Privacy policy
Who is responsible for data processing operations?
This is an information page as part of our legal notice.
Please note that in addition to customer service, the Group companies, for example, are also part of the SOCCA GROUP controller. In principle, your personal or personal-related data can therefore be legitimately processed both by the customer service department and by the Group companies.
If you have any questions regarding the processing of your personal data, please contact customer support or the SOCCA GROUP data protection officer directly:
SOCCA Holding GmbH & Co. KG
Mangfallstraße 37
83026 Rosenheim
Germany
data protection[at]socca[dot]de
+49 8031 23789-10 (Monday to Friday from 08:00 to 18:00)
When does the SOCCA GROUP collect and process personal data?
We collect and process data about you in the following cases:
- If you contact us directly, for example via our website or via our customer service, and you are interested in our products or services or have any other concerns.
- If you enter data yourself in our online forms.
- When you send us your application documents.
- If other Group companies and individual business partners who offer products and services on our behalf make data about you available to us as authorised.
- When you respond to our direct marketing activities, for example when you complete a response card or when you submit your data online on a landing page.
What data can be collected about you by the SOCCA GROUP?
The following categories of personal data may be collected through the various services and contact channels described in this Privacy Notice:
Contact details
Name, address, telephone number, e-mail address.
Personal data and interests
Information provided by yourself on date of birth, education, household size, professional situation, sporting activities, sporting career, support of professional clubs as a fan, club memberships, coaching activities.
Use of websites and communication
Information about how you use the website and whether you open or forward communications from us, including data collected via cookies and other tracking technologies. Further information can be found here in our Cookie Policy.
For what purposes is your data processed?
We need your personal data for the following purposes:
- to be able to identify you when you contact us,
- in order to be able to process your application,
- to improve communication with you and to provide you with more personalised support,
- for other purposes only insofar as this is necessary and legally permissible.
In most of these cases, you have the option of opting out of the use of your data, for example by withdrawing your data protection consent or no longer using a particular service. You can do this, for example, by contacting our customer service.
However, there are also cases in which you cannot effectively object to the use of your data, subject to legal provisions to the contrary:
- If there is a contract between you and us
- In the case of existing overriding legislation.
We do not pass on your data to third parties, with the following exceptions:
- If we are obliged to provide information within the framework of legal requirements.
- In the event of the sale of one or more business units of the SOCCA GROUP to a company to which we transfer our rights, in compliance with any existing agreements with you.
- To the extent permitted and required by law, for example for fraud defence.
Integration of fonts
Fonts from Google Fonts (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”)) are integrated on this website. The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights in this regard and setting options to protect your privacy can be found in Google’s data protection information: google.com/intl/en/policies/privacy/.
Fonts from Font Awesome (Fonticons Inc., 6 Porter Road, Apartment 3R, Cambridge, MA 02140, United States (“Font Awesome”)) are integrated on this website. The purpose and scope of the data collection and the further processing and use of the data by Font Awesome as well as your rights in this regard and setting options for protecting your privacy can be found in Font Awesome’s data protection information: fontawesome.com/privacy.
Integration of analysis tools
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We have concluded a data processing agreement with Google for this purpose. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable your use of the website to be analysed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. The storage of Google Analytics cookies is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
IP anonymisation
We have activated the IP anonymisation function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
How do we protect your personal data at the SOCCA GROUP?
We use various security measures such as state-of-the-art encryption and authentication tools to protect and maintain the security, integrity and availability of your data. One hundred percent protection against unauthorised access cannot be guaranteed for data transmissions over the Internet or a website, but we and our service providers and business partners make every effort to protect your personal data in accordance with the applicable data protection regulations by means of physical, electronic and procedural security measures in accordance with the current state of the art. Among other things, we use the following measures:
- Strict criteria for authorisation to access your data according to the “need-to-know principle” (restriction to as few people as possible) and exclusively for the specified purpose,
- Disclosure of collected data exclusively in encrypted form,
- Storage of confidential data, for example credit card data, exclusively in encrypted form,
- Firewall protection of IT systems to protect against unauthorised access, for example by hackers and
- permanent monitoring of access to IT systems to recognise and prevent the misuse of personal data.
How long do we store your data at the SOCCA GROUP?
We will only retain your data for as long as is necessary for the specific purposes for which we process your data. If we process data for multiple purposes, it will be automatically deleted or stored in a format that does not allow any direct conclusions to be drawn about you as soon as the last specific purpose has been fulfilled. To ensure that all your data is deleted in accordance with the principle of data minimisation, the SOCCA GROUP has developed an internal deletion concept. The basic principles according to which this deletion concept provides for the deletion of your personal data are set out below.
Use for the fulfilment of a contract
In order to fulfil contractual obligations, data collected from you may be stored for as long as the contract is in force and, depending on the nature and scope of the contract, for 6 or 10 years beyond this period in order to comply with statutory retention obligations and to clarify any enquiries or claims after the contract has expired.
Use for checking claims
Data which, in our judgement, will be necessary to investigate, defend or bring a criminal prosecution or claim against you, us or a third party may be retained by us for as long as such proceedings may be brought.
Use for customer service and marketing purposes
For customer service and marketing purposes, the data collected from you may be stored for 3 to 10 years after collection, unless you request the deletion of this data and there are no contractual or statutory retention obligations that conflict with this deletion request.
How can you view and change your data protection settings online?
You can change your settings for the use of your data yourself at any time by opting out using the button provided.
Your data protection rights and your right to lodge a complaint with the data protection authority
If you have any questions about the use of your personal data by us, it is best to first contact customer support – either by email at or by telephone on +49 8031 23789-10 (daily 08:00 – 18:00). You can also contact the responsible data protection officer.
As a person affected by the processing of your data, you can assert certain rights against us in accordance with the GDPR and other relevant data protection regulations. The following section contains explanations of your rights as a data subject under the GDPR. Depending on the nature and scope of your enquiry, we will ask you to send it to us in writing.
Rights of data subjects
According to the GDPR, you have the following rights in particular vis-à-vis SOCCASHAPE as a data subject:
Right to information (Art. 15 GDPR)
You can request information from us at any time about the data we hold about you. This information concerns, among other things, the categories of data we process, the purposes for which we process them, the origin of the data if we have not collected them directly from you and, if applicable, the recipients to whom we have transmitted your data. You can receive a copy of your data from us free of charge. If you are interested in further copies, we reserve the right to charge you for the additional copies.
Right to rectification (Art. 16 GDPR)
You can ask us to correct your data. We will take reasonable steps to keep the information we hold and process about you accurate, complete and up to date, based on the most recent information available to us.
Right to erasure (Art. 17 GDPR)
You can request that we erase your data if the legal requirements for this are met. According to Art. 17 GDPR, this may be the case if:
- the data are no longer necessary for the purposes for which they were collected or otherwise processed;
- you withdraw your consent, which is the basis for the data processing, and there is no other legal basis for the processing;
- you object to the processing of your data and there are no overriding legitimate grounds for the processing, or you object to data processing for direct marketing purposes;
- the data has been processed unlawfully;
- the processing is not necessary to ensure compliance with a legal obligation that requires us to process your data; in particular with regard to statutory retention periods; to assert, exercise or defend legal claims.
Right to restriction of processing (Art. 18 GDPR)
You can request that we restrict the processing of your data if:
- you dispute the accuracy of the data for the period of time we need to verify the accuracy of the data;
- the processing is unlawful and you oppose the erasure of your data and request the restriction of their use instead;
- we no longer need your data, but you need it to assert, exercise or defend legal claims;
- you have objected to processing pending the verification whether our legitimate grounds override yours.
Right to data portability (Art. 20 GDPR)
At your request, we will transfer your data – insofar as this is technically possible – to another controller. However, you are only entitled to this right if the data processing is based on your consent or is necessary to fulfil a contract. Instead of receiving a copy of your data, you can also ask us to transfer the data directly to another controller specified by you.
Right to object (Art. 21 GDPR)
You can object to the processing of your data at any time for reasons arising from your particular situation, provided that the data processing is based on your consent or on our legitimate interests or those of a third party. In this case, we will no longer process your data. The latter does not apply if we can demonstrate compelling legitimate grounds for the processing which override your interests or if we need your data for the establishment, exercise or defence of legal claims.
Deadlines for the fulfilment of data subject rights
We generally endeavour to respond to all requests within 30 days. However, this period may be extended for reasons relating to the specific rights of the data subject or the complexity of your enquiry.
Restriction of information in the fulfilment of data subject rights
In certain situations, we may not be able to provide you with information about all of your data due to legal requirements. If we have to refuse your request for information in such a case, we will also inform you of the reasons for the refusal.
Complaints to supervisory authorities
The SOCCA GROUP takes your concerns and rights very seriously. We will deal with your concerns individually and personally as quickly as possible. However, if you believe that we have not adequately addressed your complaints or concerns, you have the right to lodge a complaint with a competent data protection authority.