WellNetIQ Privacy Policy

Ensuring the security of the personal information you submit is a priority for WellNetIQ GmbH. Our privacy policy has been developed as an extension of our commitment to combine quality products and services with integrity in our dealings with our users, and reflects our commitment to your privacy and security.

By using our website, you consent to the collection and use of information by WellNetIQ as described in this Privacy Policy.

WellNetIQ adheres to the Privacy Principles for Notifications, User Choice, Data Sharing and Security, Data Integrity, Access to Data, and Enforcement of this Privacy Policy.

This Privacy Policy covers the collection and use of information by the websites designed for our business partners and includes, but is not limited to, the following domain: WellNetIQ.com, all of which are collectively referred to as the "Websites". This Privacy Policy also covers the collection and use of data through any WellNetIQ enterprise smart phone applications (collectively, the "Smart Phone Apps"). The Websites and Smart Phone Apps are collectively referred to as the "WellNetIQ Site".

We want your use of the www.wellnetiq.com Site and the services we provide to be productive and safe, and we have gone to great lengths to keep your information in our system confidential and secure at all times.

If you have any questions or concerns about this statement, you should first contact [email protected].

The responsible party for the data processing described in this privacy policy is WellNetIQ GmbH, ABC-Straße 10, 20354 Hamburg, Germany. The responsible contact person at WellNetIQ GmbH for data protection issues is Dr Tilman Spangenberg.

-1-

Our privacy policy is designed to help you understand how we collect, use and protect the personal information you provide to us and to help you make informed decisions when using our website and our products and services.

As a private company, we are subject to the provisions of the European General Data Protection Regulation (GDPR) and the provisions of the German Federal Data Protection Act (BDSG). We have taken technical and organisational measures to ensure that the regulations on data protection are observed both by us and by our external service providers.

Legal basis for data processing

According to the law, any processing of personal data is in principle prohibited and only permitted if the data processing falls under one of the following grounds of justification:

  • Art. 6 (1) p. 1 lit. a) DSGVO ("consent"): Where the data subject has freely given his or her informed and unambiguous consent, by means of a declaration or other unambiguous affirmative act, to the processing of personal data relating to him or her for one or more specified purposes;

  • Art. 6 (1) p. 1 lit. b) DSGVO: Where processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the request of the data subject;

  • Art. 6  (1) sentence 1 lit. c) DSGVO: If processing is necessary for compliance with a legal obligation to which the controller, WellNet IQ GmbH, is subject (e.g. a legal obligation to keep records);

  • Art. 6 (1) p. 1 lit. d) DSGVO: Where processing is necessary to protect the vital interests of the data subject or another natural person;

  • Art. 6 (1) S. 1 lit. e) DSGVO: Where processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, WellNetIQ GmbH; or

  • Art. 6 (1) p. 1 lit. f) DSGVO ("Legitimate Interests"): Where processing is necessary for the purposes of legitimate (in particular legal or economic) interests of the controller or a third party, unless such interests are overridden by the conflicting interests or rights of the data subject (in particular where the data subject is a minor).

    For the processing carried out by us, we indicate below the applicable legal basis in each case. A processing operation may also be based on several legal bases.

 

Personal information

The WellNetIQ Site collects various types of personally identifiable information (PII) such as name, address, email address and phone number.

When you download and use the smartphone apps, we automatically collect information about the type of device you are using, the version of the operating system, and the device identifier.

We do not request, access or track location-based information when you use the smartphone apps.

We may send you push notifications from time to time to let you know about events or promotions. If you no longer want to receive these types of notifications, you can turn them off at the device level. To ensure that you receive proper notifications, we need to collect certain information about your device, such as information about the operating system and user ID.

In order to tailor our subsequent communications to you and to continually improve our products and services, we may also ask you to voluntarily provide us with information about your personal or professional interests, demographics, experience with our products and contact preferences. In general, you can visit the WellNetIQ Site without entering any PII. However, if you wish to place an order on the WellNetIQ Site, you must provide your name, mailing address, billing address, email address, telephone number, credit card number and its expiry date. All of this information is necessary for us to complete the transaction and notify you of the status of your order. For business partners, the purpose of the WellNetIQ site is to manage their ambassadorship, preferred customers and partner network. If you are a Business Partner (Ambassador), you can order products and manage your business on the WellNetIQ site.

When you sign up as a WellNetIQ Business Partner through the Websites, we collect your PII, including your name, home and business addresses, phone numbers, email address, IP address, credit card number and expiry date, bank account information (for direct deposit or debit), and various government-issued identifying information, including, but not limited to, your passport number, tax identification number, national ID card number, national insurance number, etc. We may also collect scanned copies of government-issued photo identification.

This information is necessary to manage your WellNetIQ business, to identify who you are, to place your business and that of downline business partners in the tree, to manage compliance, to order products, to receive recognition and rewards, and to calculate and pay commissions.

We only allow your higher level business partners to view the following PII: your name, email address and phone number.
If you choose to use a replicated website, the PII you specifically select will be displayed: Name, website URL, phone number.

We also collect personally identifiable information from customers, including name, address, phone number, email address, and credit card number and expiry date.
This PII is used to bill product orders and ship products, and for no other purpose.

We collect personal data from the people in your smartphone's personal contact list who select you for emails or text messages when you participate in the "Refer a Friend" feature of the loyalty programme.
As a company under private law, we are subject to the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). We have taken technical and organisational measures to ensure that the regulations on data protection are observed both by us and by our external service providers.

Automatically collected, non-personally identifiable information

As with most websites, we automatically collect and store certain information in log files. This information may include internet protocol (IP) addresses, browser type, domain type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp and/or clickstream data.

We use mobile analytics software to help us better understand the functionality of our smartphone apps on your device. This software may record information such as how often you use the app, the events that occur within the app, aggregate usage, performance data and where the app was downloaded from. We do not link the information we store in the analytics software to personally identifiable information you provide in the smartphone apps.

Completing the information

To protect your account, we may occasionally supplement the personal information you have provided to us with information from third party sources.

We use services from leading industry companies to verify your identity to prevent others from fraudulently targeting your account or the company.

Testimonials/Product reviews

If you provide a testimonial or product review on the WellNetIQ site, you should be aware that any personal information you submit there may be read, collected or used by other users of these forums and could be used to send you unsolicited messages.

For testimonials, we obtain the customer's consent before posting their name and video testimonial.

If you have posted a comment in a public forum, we are not responsible for the personal information you provide in those comments.

If you wish to remove your personal information that is publicly displayed on the WellNetIQ Site, please contact us at [email protected].

How we use your information

We may use your email address, postal address and/or telephone number to provide quality customer support or to contact you regarding order status, product or fulfilment issues and other customer service related activities. We may use your email address, mailing address and/or telephone number to contact you regarding new product offerings, special sales, newsletters, market research and enforcement of the Business Associate Agreement and other aspects of your use of the WellNetIQ Sites.

However, if you do not wish to receive such communications, you may opt out at any time and will not be contacted again unless you order a product. In that case, we will send you an order confirmation.

From time to time, we may ask you to answer surveys about current or future WellNetIQ products, as well as to determine the hours worked for each rank in the compensation plan. Participation in these surveys is always voluntary. Survey responses are used only in the aggregate and are never associated with any individual.

Occasionally, we share aggregate survey data with our affiliates and development partners to facilitate new product development and improve customer service and overall customer satisfaction.

Exchange of information and choices

WellNetIQ is not an "information broker".

We do not sell profiles, contacts, web usage habits, behaviours, buying patterns or demographic information of our customers, affiliates or users.

We use the information we collect about you to process orders, pay commissions and provide the best possible personalised service.

We will not use or disclose PII provided to us online in ways other than those described above without first informing you and giving you a choice. We will also give you the opportunity to let us know if you do not wish to receive unsolicited direct mail materials from us, and we will do everything in our power to comply with such requests.

Agents/service providers

We use third parties, such as a shipping company to fulfil orders and a credit card company to bill you for goods and services.

We use live chat to help you if you have questions about using our website or placing an order.

If you purchase a product and use our website, we will share your name, address, phone number and email address as necessary for the third party to provide the service.

These third parties, regardless of the country in which you are registered, are prohibited from using your personal data for advertising or other purposes that are not necessary for the provision of services to us, and they are contractually obliged to comply with the GDPR and the BDSG.

Transition of business

In the event that WellNetIQ goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personal information will likely be one of the transferred assets.

You will be notified by email and/or by a prominent notice on our website of any such change in ownership or control of your personal information and of your choices regarding your personal information.

Legal notice

In addition to the circumstances described above, WellNetIQ may disclose or release information when we determine, in good faith, that it is necessary to do so for reasonable cause: (i) to comply with the law, a judicial proceeding, a court order, or legal process relating to our Site; (ii) to enforce or apply the terms of the User Agreement; or (iii) to protect the rights, property, or safety of the WellNetIQ Site, our users, or others.

Links to other pages

This WellNetIQ site contains links to other sites that are not owned or controlled by WellNetIQ.

Please be aware that we, WellNetIQ, are not responsible for the privacy practices of such other sites.

We encourage you to be aware when you leave our site and to read the privacy statements of each and every website that collects personally identifiable information.

This privacy policy applies only to information collected by this WellNetIQ site.

Widgets for social media

Our websites may contain social media features such as the Facebook Like button and widgets such as the ShareThis button or interactive mini-programs that run on our website. These features may collect your IP address, the page you visit on our website and may set a cookie to allow the feature to function properly.

Social media features and widgets are either hosted by third parties or hosted directly on our website.

Your interaction with these features is subject to the privacy policy of the company providing them.

Tracking information

WellNetIQ does not track the online activities of users of the WellNetIQ Site over time, nor does it allow other parties to do so on the WellNetIQ Site.

Log files

Like most websites, the WellNetIQ site records certain tracking information each time someone visits the site.

For each web page accessed, our web server records an IP address, operating system, browser version and the name of the page accessed.

We use a third-party tracking service that employs tracking technologies to collect non-personally identifiable information about visitors to our Site.

This information is not associated with any particular user and is used in the aggregate to maintain, track and improve the WellNetIQ sites.

Cookies

A cookie is a small piece of data that is stored by your browser on your computer's hard drive.

The WellNetIQ Site uses cookies only for the purpose of uniquely identifying our users and securing their personal information.

We also use cookies to track your order process without requiring you to re-enter or verify your password or personal information on each page of the Site.

Instead of storing this information on the WellNetIQ server, the cookie is stored on your computer and only activated when you visit the WellNetIQ site.

Your privacy and security are not compromised when you accept a cookie from the WellNetIQ site.

No one other than WellNetIQ can access this information.

Insofar as personal data is also processed by individual cookies used by us, the processing is carried out pursuant to Art. 6 para. 1 lit b DSGVO either for the performance contract, according to Art. 6 para. 1 lit a. DSGVO in the case of a granted consent, or according to Art. 6. para. 1 lit. f DSGVO to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.

Third party tracking technologies

Some of our business partners use cookies and web beacons on our website. We do not have access to or control over these third-party trackers.

Delete Gifs (Web Beacons/Web Bugs)

We may use a software technology called clear gifs (also known as web beacons/web bugs) to help us better manage the content on our website by informing us which content is effective.

Clear gifs are tiny graphics with a unique identifier that are similar in function to cookies and are used to track the online movements of web users.

Unlike cookies, which are stored on a user's hard drive, clear gifs are invisibly embedded in web pages and are about the size of the dot at the end of this sentence.

We do not link the information collected through Clear Gifs to our customers' personal data.

We may use Clear Gifs in our HTML-based emails so that we know which emails have been opened by recipients.

This allows us to assess the effectiveness of certain communications and the effectiveness of our marketing campaigns.

If you would like to unsubscribe from these emails, please read "How we use your data".

Flash Cookies

We do not use Flash cookies to collect and store information.

Data retention

We only process your data for as long as is necessary for the fulfilment of our contract or applicable legal provisions and the maintenance of our relationship with you. We will inform you about the specific storage period of the data within the scope of the respective description of the individual data processing. If there is no specific information on the storage period, it is not possible for us to specify such a period, as this depends on various individual factors (e.g. contract term, assertion of claims, etc.). In these cases, we base the duration of storage on the principle of data minimisation and proportionality.

Business documents are kept for a maximum of 6 or 10 years in accordance with the requirements of the German Commercial Code and the German Fiscal Code.

As long as you do not object or revoke your consent, we will use your data to maintain and intensify our trusting business relationship for our mutual benefit.

Should you wish your data to be deleted, we will delete your data immediately, provided that there are no legal obligations to retain it.

Email and "opt-out" policy

We may use the email address you provide to contact you regarding the following matters:

1 User registration status (including account login confirmation);
2 Order status and shipment notification
3 Online customer satisfaction survey
4 Significant changes to the website, addition of new products or services; 5 Promotional and marketing materials that may be useful to you.

If you do not wish to receive information about products or services that we think may be of interest, you can change the notification options in your account settings.

If you do not wish to receive any of these emails, you can unsubscribe by clicking on the opt-out link or by submitting your email address to [email protected] or by following the unsubscribe instructions in each email.

Protection of your personal data

WellNetIQ is committed to ensuring the security of your information. To prevent unauthorised access or disclosure, maintain data accuracy and ensure the appropriate use of information, we have put in place reasonable physical, electronic and managerial procedures to safeguard and secure the information we collect (both on- and off-line). We place great importance on the protection of your personal information and take commercially reasonable steps to safeguard and secure that information.

WellNetIQ sites use Secure Sockets Layer (SSL) to encrypt the transmission of sensitive information, such as your account password and billing information, including credit card, from your web browser to our web server.

Only the last four (4) digits of your credit card number will be displayed in your account. When you place an order with us, you will have the option to choose whether you want your credit card numbers stored in our system.

Emails you send to us may not be secure unless you are told that security measures are in place before the information is sent. For this reason, we ask that you do not email us sensitive information such as credit card numbers or bank account numbers.

The same SSL protocol is also used to authenticate WellNetIQ websites and prevent unauthorised "hackers" from impersonating one of our websites while you are logged into your account. This is achieved through a "digital certificate" which is an unforgettable electronic "identity card".

If another website attempts to misrepresent itself as a WellNetIQ site, your web browser will display a warning indicating that there is a problem with the digital certificate for the WellNetIQ site. Do not log in to these sites if you see such a warning.

We adhere to generally accepted industry standards to protect personal information submitted to us, both during transmission and after it is received.

However, no method of transmission over the Internet and no method of electronic storage is 100% secure. Therefore, although we endeavour to use commercially available means to protect your personal information, we cannot guarantee absolute security.

If you have any questions about security on our website, you can email us at [email protected].

Updating your personal information

Preferred Customers and Business Partners can update or correct their personal information at any time by visiting the My WellNetIQ section of the WellNetIQ website.

If you wish to access, delete or correct your information, please complete a helpdesk ticket through your WellNetIQ Customer Service or contact us by phone.

Access requests will be responded to within 30 days of receipt.

Rights of the data subject

1. revocation of consent

If the processing of personal data is based on your consent, you have the right to withdraw your consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

2. right to confirmation

You have the right to request confirmation from the controller as to whether we are processing personal data relating to you. You can request confirmation at any time using the contact details above.

3. right to information

If personal data is processed, you can request information about this personal data and about the following information at any time:

(a) the purposes of the processing;

(b) the categories of personal data processed;

(c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organisations;

(d) where possible, the envisaged duration of the storage of the personal data or, if this is not possible, the criteria for determining such duration;

(e) the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing by the controller or a right to object to such processing;

(f) the existence of a right of appeal to a supervisory authority;

(g) if the personal data have not been collected from the data subject, any available information on the origin of the data;

(h) the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

(i) If personal data are transferred to a third country or to an international organisation, you have the right to be informed about the appropriate safeguards pursuant to Article 46 of the GDPR in connection with the transfer. We will provide you with a copy of the personal data that is the subject of the processing. For additional copies that you request as an individual, we may charge a reasonable fee based on the administrative costs. If you make the request electronically, the information will be provided in a commonly used electronic format unless otherwise stated. The right to obtain a copy under Article 20 shall not prejudice the rights and freedoms of other persons.

4. right to rectification and completion

You have the right to ask us to rectify without delay any inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to request that incomplete personal data be completed, including by means of a supplementary declaration.

5. right to erasure ("right to be forgotten")

You have the right to request the controller to erase the personal data concerning you without undue delay and we are obliged to erase the personal data without undue delay if one of the following reasons applies

(a) the personal data are no longer necessary for the purposes for which they were collected or otherwise processed.

(b) the data subject withdraws the consent on which the processing was based pursuant to Article 6(1)(a) or Article 9(2)(a) of the General Data Protection Regulation and there is no other legal basis for the processing.

(c) the data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing or the data subject objects to the processing pursuant to Article 21(2) of the GDPR.

(d) the personal data have been processed unlawfully.

(e) erasure of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.

(2) Where the controller has made the personal data public and is obliged to erase it pursuant to paragraph 1, it shall take reasonable measures, including technical measures, having regard to the available technology and the cost of implementation, to inform the controllers that process the personal data that a data subject has requested the erasure of all links to the personal data or all copies or replications thereof.

The right to erasure ("right to be forgotten") does not exist insofar as the processing is necessary:

- to exercise the right to freedom of expression and information;

- to comply with a legal obligation to process under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

- for reasons of public interest in the area of public health pursuant to Article 9(2)(h) and (i) and Article 9(3) of the GDPR;

- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) of the GDPR, where the right referred to in paragraph 1 is likely to make impossible or seriously prejudice the achievement of the purposes of such processing; or

- for the establishment, exercise or defence of legal claims.

6. right to restriction of processing

You have the right to request us to restrict the processing of your personal data if one of the following conditions is met:

(a) the accuracy of the personal data is contested by the data subject within a period enabling the controller to verify the accuracy of the personal data;

(b) the processing is unlawful and the data subject objects to the erasure of the personal data and requests instead the restriction of the use of the personal data;

(c) the controller no longer needs the personal data for the purposes of the processing but the data subject needs them for the establishment, exercise or defence of legal claims; or
(d) the data subject has objected to the processing pursuant to Article 21(1) of the GDPR for as long as it is not yet determined whether the legitimate grounds of the controller override those of the data subject.

Where processing has been restricted in accordance with the above conditions, such personal data may be processed, apart from storage, only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or a Member State.

legal person or for reasons of substantial public interest of the Union or of a Member State.

7. right to data portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another controller without being prevented from doing so by the controller to whom the personal data was transmitted, provided that:

  1. a)  the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(b).

  2. b)  or is based on a contract pursuant to Article 6 (1) b) DSGVO and

  3. c)  the processing is carried out with the aid of automated procedures.

When exercising the right to data portability referred to in paragraph 1, you have the right to have the personal data transferred directly from one controller to another controller where this is technically feasible. The exercise of the right to data portability does not affect the right to erasure ("right to be forgotten"). This right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

8. the right of appeal

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) DSGVO; this also applies to profiling based on these provisions. The controller shall no longer process the personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.

If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object to the processing for direct marketing purposes, the personal data will no longer be processed for these purposes.

In the context of the use of information society services, by way of derogation from Directive 2002/58/EC, you may exercise your right to object by means of automated procedures using technical specifications.

You have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1), unless the processing is necessary for the performance of a task carried out in the public interest.

You may exercise your right to object at any time by contacting the relevant competent person.

9. right to complain to a supervisory authority

You also have the right, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if the data subject considers that the processing of personal data relating to him or her infringes this Regulation.

10. the right to an effective legal remedy

Without prejudice to any available administrative or non-judicial remedy, including the right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR, you have the right to an effective judicial remedy if you consider that your rights under this Regulation have been infringed as a result of processing of your personal data which does not comply with this Regulation.

Politics for children

The Website is not intended for use by children and children under the age of 18 are not authorised to use the Website and should not submit any personal information to us. We do not knowingly market to or solicit information from children under the age of 18.

Changes to this privacy policy

If we decide to change our privacy policy, we will post those changes in this privacy policy, on the homepage, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

We reserve the right to change this Privacy Policy at any time, so you should review it periodically.

If we make material changes to this policy, we will notify you here, by email or by posting a notice on our home page before the change takes effect.

Privacy Policy Status: 13 September 2022