Introduction and General Information

Thank you for your interest in our website. Protecting your personal data is very important to us. Below you will find information on how we handle your data, which is collected through your use of our website. Your data is processed in accordance with applicable data protection laws.

Controller according to the GDPR

iko Sportartikel Handels GmbH
Kufsteiner Str. 72
83064 Raubling
Germany
Phone: +49 8035 8707-0
Email: info@corratec.com

Contact Details of the Data Protection Officer

Proliance GmbH / www.datenschutzexperte.de
Data Protection Officer
Leopoldstr. 21
80802 Munich
Email: datenschutzbeauftragter@datenschutzexperte.de

Please mention the company your inquiry refers to when contacting the Data Protection Officer. Refrain from including sensitive information such as ID copies.

 

Definitions

Our privacy policy is intended to be easy and understandable for everyone. Therefore, we generally use the official terms of the General Data Protection Regulation (GDPR). Official definitions are provided in Art. 4 GDPR.

 

Access to and Storage of Information in End Devices

When using our website, access to information (e.g. IP address) or the storage of information (e.g. cookies) on your end device may occur. This access or storage may involve further processing of personal data under the GDPR.

If this is strictly necessary to technically provide our services, the legal basis is § 25 (1) sentence 1, (2) no. 2 TDDDG.
For all other purposes (e.g., to customize our website), it will only occur with your consent in accordance with Art. 6 (1)(a) GDPR. You may withdraw your consent at any time with future effect. The processing of your personal data is subject to the provisions of the GDPR and the Federal Data Protection Act (BDSG).

Further information about the processing of your personal data and the legal basis can be found in the following sections.

 

Web Hosting

This website is hosted by an external service provider (host). Hosting is provided by Microsoft Azure Cloud, in [XX – location to be specified].
Personal data collected through this website is stored on the host’s servers. This may include IP addresses, contact requests, metadata, communication data, website visits, and other data generated through the website.

These data are collected to ensure smooth operation and technical provision of our services. The legal basis is our legitimate interest under Art. 6 (1)(f) GDPR.
We have concluded a Data Processing Agreement with Microsoft Azure Cloud as per Art. 28 GDPR to ensure data protection and non-disclosure to third parties.

 

Server Log Files

When you access our website, certain data are transmitted from your browser to our server. These include:

• Date and time of the request
• Name of the requested file
• Referring page
• Access status
• Browser and operating system used
• Full IP address of the requesting computer
• Amount of data transferred

These data are collected to ensure a stable and secure system. Legal basis: Art. 6 (1)(f) GDPR.
For technical security reasons, these data are stored temporarily and anonymized (by shortening the IP) after no more than XX days, making personal identification no longer possible.
The data may be used anonymously for statistical purposes. No data is shared or compared with other sources.

 

Contact Form and Email Inquiries

When you send us inquiries via the contact form or email, your data, including any personal data provided, will be stored and used to process your request and for follow-up questions.
Providing your email is mandatory; your name and phone number are optional.
Legal basis: Art. 6 (1)(f) GDPR (legitimate interest in responding to inquiries) and possibly Art. 6 (1)(b) GDPR (contractual intent).
Your data will be deleted once processing is complete unless legal obligations require storage. You may object at any time.

 

Submitting Applications

If you apply via our form or by email, we collect personal data including your name, contact details, CV, qualifications, and optional sensitive data (e.g., disability status).
The primary legal basis is § 26 (1) BDSG. If consent is required, Art. 6 (1)(a) GDPR in conjunction with § 26 (2) BDSG applies. You may withdraw consent at any time.

Only authorized personnel (e.g., HR) will access your application. No unauthorized third-party sharing occurs.
Data are stored during the application process and deleted after 6 months unless consent is given to retain them for up to 1 year. In case of acceptance, your application is archived in your employee file.

 

Cookies

Our website uses cookies – temporary (session) or persistent. Session cookies are deleted automatically, while persistent ones remain until manually deleted.
Some cookies are essential (e.g., for the shopping cart), while others help us analyze usage or serve ads.

Essential cookies: Art. 6 (1)(f) GDPR.
Optional cookies: Art. 6 (1)(a) GDPR (consent-based). Consent can be revoked at any time.

You can control cookie settings via your browser:

• Google Chrome
• Mozilla Firefox
• Microsoft Edge
• Safari
• Opera

You can also manage ad cookies via:

• https://www.aboutads.info/choices/
• http://www.youronlinechoices.com/uk/your-ad-choices

Many browsers also offer “Do Not Track” settings.

You can block scripts (e.g., JavaScript) via tools like NoScript: https://addons.mozilla.org/en/firefox/addon/noscript/
Please note: disabling cookies may limit website functionality.

 

Change Cookie Settings

You can withdraw or change your cookie settings at any time via the fingerprint icon (bottom left) or this link: [Insert Cookie Settings Hyperlink].

 

Google Analytics

We use Google Analytics by Google Ireland Ltd. (Barrow Street, Dublin 4, Ireland). It uses cookies to analyze site usage.
Google processes this data on our behalf and is under contract (Art. 28 GDPR). We use IP anonymization, and data are never linked with other Google data. Legal basis: Art. 6 (1)(a) GDPR (consent).

For transfers outside the EU/EEA, Google LLC is certified under the EU-U.S. Data Privacy Framework.
Standard Contractual Clauses (Art. 46 (2)(c) GDPR) are used when no adequacy decision exists.

Retention: User/event data are deleted after 14 months.
You can prevent tracking with the browser add-on: https://tools.google.com/dlpage/gaoptout?hl=en

 

Meta Pixel

We use Meta Pixel by Meta Platforms Ireland Ltd. (Dublin, Ireland). Legal basis: Art. 6 (1)(a) GDPR (consent).
Meta Pixel helps display ads to users who visited our site. It may track conversions and uses cookies.
We cannot identify users; Meta may link to your Facebook account. If logged in, visits may be assigned to your profile.

Meta is certified under the EU-U.S. Data Privacy Framework. Additional safeguards include standard contractual clauses.
Privacy info:

• https://www.facebook.com/about/privacy
• Meta Pixel: https://www.facebook.com/business/help/651294705016616
• Ad preferences: https://www.facebook.com/settings?tab=ads
• Opt-out tools:
• http://optout.networkadvertising.org/
• http://www.aboutads.info/choices
• http://www.youronlinechoices.com/uk/your-ad-choices

Clearing cookies resets these preferences.

 

Mailchimp

For newsletter subscriptions, we need your email (required), name (optional).
We use a double opt-in procedure. Legal basis: Art. 6 (1)(a) GDPR.

We store the IP address and timestamp of your consent for security. You can unsubscribe at any time via a link or by emailing the controller.

Mailchimp (Rocket Science Group LLC, Atlanta, USA) is our email service provider.
Privacy policy: https://mailchimp.com/legal/privacy/
We’ve signed standard contractual clauses under Art. 46 (2)(c) GDPR for third-country transfers.

 

Google Maps

Our website uses Google Maps (Google Ireland Ltd., Dublin). This requires storing your IP address.
Legal basis: Art. 6 (1)(a) GDPR, § 25 (1) TDDDG.

Google LLC is certified under the EU-U.S. Data Privacy Framework.
Standard contractual clauses are in place for any additional data transfers.
Privacy policy: https://www.google.de/intl/de/policies/privacy/
Opt-out: https://www.google.com/settings/ads/

 

External Links

Social networks (LinkedIn, Facebook, Instagram) are integrated as links only. Data is only transmitted after clicking the link. Refer to the respective platforms' privacy policies.

 

Data Sharing and Recipients

Your data is not shared unless:

• Stated in this policy
• You’ve given consent (Art. 6 (1)(a) GDPR)
• Required to assert legal claims (Art. 6 (1)(f) GDPR)
• Required by law (Art. 6 (1)(c) GDPR)
• Needed for contract fulfillment (Art. 6 (1)(b) GDPR)

We use carefully selected service providers (e.g., hosting, email, IT maintenance) with processing agreements under Art. 28 GDPR.

 

Data Security

According to Art. 32 GDPR, we implement technical and organizational measures for data security, including SSL encryption for secure transmission of sensitive content.

 

Data Retention

Unless otherwise stated, data are stored only as long as needed for processing purposes. They are deleted when no longer necessary or after a valid deletion request, unless legal obligations require continued storage (e.g., tax or commercial laws).

 

Your Rights

Under GDPR, you have the following rights:

• Art. 15: Right of access
• Art. 16: Right to rectification
• Art. 17: Right to erasure
• Art. 18: Right to restrict processing
• Art. 20: Right to data portability
• Art. 77: Right to lodge a complaint with a supervisory authority
• Art. 7(3): Right to withdraw consent at any time

 

Right to Object

If your data is processed under legitimate interest (Art. 6 (1)(f) GDPR), you may object under Art. 21 GDPR. For direct marketing, you may object at any time without giving reasons.

To exercise your rights, email: marketing@corratec.com

 

Legal Obligations

Providing personal data for contract purposes is voluntary. However, certain services may not be available without the necessary information.

 

Automated Decision-Making

We do not use automated decision-making or profiling under Art. 22 GDPR.

 

Updates to This Policy

We reserve the right to update this privacy policy to comply with legal changes or to reflect changes in services.

Last updated: April 14, 2025