Early Preview — Kiwisonic is in early preview. Download is free, purchasing is not yet available.
Legal

Privacy Policy

What data we collect, why, and what your rights are.

Last updated: March 2025

This policy explains what personal data Kiwisonic collects when you use this website or register for early access, how that data is used, and what rights you have under the General Data Protection Regulation (GDPR).

1. Who is responsible for your data

The data controller is Kiwisonic. For questions about your personal data, contact us at privacy@kiwisonic.com.

2. What data we collect and why

Email address

We collect your email address when you register for early access or log in using a magic link. We use it to send you transactional emails: login links and, if you registered for early access, a purchase notification when Kiwisonic launches.

Legal basis: Performance of a contract (GDPR Article 6(1)(b)) for login, and your consent (Article 6(1)(a)) for early access registration.

Retention: Early access emails are kept until Kiwisonic launches and the purchase window closes, or until you ask us to remove your address. Account data is kept as long as your account is active.

Authentication cookie

When you log in, we set a secure httpOnly cookie containing a signed token. It keeps you logged in for 30 days. No tracking data is stored in this cookie.

Legal basis: Legitimate interest (Article 6(1)(f)): the cookie is strictly necessary for the service to function.

Survey responses

If you complete the alpha survey, your answers are stored alongside your account. We use this data to improve the product. It is not shared with third parties.

Legal basis: Your consent (Article 6(1)(a)).

Feature suggestions and votes

If you submit or vote on feature suggestions, your account is associated with that activity so we can prevent duplicate votes and moderate submissions.

Legal basis: Legitimate interest (Article 6(1)(f)).

IP address and request logs

The server logs your IP address to enforce rate limits on login requests (3 per 15 minutes per email). These logs are not retained beyond what the server process holds in memory and are discarded on restart.

Legal basis: Legitimate interest (Article 6(1)(f)): abuse prevention.

3. Third-party processors

We use the following third-party service to process your data:

  • Postmark (Wildbit LLC, USA): Transactional email delivery. Your email address is transmitted to Postmark when we send you a magic link or notification. Postmark operates under the EU-US Data Privacy Framework and applies standard contractual clauses for data transfers.

We do not use advertising networks, analytics platforms, or tracking pixels on this website.

4. Data transfers outside the EU

Your email address may be transferred to Postmark's servers in the United States when we send you an email. This transfer is covered by the EU-US Data Privacy Framework. No other personal data is transferred outside the EU/EEA.

5. Your rights

Under GDPR, you have the following rights:

  • Access: You can request a copy of the personal data we hold about you.
  • Rectification: You can ask us to correct inaccurate data.
  • Erasure: You can ask us to delete your data. We will do so unless we have a legal obligation to retain it.
  • Restriction: You can ask us to restrict how we use your data while a dispute is resolved.
  • Portability: You can request your data in a machine-readable format.
  • Objection: You can object to processing based on legitimate interest.
  • Withdraw consent: Where processing is based on consent, you can withdraw it at any time without affecting prior processing.

To exercise any of these rights, email privacy@kiwisonic.com. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority. In Sweden, this is Integritetsskyddsmyndigheten (IMY) at imy.se. In your own country, contact your national data protection authority.

6. Cookies

This website sets one cookie: a secure authentication cookie when you log in. It is strictly necessary and expires after 30 days. We do not set analytics, advertising, or third-party cookies.

Because the only cookie is strictly necessary, we do not display a cookie consent banner.

7. Changes to this policy

If we make material changes, we will update the date at the top of this page. We will not reduce your rights under existing law without giving you notice.

8. Contact

For any questions or requests related to this privacy policy: privacy@kiwisonic.com.