Corestad – Cookieless Tracking – Knowledge Base

App Privacy Policy Corestad – Cookieless Tracking

Shopify App – Corestad – Cookieless Tracking

Corestad GmbH operates the website and its application “Corestad – Cookieless Tracking” (hereinafter referred to as “website”, “app”, together “services”) with its registered office in 1070 Vienna, Mariahilfer Straße 54/15 as a service provider, media owner, and publisher (hereinafter referred to as “the responsible party”).

The protection of your personal data is of particular concern to us. We treat your personal data confidentially and process your data exclusively based on the legal provisions (GDPR, DSG (Austria), TKG (Austria) 2003). The definitions of terms used in this data protection notice are based on the General Data Protection Regulation (Regulation (EU) 2016/679).

For our Website, please refer to our Websites Privacy Policy found here.

We value your privacy and are committed to protecting your personal information. Before you can start using our app, please take a moment to review and understand our Terms and Conditions and Privacy Policy.

At Corestad, we believe in transparency and want you to be fully informed about the data we collect, how we use it, and the measures we take to safeguard your information. Our Terms and Conditions outline the rules and guidelines for using our app, while our Privacy Policy explains how we handle your personal data and the choices you have regarding its collection and usage.

By accepting the Terms of the App “Corestad – Cookieless Tracking”, you acknowledge that you have read, understood, and agreed to comply with our Terms and Conditions and Privacy Policy of Corestad GmbH along with applicable Shopify Terms and Privacy Policy. These documents are designed to protect both you, our valued user, and us as a service provider.

Your privacy matters to us, and we are committed to ensuring that your personal information is handled responsibly and in accordance with applicable laws and regulations. We utilize industry-standard security measures to protect your data and are dedicated to continuously improving our practices to maintain your trust. We only collect minimal data required to be able to provide you with this service.

Please note that by using “Corestad – Cookieless Tracking”, you consent to the collection, use, and sharing of the data as described in our Privacy Policy. It is important to review both the Terms and Conditions and Privacy Policy before proceeding with the app to ensure you have a clear understanding of our practices.

We encourage you to contact us if you have any questions, concerns, or require further clarification about our Terms and Conditions or Privacy Policy.

Usage of Google Analytics API

Corestad – Cookies Tracking’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements. Please see the Google API Services User Data Policy for more information.

Data Collection Scope

We adhere to the principle of data minimization and only collect the necessary data for the operation of our Shopify App. We do not log any user activity within our application not mandatory by Shopify, and we do not transfer end-user data to our servers, except as outlined in this Policy.

Data Collected

The following information may be collected during the use of our App:

  • Shop ID and Shop URL: This information is collected for identification and authentication purposes within the Shopify environment.
  • Authentication Data from Provided Services (Google Analytics 4): We may collect authentication tokens and keys from the provided Google Analytics 4 service to enable integration and functionality.
  • Company Information: We may collect company information, including name, address, email address, and payment information, to facilitate billing and communication processes.

Data Retention

Upon removal of our Application from the Shopify Store by the Merchant, we will securely dispose of the associated data, unless there is a legal obligation or legitimate reason for us to retain such data in compliance with applicable law.


We reserve the right to send periodic emails to users regarding updates and new features related to our services. However, you have the option to opt out of receiving these emails at any time by following the unsubscribe instructions provided in the communication.

Data Security

We implement appropriate technical and organizational measures to safeguard the collected data against unauthorized access, disclosure, alteration, or destruction. These measures comply with the requirements of the GDPR and relevant data protection laws.

Legal Basis for Processing

The processing of personal data outlined in this Policy is based on the legitimate interests pursued by us as a service provider and as necessary for the performance of the contract between us and the Merchant. We ensure that any processing activities align with the principles of data protection and the rights of data subjects.

Your Rights

As a data subject, you have the right to exercise your data protection rights under the GDPR, including the right to access, rectify, erase, restrict processing, object to processing, data portability, and the right not to be subject to automated decision-making.

Contact Information

For any inquiries, requests, or concerns regarding this Policy or the processing of your personal data, please contact us at the following address:

Corestad GmbH

Changes to this Policy

We reserve the right to update or modify this Privacy Policy from time to time. Any changes will be posted on our website, and the updated version will be effective as of the date of publication. We encourage you to review this Policy periodically to stay informed about how we handle and protect your personal data.

This Privacy Policy is effective as of 01/07/2023.