Your basket is empty!
Click on this link to start shopping!
Privacy Policy
Thank you for visiting our website. Weleda New Zealand Limited (“Weleda, ”We” or “Us”) is committed to protecting your privacy. We recognise the trust you put in Us when you share information on www.weleda.co.nz (the “Website”).
Purpose and Approach
- We respect your privacy and will at all times comply with our obligations under the Privacy Act 2020 when dealing with personal information (personal information is information about an identifiable individual).
- This Privacy Policy describes how we collect information when you use the Website, what We may do with it and who We may disclose it to.
- This policy does not limit or exclude any of your rights under the Privacy Act. If you would like further information on it, see www.privacy.org.nz.
Collection of Personal Information
- We only collect personal information that you provide to Us; for example by doing the following on the Website: completing a “contact us” form, participating in one of our competitions, subscribing to our newsletter or purchasing products.
- Your personal information will be held by Us or by one of our trusted service providers.
Use of Personal Information
- We only use personal information for business purposes; i.e. to:
- Process orders for products placed on our Website;
- Communicate with you (for example to provide customer support or to ask you for feedback about our products and services);
- Improve our products and services;
- Research and analyse how our Website is used so We can improve it;
- Protect and/or enforce our legal rights, including to investigate and respond to any complaints or violations of our rights;
- Comply with our legal obligations; or
- To fulfil any other purpose which is authorised by you or the Privacy Act.
Disclosure of Personal Information
- As part of our normal business operations, We may share personal information with certain third-party service providers for the following reasons:
- When it is reasonably necessary to support our services and products, including any person that hosts or maintains any underlying IT system or data centre that We use for our Website or other services and products;
- When a third-party is providing services to you on our behalf; or
- Any other person or organisation that you have authorised Us to disclose information to.
Access, correction and retention of personal information
- The information you give Us must be accurate, correct and up to date. It if changes, please inform Us to ensure your information is up to date and correct.
- You are entitled to access the personal information we hold about you upon request. You may also request the correction of that personal information. In both cases, please contact us at [email protected].
- We will only retain your personal information for as long as it is necessary to achieve the purposes set out in this policy or as required by law.
Security of personal information
- We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse.
- In the unlikely event of a notifiable privacy breach, we will notify you (and the Privacy Commissioner) as soon as possible in accordance with the Privacy Act and take appropriate action in response.
- For clarity, We will not be liable for the theft, destruction, or disclosure of your personal information where our security safeguards have been breached.
Overseas disclosure
- Your personal information may be transferred, stored, processed or used outside of New Zealand by us or by third party service providers (such as our cloud service provider who is in Germany).
- When you provide your personal information to Us, you consent to the collection, use, storage, and processing of your personal information in and outside of New Zealand by these third-party service providers. When your personal information is sent overseas, it will always be subject to safeguards that are at least as stringent as those in place in New Zealand.
Links to third party sites
- We may have links or references to third party websites on our Website. This policy does not apply to those websites. Please ensure you read the privacy policy of those websites.
Social plugins, Newsletter and Product Reviews
- Social plugins
- This website has integrated social media/social sharing functions. However, to protect web page users, Weleda has chosen to use Shariff script.
- Weleda does not record any personal data through the social plugins or regarding their use itself. To prevent data from being transferred to service providers in the USA without your knowledge, Weleda uses what is known as the Shariff solution. This solution ensures that no personal data is passed on to the providers of the individual social plugins to begin with if you visit this website. Data can only be transferred to the service provider and stored there if you click on one of the social plugins.
- For more information on the Shariff solution, please visit the web pages of its provider, Heise Medien GmbH & Co. KG: www.heise.de
- Newsletter
- When you register for an email newsletter, Weleda requires your form of address, name and the email address the newsletter should be sent to. Any other information is provided voluntarily and is used to address you personally and to be able to personalise the newsletter and answer queries on the email address.
- If you register for the newsletter on this web page, Weleda uses the data you enter exclusively for this purpose or to inform you of relevant circumstances concerning this service or its registration. Weleda passes this data on to the third-party provider APSIS for newsletter mailing management and implementation. Weleda has concluded an agreement on the commissioned order processing procedure with APSIS, its email marketing service provider. This ensures that said service provider complies with the strict specifications of German data protection law in every aspect when managing and implementing the newsletter mailing. This also ensures that your data is only stored in the EU with a high degree of protection. Your data is not stored on servers outside of the EU.
- A valid email address is required to receive the newsletter. The IP address you use to register for the newsletter and the date you order the newsletter are also stored. This data shall serve as evidence for Weleda in case of misuse, in case an unknown email address is registered for the newsletter.
- You may at any time withdraw your consent to the storage of the data, your email address and its use for newsletter delivery with effect for the future. Weleda provides a link you can use for said withdrawal in every newsletter. You can also communicate your request for withdrawal in writing to our Customer Care team at [email protected].
- Product reviews
- You can review all products on this website. The review is left under your full first name and the first letter of your surname. Accordingly, you must use your first name and surname and your email address to set up a user account and/or log in. The pseudonym in the form of your complete first name and the first letter of your surname is inserted as the author of a review and the associated identifying details are only known to the administrator.
Updates to this privacy policy
- We will occasionally update this policy to reflect changes in our practices and business. When we do so, we will revise the “last updated” date at the bottom of this policy. Changes will be effective immediately from the date they are posted. If we make any material changes in the way we collect, use, or disclose personal information, we will post an advance notice on our Website. If you do not agree to any change you must immediately cease using or accessing our Website.
How to contact us
- If you have any queries or concerns about our Privacy Policy or our handling of your personal information please contact us at [email protected].
Cookies
- We use cookies (an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) to monitor your use of the website. You may disable cookies by changing the settings on your browser, although this may mean that you cannot use all of the features of the website. Read our cookie declaration here.
‘Facebook Custom Audience’ / ‘Facebook Pixel’ with advanced matching
- ‘Facebook Custom Audience‘ and “Facebook Pixel” are products of Meta Platform Inc, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (’Facebook"). Our website uses a ‘Facebook Pixel’ from Facebook, which establishes a direct connection to the Facebook servers.
- By storing the Facebook pixel on the end device, the behaviour of users after clicking on a Facebook ad can be tracked. With the help of the Facebook pixel, we can understand how our marketing measures on Facebook are received and, if necessary, take optimisation measures. For this purpose, interest-based adverts (‘Facebook ads’) are displayed to users of our website when they visit the Facebook social network or other websites that also use the process. Accordingly, we also use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called Facebook ‘Custom Audiences’ or ‘Look Alike Audiences’).
- Through the Facebook pixel, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our level of knowledge:
- By integrating the Facebook pixel, Facebook receives the information that you have clicked on one of our adverts or accessed the corresponding web page on our website. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible for the provider to find out and store your IP address and other identifying features.
- We have also activated enhanced matching. If you have given your consent, enhanced matching enables us to send hashed user data (e.g. names and email addresses) to Meta together with our meta pixel events in order to optimise our Meta ads. This allows us to attribute more conversions, expand our custom audience and ultimately reach more users. To protect your data, hash values are generated from the information generated on the website before it is transmitted to Meta.
- The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TDDDG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 lit. a GDPR. You give the corresponding consent via the consent banner.
- The processing of data by Facebook takes place within the framework of Facebook's Data Usage Policy. Specifically, you can manage what content and information you have shared through your use of Facebook via the ‘Activity Log’ tool or download it via Facebook's ‘Download your data’ tool. Further information and details about Facebook Pixel and how it works can also be found in Facebook's help section.
‘Google AdWords User Lists’ / ‘Google Dynamic Remarketing’ with extended conversions
- ‘Google AdWords User Lists‘ and “Google Dynamic Remarketing” are products of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (’Google"). Our website uses a pixel provided by Google, which establishes a direct connection to the Google servers. This tells the Google server that you have visited our website. Google links this information to a unique ID that is stored on your end device in the form of a cookie or provided by your end device (‘advertising ID’ for smartphones). If you visit other websites that also use ‘Google AdWords User Lists’ / ‘Google Dynamic Remarketing’, this information will also be linked to your unique ID. However, we cannot see which other websites you visit.
- In addition, we have activated the so-called Enhanced Conversions. This is a function of Google Ads. If you have given your consent, existing conversion tags are supplemented with conversion data collected on the website itself and transmitted to Google in encrypted form. When a conversion is carried out on a website, hashed user data (e.g. names and email addresses) is processed in most cases. This allows us to attribute more conversions. To protect your data, hash values are generated from the information generated on the website before it is transmitted to Google.
- The storage of and access to information in the end user's terminal equipment is based on informed consent in accordance with Section 25 (1) TDDDG. The legal basis for the further processing of your personal data is your voluntary and informed consent in accordance with Art. 6 para. 1 lit. a GDPR. You give the corresponding consent via the consent banner.
- Further information on how Enhanced Conversions works can be found in Google's help section.
Last updated 14/10/2024.
Cookie Declaration
Use of cookies
On our website, information is collected and stored using what are known as browser cookies.
What are cookies?
Cookies are small text files which are stored on your data carrier and store certain settings and data for interacting with our system via your browser. A cookie usually contains the name of the domain that the cookie data was sent from, information on the age of the cookie and an alphanumeric identification code.
Why do we use cookies?
Cookies allow our systems to recognise the user’s device and make any predefined settings available immediately. Once a user accesses the platform, a cookie is transmitted to said user’s computer hard disk. Cookies help us to improve our website and provide you with a better service more tailored to you. They allow us to recognise your computer and/or (mobile) end device if you return to our website, thus enabling us to:
-
Store information on your preferred activities on the website and thus align our website to your individual interests.
-
Speed up processing of your queries.
We work together with third-party services that help us make the online service and website more appealing to you. Accordingly, when you visit the website, cookies from these partner companies (third-party providers) are also stored on your hard disk. These cookies are automatically erased after a fixed period.
Can I decide whether cookies are used?
If you do not wish browser cookies to be used, you can adjust the settings for the cookies used on this end device as you wish at any time, by clicking on the cookie settings. Alternatively, you can adjust your browser's settings to prevent it from accepting the storage of cookies. Please note that in that case, you may only be able to use our website to a limited extent, or not at all. If you only wish to accept our own cookies, not those of our service providers and partners, you can select the setting ‘block cookies from third-party providers’ in your browser. We accept no responsibility for the use of third-party cookies.
Cookie Settings
Functional Cookies
These cookies are used to enhance and simplify your user experience. For example, they may remember information about previous choices you have made, remember your password, or allow video or social media content to be properly viewed on the website. Some of them may be required for system administration, to prevent fraudulent activity, to keep you logged in from one page to another, or for a shopping cart function. These cookies cannot be switched off as our website cannot function properly without them.
Cookie Name | Description | Default expiration time |
CUSTOMER_UUID | Konakart: The customer UUID is a key to customer information stored in the database. Customer name, guest customer ID, customer preferences and customer locale are stored. | End of browser session |
JSESSIONID | Tomcat: Session cookie. Used to identify browser information for the session. | End of browser session |
_visitor | Hippo: The only information stored in this cookie is the visitor ID, a UUID that does not contain any information in itself apart from an identifier to distinguish the visitor from other visitors. See www.onehippo.org | 2 years |
_weleda_accepted_cookie | Weleda: This stores a Boolean (true/false) when user accepts the cookie policy. | 5 days from set/update |
nlSubscriptions | Weleda: Records the internal Newsletter Mailing List IDs for which the user subscribed or declined through the Website, as well as the Date of the event. The cookie is used to track the closing or filling of newsletter subscriptions forms on the Website, in order to provide a better user experience. | 30 days from last set/update |
newsletterbar | Weleda: Contains the value « collapsed » when the user collapses the newsletter-bar module on the website. Is used to keep showing the module collapsed during the Session. | 30 days from last set/update |
weledaCookieOptInState | Weleda: Records if you have accepted the use of cookies on the website. It does not contain any user information. It collects information in an anonymous form by using a unique identifier. This cookie remains on your computer after the session has closed. | This cookie remains on your computer after the session has ended until you delete your cookies. |
cookieNoticeRead | Weleda: Records whether you have been shown the Cookie policy banner at your arrival on to the site, so as not to show it to you again. It collects information in an anonymous form using a unique identifier. This cookie remains on your computer after the session has closed. | 5 days from set/update |
Performance, Analytics and Targeting Cookies
These cookies allow us to collect information about your use of our site, and are used to help us understand how you interact with our site so we can provide you with an improved user experience e.g. to assess the performance of our website, or to test different design ideas for the website. We may work with third parties to perform these services for us, so these cookies may be set by a third party.
Cookie Name | Description | Default expiration time |
---|---|---|
__utma | Google analytics: Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics. See developers.google.com | 2 years from set/update |
__utmb | Google analytics: Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics. | 30 mins from set/update |
__utmc | Google analytics: Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit. | End of browser session |
__utmz | Google analytics: Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics. | 6 months from set/update |
__utmx | Google analytics: Google Analytics - Used to determine a user's inclusion in an experiment. | Valid for 18 months. |
__utmxx | Google analytics: Google Analytics - Used to determine the expiry of experiments a user has been included in. | Valid for 18 months. |
_ga | Google analytics: Used to distinguish users. Used in file analytics.js | 2 years |
_gat_UA-57093936-10 | Google analytics: Used to throttle request rate. Used in file analytics.js | 10 minutes |
_gaexp | Google Optimize: Google Optimize - Used to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in | Expires after 90 days. |
_olapicU | Olapic Inc.: These cookies work with Olapic, a social images sharing tool, owned by Olapic Inc, These cookies track user actions to allow us to interact with users of social media platforms. More Information can be found at www.olapic.com/privacy-policy | Expires after 4 weeks. |
_atuvc | AddThis: The _atuvc cookie is created and read by the AddThis social sharing site JavaScript on the client side in order to make sure the user sees the updated count if they share a page and return to it before our share count cache is updated. No data from that cookie is sent back to AddThis and removing it when disabling cookies would cause unexpected behavior for users. | Expires after 2 years. |
JSESSIONID | Weleda: The cookie allows us to identify you as a visitor to the Website, stores your session ID and is removed when you close your browser | Expires after Session has ended. |
_dc_gtm_UA-(ID) | Weleda: This cookie allow us to track events and analytics on the website | Expires after Session has ended. |
mf_[session] |
Mouseflow 1st party cookies, session lifetime: A cookie for identifying the browser session. This cookie identifies the browser session while it happens. The cookie is deleted as soon as the session ends, meaning when the user leaves the website. |
End of browser session |
mf_user |
Mouseflow 1st party cookie, persistent: A cookie for checking if the user is new or returning This cookie establishes whether the user is a returning or first time visitor. This is done simply by a yes/no toggle - no further information about the user is stored. This cookie has a lifetime of 90 days. |
90 days from last visit |