This site has limited support for your browser. We recommend switching to Edge, Chrome, Safari, or Firefox.

Retail Residency at Midnight Bebek, Istanbul, 01-31 May

Privacy Policy



We are Dilhan Hanif LTD (“DILHAN”, “we”, “us”) of 214 Lower Addiscombe Road, CR0 7AB, Croydon, England, UK and we are a data controller registered with the UK Information Commissioner’s Office with registration number 13057962.

As a data controller we process personal data of all people related to us including but not limited to the people provided with the goods and services in accordance with the laws of the UK and other related laws.

This document is to inform you about how we collect and protect any personal information you provide to us and how you can control what personal information we collect from you and what we do with it. It sets out how we intend to use your information, who we will share it with and what rights you have about use of your information. 

This notice applies to all our activities under the above brand and however you provide personal information to us, whether you visit us online at any of our websites or visit our stores or contact us via social media or whether you telephone, email, write to or text us.

In this scope, this Privacy Policy (the “Policy”) describes how and for what purposes the personal data of the following persons is collected, processed and shared with third parties by DILHAN: 1)   Natural person customers/service recipient and/or natural person prospective customers/ service recipient and contact persons of the corporate customers/service recipient and/or prospective customers/ service recipient 2) Natural person suppliers or the contact persons of the corporate suppliers which provides goods or services to DILHAN; 3) Website (“”) users of DILHAN; 4) Any other individuals about whom DILHAN obtains personal data.


Specifically, we use the following terms in this Privacy Policy: 

Personal Data: All kinds of information and data related to an identified or identifiable natural person. (For example, your name, surname, date of birth, identity number, electronic mail address, phone number etc. shared with us are named and termed as Personal Data for the purposes hereof)

Data Subject: Any identified or identifiable natural person whose Personal Data are processed by the Controller.

Processing: Any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, limiting, erasure or destruction.

Controller: The natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing operation.

GDPR: Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA.,

Data Protection Act 2018: The Act came into force on 25 May 2018. The Act updates data protection laws in the UK, supplementing the GDPR, implementing the EU Law Enforcement Directive (LED), and extending data protection laws to areas which are not covered by the GDPR or the LED.


The Data Controller is Dilhan Hanif LTD, a company registered at the UK Companies House with registered number 13057962. Our registered address is at 214 Lower Addiscombe Road, CR0 7AB, Croydon, England, UK. 



Identity Data

Name-surname, ID number, sex, place and date of birth, marital status, signature, passport number, nationality, title/position, postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address, your interests, preferences, feedback and competition and survey responses

Contact Data

Residence or office address, e-mail address, home, office and mobile telephone number. your correspondence and communications with us


Financial Data

Information on financial transactions, debt and credit balance, IBAN number, bank account number, tax number and tax office, invoice details, payment history, commercial and legal payment obligations, purchases and orders made by you.

Transaction Security Data

Log registrations, website login and exit information’s.

We do not collect or transfer your personal data other than the ones you share with us directly with your explicit consent.


The above-mentioned Personal Data are collected in physical or electronic platforms directly from sources depending on the manner in which they are shared with DILHAN and processed and transferred within the scope of the purposes mentioned below. Automatic data processing systems are used.


We collect and process your personal data in order to; 1) contact you for sharing the information on goods and services requested by you, 2) realize the payment, 3) verify your identity, 4) manage any account(s) you hold with us; 5) evaluate and resolve the complaints related to the goods and services (customer services) 6) receive feedback for improvement of our services and products 7) confirm the validity of your payment method (in collaboration with our partners listed below) 8) send you e-mails related to your purchase 9) contact you electronically about promotional offers, events, products and services which we think may interest you 10) use or disclose your information where we have a legal right or duty (for example in relation to an investigation by a public authority or in a legal dispute)

According to GDPR and UK Data Protection Act 2018 personal data of an individual can be processed if there are lawful basis. In this regard GDPR and UK Data Protection Act 2018 regulates in which situation personal data can be processed lawfully. Pursuant to this regulations processing shall be lawful only if and to the extent that at least one of the following applies: 1) the data subject has given consent to the processing of his or her personal data for one or more specific purposes 2) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; 3) processing is necessary for compliance with a legal obligation to which the controller is subject; 4) processing is necessary in order to protect the vital interests of the data subject or of another natural person; 5) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; 6) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

For the abovementioned purposes and in scope of the above, we process your personal data based on your explicit consent; or without your consent where the processing is necessary for the establishment or performance of our agreement with you, or when it is requested by the legal or government authorities in scope of a legal proceeding or to the extent our legitimate interests require, provided that it does not harm your fundamental rights and freedoms. 


Your personal data shared with DILHAN is being kept and stored in DILHAN’s local/foreign secure servers in strict compliance with the applicable laws and regulations, the provisions of the Law. DILHAN takes the necessary technical and administrative security measures specified under the legislation to protect the security of your personal data.


Once the purposes for processing the data no longer exist (e.g. you delete your account) and/or upon expiration of the legal retention periods during which we are obliged to retain your personal data (e.g. for the legal purposes, security or financial recording purposes), your personal data will be deleted, destroyed or anonymized.


Your Personal Data may be shared with competent courts and other governmental bodies and public entities for the performance of our legal duties and obligations. We may also share your personal data and traffic information in connection with your visit our website to ensure your security and to fulfil our obligations under the applicable legislation with the authorities and institutions.

We transfer personal data; 1) To our local business partner and services providers in order to receive services on information technologies, payment security or consultancy services requiring expertise and/or to its business partner and services providers abroad, 2) To administrative and legal authorities in order to fulfil our legal duties to provide information and documents and to use our legal rights, 3) To our business partners in order to provide our services or our providers from which we receive products or services, 4) To our business partners for educational and compliance purposes; to our lawyers, financial advisors, occupational safety specialists etc. in order to fulfil our legal duties; to our partners abroad in order to build connections, conclude, execute and fulfil agreements.

The list of our service providers and business partners and their privacy policies are as follows:


Google LLC (Firebase) 

Facebook Inc. (FB Ads, FB Audience Network)

Google LLC (Google Ads)





To deliver products and services to you, it is sometimes necessary to share your personal information outside of the European Economic Area (the EEA). This will typically occur when service providers are located outside the EEA or if you are based outside the EEA. These transfers are subject to special rules under data protection laws.

If we transfer your personal information outside the UK, we will ensure that the transfer will be compliant with data protection law and all personal data will be secure. Our standard practice is to assess the laws and practises of the destination country and relevant service provider and the security measures that are to be taken as regards the data in the overseas location; Alternatively, we use standard Government approved model contractual data protection clauses in our contracts with our processors.


If you are an EEA or UK resident, you have the following rights related to your personal data: 1) learn whether any of your personal data is subject to processing; 2) request information regarding the processing activities; 3) learn the purposes for processing; 4) know local and foreign third persons if, and to whom, personal data are transferred; 5) request correction of personal data if processed incompletely or inaccurately; 6) request deletion or destruction of personal data if the purposes for processing no longer exist; 7) request notification of deletion or correction to third parties to whom personal data is transferred; 8) object to negative consequences which arise as a result of processing of personal data by automatic means; and 9) request indemnification if you suffer damage as a result of illegal processing of your personal data.

If you request to use your rights above, contact us 

Additionally, if you are a European resident, we note that we are processing your information in order to fulfil contracts we might have with you (for example if you make an order through our website), or otherwise to pursue our legitimate business interests listed above. 

This version of our Privacy Policy was last updated on November 10th, 2023.


Use coupon code WELCOME10 for 10% off your first order.


No more products available for purchase