This policy describes Kaz’s use of your data. References in this policy to Kaz, we or us shall mean Kaz Europe Sàrl.
We would like to emphasize that we take the protection of your privacy and your personal data very seriously and that we process your data in accordance with applicable data protection laws. We would like to explain to you below in more detail which personal data we collect in connection with this Braun Healthy Heart app (“App”) and how we use this data.
What data do we collect?
We collect and process data about you when you interact with us and our App. This includes:
- your first name, last name,
- your gender,
- your date of birth,
- your email address,
- your blood pressure systolic and diastolic,
- your pulse rate,
- your irregular heartbeat detection,
- lifestyle factors (sleep, diet, exercise and mood) rating (1 to 5),
- medication intake date,
- blood pressure monitor model name,
- type of product used with the App,
- App usage/technical data on an aggregated basis (e.g. session data, number of users (one time), monthly active users, App launch/load time, number of crashes, type of device used, number of App download per day or week and number of installation per day or week).
This personal data is stored both on the device and in the cloud.
For what purposes do we use your data?
We process this personal data for the following purposes:
- We will use your blood pressure systolic and diastolic, pulse rate, irregular heartbeat detection, blood pressure monitor model name and, on optional basis, lifestyle factors (sleep, diet, exercise and mood) rating (1 to 5) and medication intake date to ensure the functionality of our App and to provide the personalized services you have requested.
- We will use your first name, last name, gender, date of birth and email address to communicate with you and respond to any comments or complaints you may send us.
- We monitor use of our products and services, and may use data stored in the App on anonymous basis to help us manage, improve and develop our products, content and services. Compliance with applicable laws and protection of Kaz’s legitimate business interests and legal rights, including, but not limited to, use in connection with legal claims, compliance, regulatory, investigative purposes (including disclosure of such information in connection with legal process or litigation).
- In addition, we may send you, based on your consent (if required), email marketing communication on our new products and services, product updates and special promotional offers and/or other products and services provided by us and/or our affiliated companies (Steel Technology LLC dba Hydro Flask, OXO International Ltd. and HOT (UK) Ltd.) as well as email marketing communication in relation to market research and consumer satisfactions surveys. If these communications are sent to you based on your consent, you have the right to withdraw your consent at any time (to “opt out”). You can opt out by following the instructions in the email or by clicking here.
What is the legal basis for our processing of your data?
The processing by us of your personal data as described above for the purpose of ensuring the functionality of our App, providing the personalized services you have requested, communicating with you and responding to any comments or complaints you may send us, monitoring use of our products and services, helping us manage, improve and develop our products, content and services is based on our legitimate interests (Art. 6 para. 1 f) GDPR) and for fulfilling our contractual obligations towards you (Art. 6 para. 1 b) GDPR). If we obtain your consent (e.g. for direct marketing purposes), we base our processing on this consent (Art. 6 para. 1 a) GDPR).
The processing for the purpose of compliance with applicable laws is based on the legal basis that such processing is necessary for compliance with a legal obligation to which Kaz is subject (Art. 6 para. 1 c) GDPR).
Who will we share data with and where will we send your data?
We may, subject to your consent, share your first name, last name, gender, date of birth and email address with Steel Technology LLC dba Hydro Flask and OXO International Ltd., both located in the USA, as well as HOT (UK) Ltd., located in the UK, for sending you email marketing communication.
We use a hosting provider (Amazon.com, Inc.) in the USA that stores our data on our behalf. The adequate level of data protection is ensured by relying on the providers’ Privacy Shield certification which is accessible here. In addition, we use an affiliate of Kaz as service provider (Helen of Troy L.P.) in the USA that provides maintenance and support services for the App. Furthermore, we use a call centre (Xtrasource Europe B.V.) in the Netherlands for customer support purposes (acting as our data processor with the respective contractual obligations).
Personal data may be also shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.
In the event that the business is sold or integrated with another business, your details may (subject to the applicable laws) be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business.
What rights do you have in relation to your data?
You may be entitled to ask Kaz for a copy of your information, to correct it, erase or restrict its processing, or to ask us to transfer some of this information to other organisations. You may also have rights to object to some processing activities, such as the profiling we may perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent. These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your data.
Where we require personal data to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship, or to meet obligations placed on us. In all other cases, provision of requested personal data is optional.
We hope that we can satisfy queries you may have about the way we process your data. If you have any concerns about how we process your data, or would like to opt out of marketing, you can get in touch at privacyEU@kaz.com.
In the event you have unresolved concerns, you also have the right to lodge a complaint with the competent data protection supervisory authority, in particular in the country you are located in or place of the alleged infringement.
How long will you retain my data?
We do not keep personal data longer than necessary. However, laws may require to hold certain information for specific periods. We may, for example, keep your personal data for a reasonable period of time after any relationship with you ends to protect ourselves from legal claims, or to administer our business (all subject to the applicable laws).
How do you protect my data?
We strive to maintain the highest standards of security and Kaz has put in place robust technical and organizational measures for the protection of your data in accordance with the current, general state of the art technologies, especially to protect the data against loss, falsification or access by unauthorized third persons. However, the transmission of information via the internet is not completely secure. So, whilst we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted via our App. Any transmission is at your own risk. Once we have received your personal data we will use strict procedures and security features to prevent unauthorized access.
If you have any questions about your data
The joint controllers for this processing are Kaz Europe Sàrl, Place Chauderon 18, 1003 Lausanne, Switzerland. Please click here to contact us if you have any questions about the processing of your personal data.