1 General information
Personal customer data is processed by KIWENO GmbH (hereinafter referred to as “kiweno”) only in accordance with the provisions of Austrian data protection law. The following points provide information about the type, scope and purpose of the collection, processing and use of personal data within the scope of the services provided by kiweno and the operation of the kiweno.com website.
Your data and the results of your laboratory tests are processed by kiweno solely for the purpose of providing our services to you. In order to provide a professional service, kiweno also commissions service providers in accordance with the provisions of the Data Protection Act (this applies in particular to host services). However, it is important to us that the storage and processing of your data takes place within your region and is therefore still subject to a corresponding data protection regime. This means in detail that data of European customers is stored and processed exclusively within Europe. Under no circumstances do service providers use data for their own purposes and exclusively within our mandate; service providers take data security measures and also guarantee the lawful and secure use of data. In order to fulfil the contract, we will pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for delivery
of ordered goods is required. In order to process payments, we will pass on the necessary payment data to the credit institution commissioned with the payment and, if applicable, to the payment service provider commissioned by us or to the payment service selected by you in the ordering process.
On the site kiweno.com and in the online shop on kiweno.com and in the blog, different data is sometimes collected and processed than on the health platform my.kiweno.com, where the test results are available. For reasons of data protection, we at my.kiweno.com also refrain from using social plugins to ensure that no data is unintentionally transferred to social network operators. In detail we refer to points 3 – 6.
The security of your data is very important to us. Although there can be no total security on the Internet for data, we will take all steps to protect your data. However, you accept that your data cannot be protected against any security breaches on the Internet or hacker attacks and that kiweno does not guarantee, assume any liability or responsibility for ensuring that sites or services are completely free of viruses, security threats or potential for damage.
2 Automatic data acquisition
For technical reasons, the following usage data, among others, which a customer’s Internet browser transmits to kiweno, is recorded:
Browser type and version;
the operating system used;
website from which the customer visits www.kiweno.com (referrer URL)
Website that the customer visits;
the date and time of access;
Internet Protocol (IP) address of the customer’s computer.
These data are stored separately from any customer data that may have been disclosed ( – see point 3. for details).
3 Use of data
3.1 When registering on www.kiweno.com, the following personal data is requested:
First name, last name, address, email address.
This data is used for the purpose of contract processing when ordering products in the kiweno online shop. Furthermore, we use this data for an extended support service as well as to inform about marketing campaigns and to recommend products or services which might be of interest to the customer. Customers receive the support offer and product recommendations regardless of whether they have subscribed to the newsletter. The use of the personal data can be objected to at any time, either as a whole or for individual measures. A notification in text form to the contact data mentioned under point 8 (e.g. email, letter) is sufficient for this purpose and is free of charge with the exception of the usual transmission costs. In addition, there is also a link to unsubscribe in every e-mail.
3.2 In the course of providing kiweno’s services on the health platform my.kiweno.com, the test results associated with the specific customer are stored. Customers are identified by their (self-chosen) user name, which is based on the data provided during registration (first name, last name, e-mail address). Personal medical data (test results) are not used for marketing purposes or passed on to third parties.
3.3 No registration is required to visit the blog, blog.kiweno.com.
Please note that cookies are absolutely necessary for the use of the health platform my.kiweno.com in order to be able to show the customer his test results.
5 Analysis of the kiweno.com site
kiweno uses Google Analytics, a web analysis service of Google Inc. to improve and optimize its website. (in the following “Google”). This applies exclusively to the basic site kiweno.com and the blog blog.kiweno.com. Google Analytics is not used on the health platform my.kiweno.com, on which test results are displayed.
Google Analytics uses so-called “cookies”, text files which are stored on the customer’s computer and which enable an analysis of the customer’s use of the website. The information generated by the cookie about the use of this website is usually transferred to a Google server in the USA and stored there. kiweno has activated “_anonymizeIp()” for its websites; with this extension, IP addresses are processed in abbreviated form in order to exclude direct personal references: Due to the IP-anonymization on this website, the IP-address of a Google customer within member states of the European Union or in other contracting states of the Agreement on the European Economic Area will be shortened before. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. Google will use the information collected in the course of the use of Google Analytics on the kiweno website as a service provider for kiweno to evaluate the use of the website, to compile reports on website activities and to provide kiweno with further services related to website and internet use. The IP address transmitted by a customer’s browser as part of Google Analytics is not combined with other data from Google. Customers can prevent the storage of cookies by adjusting their browser software accordingly; however, we would like to point out that in this case the customer may not be able to use all the functions of this website to their full extent. Customers can also prevent the collection of data generated by the cookie and related to their use of the website (including their IP address), their transfer to Google as a service provider and the processing of this data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
By using Google Analytics, no health data will be passed on to Google.
As an alternative to the browser plugin, you can click on this link to prevent Google Analytics from collecting data on this website in the future. In doing so, an opt-out cookie will be stored on your end device. If you delete your cookies, you have to click the link again.
Web analysis Hotjar
We use Hotjar in our internet presence. This is a web analysis service provided by Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe, hereinafter referred to as “Hotjar” only.
Hotjar serves us to analyse the usage behaviour of our website. The legal basis is Art. 6 para. 1 lit. f) DSGVO. Our legitimate interest lies in the analysis, optimization and economic operation of our Internet presence.
Hotjar enables us to log and evaluate your usage behavior on our website, such as your mouse movements or mouse clicks. However, your visit to our website is made anonymous. In addition, Hotjar evaluates and processes for statistical purposes information about your operating system, your Internet browser, incoming or outgoing references (“links”), the geographical origin as well as the type and triggering of the terminal device you use. Hotjar may also obtain direct feedback from you. In addition, Hotjar offers further data protection information at https://www.hotjar.com/privacy.
Furthermore, you have the option of terminating the analysis of your usage behavior by way of the so-called opt-out. When you confirm the link https://www.hotjar.com/opt-out, a cookie is stored on your end device via your Internet browser, which prevents further analysis. Please note, however, that you will have to click the above link again if you delete the cookies stored on your terminal device.
This website uses Google Optimize. Google Optimize is a service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Optimize allows you to play and analyze different versions of our website simultaneously. With the help of Google Optimize, we can improve the user-friendliness according to the behaviour of our users on the website.
The collected user data is anonymous. Google Optimize is a tool integrated into Google Analytics. The storage of Google Optimize cookies is based on Art. 6 para. 1 lit. f DSGVO. You can prevent the collection and storage of your anonymous data by Google Optimize at any time. (see above opt-out Google Universal Analytics)
my.kiweno.com uses the open source software Piwik for the statistical evaluation of visitor access. This software is installed on our server infrastructure and is not accessible to third parties.
The data we collect (browser type and version, operating system, referrer URL, date and time of access and the anonymised IP address) is not transferred to other servers or passed on to third parties and helps us to improve our services in an anonymised form. This enables us to better understand which of our features are actually being used and thus make my.kiweno.com more targeted. You can still deactivate the data collection. If your browser supports “do-not-track” technology and you have activated it, your visit will be automatically ignored. You can also prevent the installation of cookies by changing the settings of your browser software or deactivate the evaluation by using the form below.
If you do not deactivate the data collection, by using my.kiweno.com you agree to the processing of the data collected about you in the manner and for the purpose described above.
6 Social Networks and Social Plugins
6.1 Which social plugins are used?
At kiweno.com and my.kiweno.com we completely refrain from using social plugins in order to avoid uncontrolled data streams to these networks from kiweno.com and especially from the health platform my.kiweno.com.
Only our blog blog.kiweno.com uses social plugins from the following social networks:
facebook.com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (hereinafter “Facebook”),
twitter.com, operated by Twitter, Inc, 795 Folsom St., Suite 600,San Francisco, CA 94107, USA (hereinafter “Twitter”),
These plugins are each marked with the logo of the corresponding social network.
6.2 Data transfer through social plugins
If a customer registered in a social network and also currently logged in calls up a website of the kiweno website that contains such a plugin, the customer’s browser establishes a direct connection to the servers of the social network via cookies set by the social network and the plugin on the kiweno blog site. Social networks may also be able to use the plugin to detect that a logged-in customer is on the kiweno blog site without clicking on the plugin.
By integrating the plugin, the social network operator receives the information that the customer has visited the corresponding kiweno blog site. When the customer interacts with social plugins, the corresponding information is transmitted directly from his browser to the social network operator and stored there.
6.3 “A second click to share the page”.
In order to explicitly inform customers of the kiweno blog about this data transfer, a second confirmation click has been introduced for the activation of a social plugin on the kiweno site.
Please note the declaration of consent for the use of the social plugins.
In this context, we expressly refer to the privacy notices of Facebook, Instagram and Twitter.
Please note that many social networks track the Internet activities of their users on an ongoing basis. We recommend that customers who do not want social network operators to collect data about them through the kiweno blog, log out of social networks before visiting the kiweno blog. This requires the customer to activate the logout/logout function on the social network. It is not enough to simply close the social network site. However, we cannot guarantee that social networks will not continue to collect data about their users despite a logout – we neither have detailed knowledge about these processes nor do we have any means of influencing them. You can also completely prevent the loading of the plugins with add-ons for your browser, e.g. with the script blocker “NoScript” (http://noscript.net/).
7 E-mail newsletter
7.1 Use of data Newsletter
If you register for our newsletter, we will use the data required for this purpose or separately provided by you to send you our e-mail newsletter on a regular basis. You can unsubscribe from the newsletter at any time, either by sending a message to [email protected] or via a link provided for this purpose in the newsletter.
In order to offer you a better service, you can voluntarily give us your consent to send you newsletters tailored to you and your profile. You can decide for yourself which data you provide us with for this purpose. Data that is collected, stored and used here is exclusively data that we need for the newsletter and is, among other things, part of the special personal data according to § 3 paragraph 9 BDSG. This data is stored on our own servers and is subject to the highest security regulations according to the current state of technology. This data is treated confidentially and is not passed on to third parties.
To subscribe to the newsletter, it is sufficient to enter your e-mail address. Optionally we ask you to enter your first and last name. This information is only used to personalize the newsletter.
It is possible to unsubscribe from the newsletter at any time and can be done either by sending a message to [email protected] or via a link provided for this purpose in the newsletter.
7.2 MailChimp – Newsletter
For sending our newsletter we use MailChimp, a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA, in the following only called “The Rocket Science Group”.
Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participantid=a2zt0000000TO6hAAG&status=Active
The Rocket Science Group guarantees that the data protection regulations of the EU are also observed when processing data in the USA. In addition, The Rocket Science Group offers under http://mailchimp.com/legal/privacy/ further data protection information.
The subsequent newsletter sent via The Rocket Science Group also contains a so-called “tracking pixel, also called web beacon”. With the help of this pixel-code, we can evaluate whether and when you read our newsletter and whether you followed any further links contained in the newsletter. In addition to other technical data, such as the data of your computer system and your IP address, the data processed in the process is stored so that we can optimise our newsletter offer and respond to the wishes of our readers. The data is thus used to improve the quality and attractiveness of our newsletter offer.
The legal basis for the dispatch of the newsletter and the analysis is Art. 6 para. 1 lit. a.) DSGVO.
You can revoke your consent to receive the newsletter at any time with effect for the future in accordance with Art. 7 para. 3 DSGVO. To do so, you only need to inform us of your revocation or click on the unsubscribe link contained in every newsletter.
8 Provision of information
Upon request, customers will be provided with information about the data stored about them or their user name. The information can also be provided electronically on request. Please contact us for the provision of information:
email: [email protected]
Declaration of consent for the use of kiweno.com
I agree that kiweno may use the data I have provided on kiweno.com (name, address, e-mail address, telephone number) and on my.kiweno.com my test results and health data (food intolerances) to provide the service I have commissioned.
I agree that my IP address and log files (data on the use of the kiweno site) may be used for statistical analysis of the kiweno.com site. For this purpose, kiweno uses Google Analytics, i.e. IP addresses and log files of my visit to the kiweno.com site are transferred to Google Inc, as a service provider, for the purpose of analysing the use of the kiweno site. (Google Analytics is not used on the health platform my.kiweno.com.) The extension “_anonymizeIp()” makes my IP address anonymous, which means that it is no longer directly personal. I acknowledge that I have the possibility to prevent the storage of cookies by adjusting my browser software accordingly, but that I will not be able to use all functions of the website to their full extent. Furthermore, I acknowledge that I can deactivate Google Analytics for myself by installing a browser add-on (available at http://tools.google.com/dlpage/gaoptout?hl=de) and thus revoke my consent to the use of Google Analytics.
I agree that on blog.kiweno.com my IP address and my log files (data on the use of the kiweno blog) will be transmitted to the operator(s) of the respective social network when using social plugins from Facebook or Twitter. I acknowledge that operators of social networks collect data about me via social plugins using the kiweno blog and that I can only prevent this from happening permanently by not maintaining user accounts on Facebook or Twitter.
I acknowledge that I can revoke this declaration of consent, in whole or in part, at any time with regard to points 2. and 3. by carrying out the procedures listed in points 2. and 3.
A revocation of the consent to point 1. must be sent in writing to
email: [email protected]
and simultaneously represents a termination of my contractual relationship with kiweno. In this case kiweno will immediately delete my account and all my data.