Gizlilik Politikası Son Güncelleme: Mayıs 2018

Kyäni’s Privacy Policy
Kyäni Europe AB and its Affiliates1 (“Kyäni,” “we,” or “us”) collect, use, transfer, retain and
otherwise process the Personal Data2 of EEA and Swiss individuals (“Covered Persons”—and if
you are a Covered Person, “you”) in compliance with the principles of the GDPR and Swiss
privacy laws.
Our Privacy Principles
Notice
When we directly collect any Personal Data from Covered Persons, we notify them about the
purposes for which we collect and use Personal Data, the types of third parties to which we
disclose the information, the choices they have for limiting the use and disclosure of their
information, and how to contact us about our practices concerning Personal Data.
When we receive Personal Data from our Affiliates, service providers, or others rather than
collecting it directly, we will use and disclose such information in accordance with the notices
provided by such entities and the choices made by the individuals to whom such Personal Data
relates.
Purpose of Collection and Use of Personal Data
Kyäni collects, uses, transfers, retains and otherwise processes Personal Data for the purposes
of providing products and services to Covered Persons and/or to our Business Partners, to
comply with our legal and other record-keeping obligations, for digital marketing, and for other
purposes permitted by law.
We generally do not collect sensitive Personal Data of vendors, service providers, customers, or
Business Partners, such as information about medical or health conditions, racial or ethnic origin,
political opinions, religious or philosophical beliefs, trade union membership or other sensitive
information as defined by the GDPR.
We receive and store any information entered on our web site or given to us in any other way.
Most commonly, the information we receive and store is not optional because it is required in
order to effectively and/or legally provide Covered Persons or their affiliates or associates with
access to our products, services and business opportunity. In some cases Covered Persons can
choose not to provide certain information, in which case the information is noted as optional, but
doing so may reduce the number or the quality of the products and/or services we are able to

1 These affiliates include each and every Kyäni-related entity doing business in the European
Economic Area (“EEA”), including without limitation Kyani Adriatic d.o.o., Kyani Germany GmbH,
Kyäni Hungary Korlátolt Felelősségű Társaság, Kyäni Italia Srl, and/or any other EEA entity doing
business with EEA citizens using the Kyäni name.
2
“Personal Data” has the meaning set forth in the GDPR.
Kyäni Privacy Policy – EEA-05.18-EN-EU
provide. We use the information that we receive to respond to requests, help Business Partners
(as defined in the Kyäni Global Compensation Plan) run their Kyäni businesses, customize future
shopping, improve our website or operations, communicate with customers or Business Partners,
and track results for ourselves and our Business Partners.
The specific types of information that we collect about Covered Persons are:
 Information given to us by the person to whom it relates. We obtain most of the
information we process or collect directly from the person to whom the information
relates. This information varies widely but can include names, email, phone numbers,
social media accounts and similar information, social insurance numbers and other
identification information, tax information, travel information (passports for companysponsored trips, for example), financial information such as methods of payment or bank
accounts, transportation information, and relationship information (regarding, for
example, spouses or children). In many cases it also includes regulatory or legal
information. It also includes the content of any reviews, emails, or other communications
made to us or about us by a Covered Person.
 Information generated by our systems. Our systems calculate, generate, or store certain
Personal Data based on the sales activities, marketing activities, purchasing activities, or
financial activities of Covered Persons or other individuals whose activities our systems
track and use to generate Personal Data that applies to one or more Covered Persons.
For example, we regularly collect sales data from our customers or Business Partners,
which generates commission payments to a Covered Person that are Personal Data. As
another example, we also generate information about the performance of groups of our
Business Partners, which may become Personal Data as to one or more Covered
Persons.
 Information provided to us by others. At times other people may provide to us
information about a Covered Person. For example, we provide prospecting tools that
Business Partners can use to manage their contact lists and make contact with
prospects. The information we receive about Covered Persons from other people varies
widely but typically involves contact information and possibly information about these
individuals’ activities.
 Automatic information. In addition, we collect and analyze a lot of technical data that is
provided to us automatically when Covered Persons use one of our sites or web
applications. Examples might include Internet protocol (IP) addresses, computer and
connection information, purchase history, and the phone number used to call us. We
may also use browser data such as cookies, Flash cookies (also known as Flash Local
Shared Objects), or similar data. During some visits we may use software tools such as
JavaScript to measure and collect session information. We may also collect technical
information to help us identify devices for fraud prevention and diagnostic purposes.
 Mobile. We collect data from mobile phones, including without limitation, as applicable,
the data set forth in “Automatic Information” above, as well as location data and other
mobile specific data including limitation carriers, application data, and other data. Most
mobile devices provide users with the ability to disable location services. If you have
questions about how to disable your device’s location services, we recommend you
contact your mobile service carrier or your device manufacturer.
 Information from Other Sources. Examples of information we receive from other sources
include updated delivery and address information from our carriers or other third parties,
which we use to correct our records and deliver new purchases or communication more
easily; site analytics information generated by third party site analysis tools, and
customer email delivery information coming from our attempts to communicate with
Covered Persons.
Kyäni Privacy Policy – EEA-05.18-EN-EU
Choice
Covered Persons may choose to change their Personal Data or cancel an account by using
Kyäni’s web portal, via phone to our customer service line, or through other appropriate means of
communication, including using the contact information below. They can also unsubscribe from
our marketing communications by following the instructions or unsubscribe mechanism in the
relevant message. While Kyäni (including its affiliates) has no intention of ever using or disclosing
the Personal Data of a Covered Person for a purpose materially different from the purposes listed
in this policy, if we ever do so, we will first offer Covered Persons the opportunity to opt-out of
such uses and/or disclosures where they involve non-sensitive information. Should a Covered
Person opt-out as described above, Kyäni may not be able to provide them with the products or
services they have requested or to permit them to continue as a Business Partner, depending on
the nature Kyäni’s need and/or legal obligation to maintain and use such Personal Data.
In addition, we may use or disclose Personal Data without offering individuals an opportunity to
opt-out (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or
other government officials based on an enforceable government request or as may be required
under applicable law, or (iii) when we believe disclosure is necessary or appropriate to prevent
physical harm or financial loss or in connection with an investigation of suspected or actual illegal
activity.
In certain situations, we may be required to disclose personal data in response to lawful requests
by public authorities, including to meet national security or law enforcement requirements.
Bases for Processing
The GDPR requires that all collection of personal data be based on a legally permissible
basis/purpose. This basis/purpose governs how long Kyäni can keep the information, what it can
be used for, and what kind of disclosures and/or consents are necessary. Your information in the
possession of Kyäni, as set forth above, will be processed by Kyäni for the following reasons and
with the following justifications:
 on the basis of your consent, which applies to Personal Data you give to Kyäni
specifically knowing the purposes for which it will be used;
 to allow Kyäni to perform its contract(s) with Covered Persons, or to take steps at
the request of a Covered Person prior to entering a contract with that person;
 to allow Kyäni to fulfill its legal duties related to tax collection, payment, and
financial reporting;
 to protect the vital interests of a Covered Person;
 on grounds of public interest (primarily related to needs of government
authorities);
 to protect or advance other legitimate interests of Kyäni in improving or
implementing its initiatives in digital marketing, consumer experience, and similar matters.
Accountability for Onward Transfer of Personal Data
Kyäni may share Personal Data with its service providers, Business Partners, and among its
subsidiaries and affiliates. Specifically and without limitation, Kyäni will share certain aspects of
Covered Persons’ Personal Data with upline and/or downline Business Partners.
Kyäni operates in many countries across the world. To enable Kyäni to offer consistent service to
Covered Persons, wherever they may be, we manage certain website functions from one central
location. This is currently in the United States. In addition, Business Partners in the upline or
downline of a Covered Person may be established in countries other than EEA countries,
Switzerland, or the United States. There is not one set of data protection laws that covers Europe,
the U.S. and other parts of the world, and the European laws require that Kyäni take steps to
protect Covered Persons’ information when it is transferred to regions outside of Europe. Those
steps include:
Kyäni Privacy Policy – EEA-05.18-EN-EU
 for international transfers to other Kyäni entities around the world, Kyäni relies on
intercompany agreements and Kyäni’s worldwide compliance protocol;
 for international transfers to service providers, the protections depend on the
service provider concerned and its location, and include agreements containing data protection
clauses as required by law;
 for international transfer, if any, to members in the upline and/or downline, of a
Covered Person, Kyäni relies on the execution of the Kyäni Independent Business Partner
Agreement and the relevant provisions of the Policies and Procedures.
If a third party does not comply with its privacy obligations, Kyäni will take commercially
reasonable steps to prevent or stop the use or disclosure of Personal Data. If a third party service
provider providing services on Kyäni’s behalf processes Personal Data from the EEA or
Switzerland in a manner inconsistent with the GDPR or relevant onward transfer principles, Kyäni
will be liable unless we can prove that we are not responsible for the event giving rise to the
damages.
Security
Kyäni maintains reasonable and appropriate administrative, technical and physical safeguards to
protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and
destruction.
Access to Information
Kyäni provides employees, consumers, customers, Business Partners, suppliers and others with
confirmation of whether or not Kyäni is processing Personal Data relating to them and reasonable
access to Personal Data maintained about them. We also provide a reasonable opportunity to
correct, amend or delete that information where it is inaccurate. We may limit or deny access to
Personal Data where providing such access is unreasonably burdensome or expensive under the
circumstances, or as otherwise permitted by the relevant legal principles. To obtain access to
Personal Data, consumers, customers, suppliers and others may use Kyäni’s online backoffice or
contact Kyäni as specified in the “How to Contact Us” section of this Policy.
Examples of information easily available in the Kyäni.com back office or in our shopping cart
system include up-to-date information regarding recent orders; personally identifiable information
(including all or some of the following– name, e-mail, website address, paid-as rank and lifetime
rank, password, communications, notes from phone calls, downline and upline information,
portions of payment information, shipping information, and other business related information);
payment settings (including credit card information and promotional certificate and gift card
balances, if any); e-mail notification settings (including newsletters, ordering alerts, and similar
information); shopping history; and Business Partner account information.
Covered Persons have a right to access their own Personal Data, including sensitive Personal
Data, for any lawful purpose, except where providing such access is unreasonably burdensome
or expensive under the circumstances, or as Kyäni is otherwise permitted by the relevant legal
principles to limit or deny such access. Once the purpose for which the data was collected and/or
processed has passed, and no legal obligation requires it to be kept, Covered Persons have the
right to have such data erased or forgotten. Kyäni will honor requests to be forgotten sent by
Covered Persons to the contact information in the “How to Contact Us” section of this policy.
Data Integrity and Purpose Limitation
Kyäni takes reasonable steps to ensure that Personal Data collected by Kyäni is relevant for the
purposes for which it is to be used and that the information is reliable for its intended use and is
accurate, complete and current. We depend on our employees, Business Partners, consumers,
customers, suppliers and others to update or correct their Personal Data whenever necessary.
Kyäni Privacy Policy – EEA-05.18-EN-EU
Recourse, Enforcement and Liability
Kyäni has established procedures for periodically verifying implementation of and compliance
with the GDPR principles. We conduct an annual self-assessment of our practices with respect to
Personal Data to verify that representations we make about our Personal Data privacy practices
are true and that related privacy policies have been implemented as represented.
Dispute Resolution
Covered Persons with a complaint about Kyäni’s GDPR compliance should submit that complaint
via email to privacy@kyani.com. In the event that a Covered Person is not satisfied with our
resolution of the complaint, they may contact EU data protection authorities. Contact details for
the EU data protection authorities can be found at http://ec.europa.eu/justice/dataprotection/bodies/authorities/index_en.htm
How to Contact Us
Please address any questions or concerns regarding our Privacy Policy or our practices
concerning Personal Data by contacting us through email at:
privacy@kyäni.com
or writing to:
Attention Privacy Department
Kyäni Europe AB
Ebbe Lieberathsgartan 18 B,
412 65
Göteborg, Sweden
Amendment
The Kyäni Privacy Policy—EEA may be amended from time to time in compliance with the
requirements of the GDPR and ot