respond to enquiries, fulfil orders, and improve the experience. The categories below summarise the data we may collect.

a. Information you provide directly

Identity & contact data: name, phone number, email address, shipping address, and any details you enter into our contact or order forms.
Enquiry content: messages, bridal or bespoke briefs, measurements, preferences, and attachments you choose to share.
Transaction data: purchase history, invoice details, and (where applicable) tokenised payment references — we do not store full card numbers.
Account data: if you create an account in our mobile application, your username, hashed password, and profile settings.

b. Information collected automatically

Device & technical data: device model, operating system version, unique device identifiers, language, time zone, mobile carrier, and crash reports.
Usage data: pages or screens viewed, features used, taps and clicks, referring URLs, and time spent in the Services.
Approximate location: derived from IP address (city-level), unless you grant precise location permission in our mobile application.
Cookies & similar technologies: small files stored on your device to remember preferences and measure performance.

c. Information from third parties

We may receive analytics, attribution, and crash data from service providers such as Google Analytics, Google Firebase, and Google Play Console.

2. How We Use Your Information

We use personal information to:

Provide, operate, and maintain the Services;
Process enquiries, bridal commissions, made-to-measure orders, and customer support;
Authenticate accounts, prevent fraud, and secure the Services;
Send transactional communications (order updates, appointment reminders);
Improve content, layouts, collections, and performance through analytics;
Comply with legal obligations, enforce our terms, and protect our rights.

We do not sell your personal information, and we do not use it for advertising profiles or third-party ad targeting.

3. Legal Bases for Processing (GDPR)

If you are in the European Economic Area or the United Kingdom, we process personal data on these legal bases:

Consent — for optional cookies and where required by law.
Contract — to fulfil orders or respond to enquiries you initiate.
Legitimate interests — to secure the Services, prevent fraud, and improve our products.
Legal obligation — to comply with tax, accounting, and regulatory requirements.

We disclose personal information only in the following limited circumstances:

Service providers who host, analyse, or support the Services under written contracts and confidentiality obligations.
Logistics partners when shipping a garment to your address.
Legal authorities when required by law, court order, or to protect rights, safety, and property.
Business transfers in the event of a merger, acquisition, or sale of assets, subject to the same privacy commitments.

5. Third-Party Services & SDKs

Our Services may include the following third-party tools. Each operates under its own privacy policy:

Google Analytics — anonymised usage analytics. Google Privacy Policy.
Google Firebase / Crashlytics — crash and performance diagnostics for our mobile applications.
Google Play Services — in-app billing, app updates, and security checks (mobile only).
Unsplash — image hosting for editorial photography. Image requests may share standard browser headers with Unsplash servers.

6. App Permissions (Google Play)

If you use our mobile application, it may request the following Android permissions. Each is requested only with a clear purpose:

Internet & Network State — to load content and check connectivity.
Notifications — to send order and appointment updates (you can disable at any time).
Photos / Media (read only) — only when you choose to attach a reference image to a bespoke enquiry.
Camera — only when you choose to capture a reference photo for a bespoke commission.

We do not request precise location, contacts, SMS, microphone, accessibility, or background-location permissions.

7. Data Retention

We retain personal data only for as long as is necessary for the purposes for which it was collected, including legal, accounting, or reporting requirements. Enquiry messages are retained for up to 24 months. Order records are retained for 7 years to satisfy tax law. Account data is retained until you request deletion (see Section 12).

8. Data Security

We apply administrative, technical, and physical safeguards designed to protect personal information from unauthorised access, alteration, disclosure, or destruction. Communications between your device and our servers are encrypted in transit using TLS. Passwords (where collected) are stored using one-way salted hashes. No internet transmission, however, is 100% secure; we cannot guarantee absolute security.

9. International Data Transfers

HANI ARTS is based in Lahore, Pakistan. If you access the Services from outside Pakistan, your information may be transferred to, stored, and processed in Pakistan or in countries where our service providers operate. Where required by law, we use appropriate safeguards such as Standard Contractual Clauses to protect such transfers.

10. Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal data:

Access — request a copy of the data we hold about you.
Rectification — request that inaccurate data be corrected.
Erasure — request that we delete your personal information.
Restriction — request that we limit the processing of your data.
Portability — request a machine-readable copy of certain data.
Objection — object to processing based on legitimate interests.
Withdraw consent — at any time, where processing is based on consent.

To exercise these rights, contact us using the details in Section 14. We will respond within 30 days. California residents may exercise CCPA rights (right to know, delete, correct, and opt-out of sale — though we do not sell personal information) by the same method.

11. Children's Privacy

Our Services are intended for users aged 16 and older. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

12. Account & Data Deletion

In compliance with Google Play's Data Deletion requirements, you may request deletion of your account and associated personal information at any time. To do so:

Send a written request to privacy@haniarts.com from the email address associated with your account, or
Call us at +92 321 905 2847 during studio hours.

Include your name, phone number, and a brief statement that you wish your data to be deleted. We will verify the request and, within 30 days, delete or anonymise your personal information, except where retention is required by law (for example, transactional records kept for tax compliance). Aggregated, de-identified data may be retained for analytics purposes.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will post the revised policy on this page and update the “Last Updated” date above. Material changes will be communicated through a notice within the Services or, where appropriate, by direct contact.

14. Contact Us

For any questions, requests, or complaints regarding this Privacy Policy or your personal information, please contact our Data Protection contact at:

HANI ARTS — Atelier Office
5 Hajveri Block, Azam Cloth Market,
Lahore, 54000, Pakistan

Phone: +92 321 905 2847
Email: privacy@haniarts.com

If you are not satisfied with our response, you have the right to lodge a complaint with the data protection authority in your country of residence.