Privacy policy for the Android app
KIWI HEALTH EXPORT

The following information relates specifically to data processing in the context of the “KIWI HEALTH EXPORT” mobile application.

1. Purpose of the app

The KIWI HEALTH EXPORT app allows you to read the data from Health Connect by Android securely and in encrypted form and convert it into a format that can be read and processed by the KIWI HEALTH application.

The KIWI HEALTH EXPORT app itself does not record, modify or delete any health data.

All data remains under the user’s control and is stored only locally on the user’s devices or via the “Share” function at a location explicitly selected by the user.

Medical disclaimer:

The KIWI HEALTH EXPORT app is designed exclusively to help you analyze and manage your health data.

It is not a medical device within the meaning of the EU Medical Device Regulation (MDR) and is not a substitute for medical diagnosis, treatment or advice.

Please always consult a healthcare professional if you have any health complaints or questions. The information provided in the app is for information purposes and self-monitoring only.

2. Controller

Responsible for data processing within the meaning of applicable data protection laws is:




E-Mail:

3. Scope and type of data collected

3.1 Personal data (optional)

You can optionally enter the following personal data in the app:

• Name
• Gender
• Date of birth

This data is included in the export and is used to calculate individual thresholds and reference ranges for certain health values. Your name is only displayed in the exported reports for personalization purposes.

3.2 Health data

The app only accesses health data you explicitly grant permission for via Google Health Connect.

Supported data categories and types include:

• Activity & fitness:
  Sports & workouts, activity energy burned, total calories burned, VO₂Max, steps, step cadence, distance, floors (stairs), elevation gained, cycling cadence, wheelchair pushes, speed, power
• Circulation & vital signs:
  Blood pressure, blood glucose, heart rate, resting heart rate, heart rate variability, oxygen saturation, respiratory rate, body temperature
• Body measurements:
  Weight, height, lean body mass, body fat percentage, body water mass, bone mass, basal metabolic rate (BMR)
• Sleep:
  Sleep phases, sleep quality, sleep duration.
• Nutrition:
  Nutritional values, food intake, fluid intake
• Menstrual cycle:
  Menstrual periods, flow rates, ovulation test results, cervical mucus, intermenstrual bleeding, basal body temperature
• Stress & mental health:
  Relaxation sessions, stress levels, mindfulness, mental alertness (if supported).
• Other values:
  Sexual activity

3.3 Currently supported health values

The following health and fitness data can currently be exported from KIWI HEALTH EXPORT:

• Activity & fitness:
  Sports & workouts, activity energy burned, total calories burned, VO₂Max, steps, distance, floors (stairs), elevation gained, wheelchair pushes, speed & power (calculated)
• Circulation & vital signs:
  Blood pressure, blood glucose, heart rate, resting heart rate, heart rate variability, oxygen saturation, respiratory rate, body temperature
• Body measurements:
  Weight, height, lean body mass, body fat percentage, body water mass, bone mass, basal metabolic rate (BMR)
• Sleep:
  Sleep phases, sleep quality, sleep duration.
• Nutrition:
  Nutritional values, food intake, fluid intake
• Menstrual cycle:
  Menstrual periods, flow rates, ovulation test results, cervical mucus, intermenstrual bleeding, basal body temperature
• Other values:
  Sexual activity

You can also grant permission to read historical data. This allows you to perform long-term analyses.

Additional Health Connect data types will be supported in future updates.

3.4 Access to health data

The app only requests permissions that are required for the technical execution of the data export.

Health data will only be accessed if you have expressly given your consent to this via Health Connect.

3.5 Connection to the license server and technical data processing

To ensure the technical operation of the mobile application and to check the license status, a connection to our servers may be established when the app is started.

The following technical data is processed:

• A randomly generated installation identifier (UUID)
• A license key entered by the user, if applicable
• Timestamp of the request
• App version
• Number of connection requests

Processing is carried out for the following purposes:

• Provision and verification of software licenses.
• Ensuring safe and stable operation of the application.
• Detection and prevention of misuse.

The processing is carried out according to Art. 6 para. 1 lit. b GDPR (performance of a contract), if a license is used, and according to Art. 6 para. 1 lit. f GDPR (legitimate interest) to ensure technical operation.

No health data, IP addresses, location data or other device information is transmitted. The transmitted installation identifier (UUID) is used exclusively for technical assignment and does not contain any directly identifiable personal information.

3.6 Optional transmission of technical usage data

The app offers the option of optionally transmitting technical usage data that is not used for identifying individuals in order to improve the stability and performance of the application.

This function is deactivated by default and is only activated with the explicit consent of the user.

The following data can be processed as part of this function:

• Timestamps of export processes (start and end).
• Number of exported data records.

This data is used exclusively for the technical analysis of the performance of the export function. The processing is carried out according to Art. 6 para. 1 lit. a GDPR (consent). Consent can be revoked at any time in the app settings.

This data is not assigned to a specific person for analysis or profiling purposes. If, in individual cases, a reference to a person can be established via a license key, this is done exclusively for the purposes described in this privacy policy, in particular for license management and for processing support requests.

3.7 Internal technical evaluation

To ensure the stability and performance of our systems, technical connection data may be analyzed internally in aggregated form (e.g. number of logins or export processes at certain times).

These evaluations are carried out exclusively for technical purposes and are used for capacity planning and infrastructure optimization. A linkage to an identifiable individual is only carried out for license management, misuse detection and support. User profiles are not created. The data is not passed on to third parties.

3.8 Storage period

Personal data is only stored for as long as is necessary for the respective purposes.

Technical connection data is deleted at the latest after 24 months without user activity.

4. Purpose and legal basis of data processing

Personal and health data is processed exclusively for the purpose of providing the functions of the app, in particular for the export and structured processing of your health data.

The processing is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and, insofar as health data is concerned, Art. 9 para. 2 lit. a GDPR.

Consent to the processing of health data is given via the permissions you have granted in Health Connect.

5. Data processing and storage

• All health and optional personal data is only processed locally on your devices.
• The export takes place in encrypted and password-protected form.
• Health data will not be transmitted to our servers or to third parties.
• The data is stored exclusively at the storage location you have selected.
• Storage duration:
  The data processed in the app is only stored for as long as you wish. Deletion from your mobile device takes place by manually removing the data or by uninstalling the app.

6. Disclosure of data

Your personal or health data will not be passed on or sold to third parties.

Technical data is transmitted to our own servers exclusively for the purposes described in this privacy policy.

7. Protection of data

Health data is particularly sensitive data.

We therefore attach particular importance to compliance with data protection regulations. All data is handled in accordance with the strict rules of German data protection law and the European GDPR.

Beyond this, no data is passed on to other companies or persons for independent use. Third parties will not be able to view your data. Data is only passed on if you actively export it yourself or share it with other applications. Any distribution or provision requires your consent at all times.

If you want to share generated export files with other apps, the privacy policy and data protection provisions of these apps also apply.

8. Security

We use technical and organizational measures to protect your health data in the best possible way against loss, misuse or unauthorized access.

9. Automated decisions and profiling

There is no automated decision-making or profiling within the meaning of Art. 22 GDPR.

10. Your data subject rights

You can exercise the following rights at any time using the contact details of the controller given above:

• Information about your data stored by us and its processing (Art. 15 GDPR).
• Correction of incorrect personal data (Art. 16 GDPR).
• Deletion of your stored data (Art. 17 GDPR).
• Restriction of data processing if we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR).
• Objection to the processing of your data by us (Art. 21 GDPR).
• Data portability, provided you have consented to the data processing or have concluded a contract with us (Art. 20 GDPR).

If you have given us consent, you can revoke this at any time with effect for the future.

You may at any time submit a complaint to a supervisory authority, e.g. the competent supervisory authority in the federal state of your residence or the authority responsible for us.

If you are located outside the EU, please refer to your local data protection authority.
For residents of the European Union, you may contact your national data protection authority. A list of EU supervisory authorities can be found at:
https://edpb.europa.eu/about-edpb/board/members_en

11. Changes to the privacy policy

This privacy policy may be updated from time to time. Please check it regularly to stay informed of any changes.

12. Supplementary data protection declaration for other offers from KIWI HEALTH

This privacy policy applies exclusively to the Android app KIWI HEALTH EXPORT.

For information on the processing of personal data in connection with the website https://kiwi-health.de/en, the desktop program KIWI HEALTH or other services, please visit the general privacy policy at:
https://kiwi-health.de/en/privacy-policy

If you have any questions about our data protection provisions or a request for information or deletion, please contact