Privacy Policy
Last update: June 2023
1. INTRODUCTION
We regard your privacy as a user ("User," "You," or "Your") and understand the importance of safeguarding your
personal information. Our commitment is to protect your personal information and use it solely for the purpose of providing you with the best possible service, products, and
opportunities, as detailed in this Privacy Policy.
This Privacy Policy explains the online information practices of Kiimii Inc (collectively referred to as the
"Company," "Kiimii," "we," "us," or "our"), specifically in relation to the mobile application called Kalorie (collectively
referred to as the "Application"). We believe it is important to outline the information we collect, how we utilize it, and the rights you possess regarding the
processing of your personal data by us. Kiimii adheres to applicable data protection laws and regulations, acting as the data controller under relevant local
legislation.
Please take note that while using the Application, it is imperative to read this Privacy Policy in conjunction with our Terms of Use. By accessing the
Application, you acknowledge that both the Privacy Policy and the Terms of Use govern your usage of the Application.
Privacy and personal data protection principles
may differ from one country to another. Consequently, when you visit or access a third-party website or application, you will be subject to the privacy policy of that
particular website or application. We recommend reviewing the privacy policy of the third party to understand the privacy practices applicable to the information or data
maintained by the website or application.
2. Categories of Personal Data that We Collect, Purposes and Legal Bases for Our Processing
Purpose |
Legal Basis |
Categories of Processed Data |
a) To enable you to use the app and to provide you with its functionalities, including to: - customize and track your calorie intake and activities - show information about the app and your progress |
The legal basis for the processing is the performance of our contractual relationship (art. 6(1)(b) of the GDPR). The legal basis for the processing of your health data (e.g. height, weight) is your consent (art. 6(1)(a) of GDPR). |
Identification and contact information (such as name), identifiers and internet and network activity information (such as IP address, device model, device type, OS version, device language, device name, country set in the device settings, information about your interactions with the app, and unique identifiers, including IDFA), and other information necessary to enable you to use the app and our personalized services (such as gender, age, physical activity level, dietary preferences, food and water history, weight and height, subscription data). The app requires your permission to access your camera and your photo library when you use the app to allow you to scan barcodes. However, when you use these features, your pictures are stored within the app on your device, and we do not collect or have access to such data. |
b) In order to enhance our products and services, we may engage in activities such as statistical analysis and other research endeavors to optimize our features and introduce new ones.
|
The legal basis for processing this information is our legitimate interest, as outlined in Article 6(1)(f) of the General Data Protection Regulation (GDPR), which entails improving our products and services.
|
The types of information we may collect and process include identification and contact details (such as name, age, or email address, when requested), gender, subscription data, and information that is collected or generated to enhance the functionalities of the app. This may encompass details regarding your interactions with the app, inferences we draw from the data, and other relevant information pertaining to your app usage.
|
c) We strive to maintain the quality of our products and services by analyzing, preventing, and addressing any failures, illicit use, or misuse that may occur. |
The legal basis for processing this information is our legitimate interest, as specified in Article 6(1)(f) of the General Data Protection Regulation (GDPR). |
We may collect and process any information necessary to fulfill these purposes and ensure the effective performance of our products and services. |
d) In order to fulfill our legal obligations, including responding to requests from public authorities, we may process personal information.
|
The legal basis for processing this information is compliance with the legal obligations to which we are subject, as specified in Article 6(1)(c) of the General Data Protection Regulation (GDPR). |
We may collect and process any information that may be required by law or under the instructions of public authorities to ensure compliance with our legal obligations. |
e) We process and respond to customer support communications and requests for information that you may raise with us.
|
The legal basis for processing this information is the performance of our contractual relationship with you, as outlined in Article 6(1)(b) of the General Data Protection Regulation (GDPR). |
The types of information we may collect and process for this purpose include identification and contact details that you provide to us, such as your name and email address, as well as the content of your communication or request.
|
f) In order to establish, exercise, or defend our rights and the rights of our employees, as well as to conduct corporate transactions or operations, we may process personal information.
|
The legal basis for processing this information is our legitimate interest, as specified in Article 6(1)(f) of the General Data Protection Regulation (GDPR). This includes our interest in establishing, exercising, or defending our rights and carrying out corporate transactions or operations. |
We may collect and process any information necessary to fulfill these purposes and ensure the proper performance of these activities. |
g) We analyze your usage information, including preferences, interests, and behaviors when using our products and services, for various purposes:
|
The legal basis for processing this information is our legitimate interest, as specified in Article 6(1)(f) of the General Data Protection Regulation (GDPR). |
The types of information we may collect and process for this purpose include your identification and contact information (such as name, age, or email address, when requested), identifiers, and internet and network activity information that we collect (such as IDFA and IP address). Additionally, we may collect information about your interactions with the app and other related information regarding your app usage. Please note that IDFA is a unique device identifier provided by your mobile device's operating system. It enables advertisers to track and identify users for advertising purposes. If you wish to disable this tracking, you can go to Settings > Privacy > Advertising and switch on the "Limit Ad Tracking" option. |
h) To personalize and customize your dietary plan, we may access data from Apple HealthKit and Health App, collectively referred to as "Apple HealthKit." The personal data obtained from Apple HealthKit will be solely processed for the purpose of customizing your dietary plan.
|
The legal basis for processing this data is your consent, as specified in Article 6(1)(a) of the General Data Protection Regulation (GDPR). |
General health and fitness data contained in Apple HealthKit and which includes your physical activity (such as calories burnt). The app requires your permission to access data in Apple HealthKit. |
3. Data Storage and Protection
We utilize both automated and non-automated means to process personal data,
which may be stored on our premises as well as on servers provided by our trusted service providers. To safeguard your personal data, we implement technical and
organizational measures intended to prevent loss, improper use, and unauthorized alteration. Additionally, we may employ data encryption and pseudonymization measures for
enhanced security. However, it's important to note that no transmission over the Internet can be guaranteed as 100% secure. If you wish to avoid any potential risks, we
advise against providing any personal data.
The retention periods for personal data processed for different purposes are as follows:
Unless there is a legal obligation requiring a longer data retention period, upon the expiration of these retention periods, the processed
personal data will be either deleted or anonymized.
4. Use of Your Personal Data
For the purposes outlined in Sections 2.a) and 2.e), it is mandatory for you to
provide your personal data. Failure to provide this data will prevent you from enjoying the services and features offered by the app.
Regarding the purposes described
in Section 2.h), where we rely on your consent, providing your personal data is optional. You have the right to withdraw your consent at any time. Even if you choose not to
provide the personal data, you will still be able to access and use the app's services and features.
In relation to the purposes stated in Sections 2.b), 2.c),
2.f), and 2.g), where we rely on our legitimate interest, you have the right to object to such processing. You may exercise this right at any time as explained in Section 7
(Your Rights) below.
You have the ability to manage the sharing of certain information with us by adjusting the privacy and security settings on your mobile device. On
iOS, you can utilize features such as "Limit Ad Tracking," while on Android, options like "Opt Out of Interest-Based Ads" or "Opt Out of Ads
Personalization" are available. Please consult the instructions provided by your device's operating system or manufacturer to learn how to adjust these settings
effectively.
5. Sharing Personal Data
We may share or disclose your personal data to the following
categories of recipients:
Please note that we will not disclose your personal data for any purpose other than those mentioned above, unless such disclosure is
necessary to fulfill a legal obligation or if we obtain your consent.
6. Transfers of Personal Data Outside the European Economic Area
We may transfer personal data from the European
Economic Area (“EEA”), the UK or Switzerland to other countries outside the EEA. Such data transfers are based on appropriate safeguards in accordance with
Applicable Privacy Laws, including (a) the standard contractual clauses developed by the European Commission; (b) the Swiss-U.S. Privacy Shield, and the decisions of adequacy
of the European Commission; or (c) binding corporate rules.
Copies of appropriate warranties are available for consultation by sending an email to
contact@kiimii.com.
7. Your Rights
As a user, you have certain rights regarding your personal data, which you can exercise in accordance with the Applicable Privacy Laws. These rights include:
You also have the right to lodge a complaint with the competent Data Protection Authority.
To exercise your rights, send us an e-mail
to contact@kiimii.com. Please note that we may need to verify your identity before responding to your request.
8. Children’s Personal Data
We do not knowingly collect personal information from children under the age of 16, and in the event that we learn that a child under the age of 16 has provided information on the Application, we will delete that information as soon as possible.
9. Third-party Websites and Services
It's important to note that this Privacy Policy applies only to the
activities and data processed by the app itself. If the app includes links to other websites or services operated by third parties, the privacy practices and policies of
those third parties will govern the data processing activities on their platforms. We have no control over and are not responsible for the actions, practices, and privacy
policies of such third parties and their websites or services.
10. Changes to this Privacy Policy
We reserve
the right to modify, integrate, or update this Privacy Policy, either in whole or in part. If any changes are made, we will notify users in accordance with the Applicable
Privacy Laws. Notification of changes may be provided by revising the date of this Privacy Policy.
It's important to review this Privacy Policy periodically to
stay informed about how your personal data is being handled. The date of this Privacy Policy indicates the last time it was updated.
11.
Additional Information for California Consumers.
a) Additional Information Related to Collection, Use, and
Disclosure of Personal Information:
In accordance with the California Consumer Privacy Act (CCPA), we provide additional disclosures regarding the collection, use, and
disclosure of personal information.
We collect personal information from various sources, including directly from you when you make purchases or participate in surveys
within the app, automatically through your app usage (such as device information), from other sources (like mobile measurement partners), and generate inferences based on
your app usage and other collected information.
In the past 12 months, we have collected the following categories of personal information: identifiers, internet or
electronic network activity information, characteristics of protected classifications under California or U.S. federal law (such as age and gender), commercial information,
approximate geolocation information, inferences, and other information reasonably associated with you. For more details, please refer to Section 2 above.
We collect
personal information for the business and commercial purposes outlined in Section 2. The categories of third parties with whom we may share personal information are described
in Section 5. In the past 12 months, we have disclosed the above-mentioned categories of personal information for business purposes.
We do not sell your personal
information. However, we may allow our advertising partners to collect certain device identifiers and electronic network activity through our app for personalized
advertising. You can opt out of this activity by adjusting the privacy settings on your device.
b) Rights of California Consumers:
Under the CCPA, California
consumers have certain rights, subject to limitations:
To exercise these rights, contact us at contact@kiimii.com. We may need to verify your request by asking for information that matches
our records. California consumers can also authorize an agent to exercise these rights on their behalf, but we will require proof of authorization and may request identity
verification directly from the consumer.