Privacy Policy


Thank you for choosing COROS! The protection of personal data is important to us. We process personal data only in accordance with the applicable data protection requirements, including the EU General Data Protection Regulation (“GDPR”). In this Data Protection Information, you will find all information about the processing of your personal data in connection with your use of our websites, COROS watches, COROS helmets, COROS PODs and COROS app. Furthermore, you will find information on your data protection rights.


Who is the data controller?

Identity and contact details of the controller:

COROS Wearables, Inc.

Address: 41 Corporate Park Suite 205, Irvine, CA 92606, USA

Email: support@coros.com

Phone: +1 (855) 934-4411


Identity and contact details of the controller's representative:

Alec Duffield

Address: De Oude Veiling 79M, 1689 AD Zwaag, Netherlands

Email: support@coros.com

Phone: +1 (855) 934-4411


How can you reach our data protection officer?

David Song

Address: 3 Peters Canyon Road Suite 100, Irvine, CA 92606, USA

Email: support@coros.com

Phone: +1 (855) 934-4411


How do we process your personal data?

I. When you visit our website

When you visit our website, we process your personal data in order to provide you with the contents of our website, to safeguard the security of our IT infrastructure, and to send you our newsletter if you have signed up for it. We also use third-party plug-ins on our website.

You can find more detailed information about this below:  


1. Provision of content

When you visit our website, data is temporarily processed on our web server in order to provide you with the requested content of the website.  

For this purpose, we process HTTP Data.

The legal basis of the processing is our legitimate interest (Art. 6(1)(1)(f) GDPR). Our legitimate interest is the provision of the content of the website accessed by you.

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider.  


2. Security of the IT infrastructure

When you visit our website, we temporarily store data in log files on our web server and evaluate them to ensure the security of the IT infrastructure used to provide the website, in particular to detect, eliminate and document faults (e.g. DDoS attacks) in an evidential manner.  

For this purpose, we process HTTP Data.  

The legal basis of the processing is our legitimate interest (Art. 6(1)(1)(f) DS-GVO). Our legitimate interest is to ensure the security of the IT infrastructure used for the provision of the website, in particular for the detection, elimination and evidentiary documentation of faults (e.g. DDoS attacks).

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider.  


3. Use of third-party provider plug-ins

Third-party provider plug-ins are embedded in the website, allowing you to use functions on the website offered by third-party providers. The plug-ins are embedded in the website via a 2-click solution. With this solution, the relevant plug-in is not enabled directly when the website is accessed, but only once you click on the activation button provided for the relevant plug-in.  

If you enable a third-party provider plug-in, you will use a function offered by the provider of that plug-in under their own responsibility, which is only visually embedded in our website. When you enable a plug-in, the provider of that plug-in may receive personal data from you. When you enable the plug-in, the provider of that plug-in may also use cookies.  

We use the plug-in for the YouTube Player provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; for the store locator, we use the plug-in provided by Store Locator Widgets Technology, 270 Biscayne Blvd Way, Miami, FL 33131, USA; for map downloads, we use the plug-in provided by OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge CB4 0WS, United Kingdom.


4. Newsletter

If you request our newsletter and provide us with your email address, we will process your personal data to send you our newsletter.

For this purpose, we will process your Contact Data.

The legal basis of the processing is the consent given by you (Art. 6(1)(1)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@COROS.com.

As part of the processing, we transfer your data to the following categories of recipients: Email Service Provider.  


II. Web analytics technologies and pixels

Upon receiving your consent, we will use web analytics technologies on our website. This allows us to collect and evaluate information about your activities on our website. For this purpose, we create a profile that we assign to your device. When you visit our website again, we can recognize your device. The information obtained is used to improve our website and for other aims (e.g. improving our visibility on the internet). Moreover, we analyze our sales performance by processing personal data to understand how customers reach our website and what products they buy.

Below you will find more detailed information about this:  


1. Web analysis

Upon receiving your consent, we will collect information about your use of our website by means of web analysis tools and store information in a profile related to you. This allows us to improve our website and pursue the aims of our website. In order to be able to assign this information to your device, we assign a unique ID to your device, which is linked to your profile. The data we collect is stored in cookies on your device and will be accessed by us when you visit our website. During your visit to our website, we can recognize your device based on the ID assigned to your device.

We use the web analysis tool “Google Analytics” to generate and store your web analysis profile. This includes information about your use of our website, in particular page views, frequency of page views and dwell time on accessed pages as well as the unique ID assigned to your device. The aim of the analysis is to investigate where the users of our website are from, which areas of our website they visit and how often and for how long they look at each page.  

For this purpose, we process Web Analytics HTTP Data, Web Analytics Device Data and Web Analysis Profile Data. Your IP address is anonymized before storage. To document your consent, we store a unique ID assigned to you for the duration of your consent.  

The legal basis of the processing is the consent given by you (Art. 6(1)(1)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@COROS.com.

As part of the processing, we transfer your data to the following categories of recipients: Web Analysis Tool Provider.


2. Facebook pixel

Upon receiving your consent, we will use the Facebook pixel. Cookies provided by Facebook are used for this purpose. The Facebook pixel enables Facebook to collect information about the activities of users of our website. The information gained is used to evaluate the effectiveness of our Facebook ads and to form target audiences for our Facebook ads. In addition, Facebook may use the information for its own purposes or for the purposes of third parties, for example for creating target groups for other advertisement clients.  

Based on the information collected by the Facebook pixel, Facebook provides us with aggregated, anonymized measurement results for our ads. In particular, this tells us whether users who receive our Facebook advertisements perform certain actions on our website, such as making a purchase ("conversions"). In addition, Facebook will allow us to reach people who have visited our website or performed a specific action on our website on the basis of information collected by Facebook, again via Facebook, and to optimize our types of target groups ("audiences"). In addition, Facebook enables us to create similar target groups ("lookalike audiences") for us based on the information collected by Facebook in order to reach people with our Facebook advertisements who have similar characteristics to the users of our website.

Facebook provides us with evaluations or further information based on the collected data only in aggregated, anonymous form. We cannot associate the information provided to us with any natural person. Facebook is responsible for the collection and processing of personal data. We have no knowledge of the details of the processing of data in Facebook's area of responsibility. For information about Facebook's processing of personal information, please see Facebook's Privacy Policy: https://www.facebook.com/about/privacy/.

For this purpose, we process Pixel HTTP Data, Pixel Device Data, Pixel Event Data and Pixel Analysis Data.

The legal basis of the processing is the consent given by you (Art. 6(1)(1)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@COROS.com.

As part of the processing, we transfer your data to the following categories of recipients: Pixel Service Provider.


3. Sales performance analysis

Upon receiving your consent, we collect information about your purchase by means of product sales tracking tools. This allows us to improve our product presentation and customer journey. In order to be able to assign this information to your device, we assign a unique ID to your device. The data we collect is stored in cookies on your device and will be accessed by us when you visit our website. During your visit to our online shop, we can recognize your device based on the ID assigned to your device.

We use the sales tracking tool “refersion” to generate such data. This includes information about how you reached our online shop as well as the unique ID assigned to your device. The aim of the analysis is to investigate where the users of our online shop come from and what they buy.  

For this purpose, we process Sales Performance HTTP Data and Sales Performance Device Data. Your IP address is anonymized before storage. To document your consent, we store a unique ID assigned to you for the duration of your consent.  

The legal basis of the processing is the consent given by you (Art. 6(1)(1)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@COROS.com.

As part of the processing, we transfer your data to the following categories of recipients: Sales Performance Tool Provider.


III. Online shop

When you purchase a COROS product online, we use cookies to provide you with the shopping cart function. Moreover, we process your data to process your purchase, if necessary, to process your rescission of the purchase agreement in the event of a revocation or other reasons for withdrawal and to provide you with after-sales services. Moreover, we process your personal data if you send us product reviews.


1. Shopping cart

We process your data for the purpose of providing you with the shopping cart function from strictly necessary cookies on our web services.  

For this purpose, we process Shopping Cart Data and Shopping Cart Device Data.  

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR).  

As part of the processing, we transfer your data to the following categories of recipients: Online Shop Tool Provider.


2. Processing your purchase

When you purchase product(s) from our website we process your data to fulfill our obligations under the purchase agreement, in particular to process your payment and for the shipping of the product(s). Furthermore, we will process data to send you transaction emails to inform you of the status of your order.

For this purpose, we process Order Data, Payment Data, Shopping Cart Data, Contact Data and Transaction Email Data.

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR).  

As part of the processing, we transfer your data to the following categories of recipients: Online Shop Tool Provider and Payment Service Provider.


3. Rescission of purchase agreements in the event of revocation or other reasons for withdrawal

If you withdraw from the purchase agreement with us we process your data to refund you the purchase price using the same payment method that you used for the payment of the purchase price. Furthermore, we will process your data to send you transaction emails to inform you of the refund process.

For this purpose, we process Order Data, Payment Data, Shopping Cart Data, Contract Data, Contact Data and Transaction Email Data.

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR).  

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider, your local store and Payment Service Provider.


4. After-sales service

We process your data to provide you with after-sales services, in particular to provide you with warranty services through our local agents.  

For this purpose, we process Contact Data, Order Data and Contract Data.

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider and Your local store agent.


5. Product reviews

If you provide us with a review of a COROS product, we process your data to display your product review on your website.  

For this purpose, we process Contact Data and Review Data.

The legal basis of the processing is our legitimate interest (Art. 6(1)(1)(f) DS-GVO). Our legitimate interest is to use your product review for advertisement purposes.  

As part of the processing, we transfer your data to the following categories of recipients: Product Review Tool.


IV. Your contract with us

When you have concluded a contract with us, we process your data for the performance of the contract, to send you advertisements via email and if you contact our customer support.  


1. Performance of the contract

We process our data to perform your contract with us with regard to any products you bought (e.g. the COROS watch, COROS helmet and COROS pod) and services you use (e.g. COROS App) for accounting purposes and in the event you assert any warranty claims.  

For this purpose, we process Order Data and Contract Data.  

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR).  

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider.


2. Advertising via email

If you gave us your email address when you ordered a COROS product or service, we will use your email address to send you advertisements for our own similar goods and services. When we collected your email address, we clearly informed you that you can object to the use of your email address for advertising purposes at any time without incurring any costs other than the transmission costs according to the basic rates. In addition, we will inform you of your right to object in every email we send you for this purpose and give you a simple way to object to the further use of your email address for this purpose.

For this purpose, we process Contact Data and Contract Data.

The legal basis of the processing is our legitimate interest (Art. 6(1)(1)(f) DS-GVO). Our legitimate interest is to advertise our own similar products to our customers. You can object to this processing at any time.

As part of the processing, we transfer your data to the following categories of recipients: Email Service Provider.  


3. Customer support

When you contact our customer support we process your data to handle your inquiry, in particular to clarify any questions you might have about our products and services. If this is necessary to solve your inquiry COROS’s engineers will access the data that is relevant for your inquiry.

For this purpose, we process Contact Data, Contract Data, Log-In Data, End Device Data, Account Data, Health Data, Health Status Data, Training Data and Communication Data.

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR) and, regarding access to health data, your explicit consent (Art. 6(1)(1)(a), 9(2)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@coros.com.

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider, Group Companies and Customer Support Tool Provider.  


V. Use of the app and COROS wearables

When you use our app and COROS wearables, we process your data (including health data) to install the app, to create a user account, to select the services that are available at your location, to pair your COROS wearables with the app, to provide you with daily insights, to provide analyses of your training performance, to process your feedback on system errors and to provide you with assessments on your health and fitness status. Furthermore, you may choose to share your data with your coach or third party platforms. If you save an emergency contact, we will contact him or her in an emergency.


1. Installing the app

When you install the COROS app on your device we will process your data to ensure the compatibility of the software with your device. In addition, we will identify the country/region you are in when you install the COROS app.

For this purpose, we process End Device Data.  

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR).  

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider.


2. User account

When you use our COROS app we will ask you to create a user account. In particular, we will ask you to choose login information and provide general information about yourself, and we will verify the email address you provide to us. The user account is necessary to use all functionalities of your COROS watch, COROS helmet and COROS pod. Furthermore, you may give us access to your end device’s camera and photos/images stored therein to choose a photo/images for your COROS user account. You may also use your WeChat or Facebook user account to create a user account with COROS.  

For this purpose, we process Log-In Data, End Device Data, Account Data and photos/images (if you granted us access).  

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR).  

As part of the processing, we transfer your data to the following categories of recipients: Social Network Provider.  


3. Selected services that are available in your location  

After you have installed the COROS app and created a user account we process your data to identify the country/region you were in when you installed the COROS app to provide you with the services available in that country.

For this purpose, we process Localization Data.

The legal basis of the processing is our legitimate interest (Art. 6(1)(1)(f) DS-GVO). Our legitimate interest is to offer you selected services based on your location.

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider.  


4. Device pairing

If you want to track your training and make full use of our services you will have to pair your COROS watch, COROS pod and/or COROS helmet with the COROS app. To pair your device you will have to either enable the Bluetooth function on your end device to transmit the COROS Device ID or enable your camera on your end device and scan the QR code on the COROS devices.

For this purpose, we process the COROS Device ID.

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR).  

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider.  


5. Daily use insights for users

Upon receiving your consent, sensors on the COROS wearables collect data on your physical health and environment. The algorithm in the COROS wearables processes the data and the COROS wearables transmit such data via Bluetooth to the COROS app. The COROS app will upload the data to the COROS servers via an internet connection. We will process a limited set of data to provide you with daily insights into your body and health.    

For this purpose, we process Training Data and Health Data.

The legal basis of the processing is your explicit consent (Art. 6(1)(1)(a), 9(2)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@coros.com.

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider.


6. Training performance analysis

When you do sports or any other exercises you may start the training performance tracking. Then, sensors in your COROS wearable will collect data on your training and we will process such data to provide you with training performance analyses. Specifically, during your exercise, we will process your location data and automatically generate a sporting trail thumbnail image (if it is applicable for your exercise), and upload the sporting trail thumbnail image to the COROS servers so that your movement path during your exercise can be displayed simultaneously on your exercise summary page within the COROS app.

For this purpose, we process Health Status Data, Training Data, Health Data and Location Data.  

The legal basis of the processing is your explicit consent (Art. 6(1)(1)(a), 9(2)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@coros.com.

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider and Third Party Platforms Provider (if you have consented to the transfer).


7. Feedback on system errors

We will collect and use your device information, images/videos uploaded by yourself about the system errors, and app logs for diagnostic and troubleshooting purposes to improve our services. If you provide your email address along with your feedback we may contact you for further information.  

For this purpose, we process End Device Characteristics, App Log File Data and Contact Data, and photos/images/videos uploaded by yourself (if you granted us access).  

The legal basis of the processing is the consent given by you (Art. 6(1)(1)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@coros.com.  

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR) and, regarding access to health data and the transfer of personal data to the country or region where the after-sales engineer is located, your consent (Art. 6(1)(1)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@coros.com.

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider and Group Companies.  


8. Assessment on your health and fitness status

Upon receiving your consent, we collect information on your physical fitness and analyze such data and your training records to provide you with assessments of your health and fitness status.

For this purpose, we process Health Status Data, Training Data and Health Data.  

The legal basis of the processing is your explicit consent (Art. 6(1)(1)(a), 9(2)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@coros.com.

As part of the processing, we transfer your data to the following categories of recipients: Hosting Provider.


9. Coaching services

COROS may certify coaches. Such coaches will be granted a coach account on the COROS platform and may invite you to join a training group. You may share your training records with such coaches.  

For this purpose, we process Training Data, Health Data and Location Data.  

The legal basis of the processing is your explicit consent (Art. 6(1)(1)(a), 9(2)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@coros.com.

As part of the processing, we transfer your data to the following categories of recipients: Your coach and Third Party Platform Provider.  


10. Third-party platform data synchronizing

Upon receiving your consent, we will transmit your training records to third-party platforms as chosen by you.  

For this purpose, we process Training Data, Health Data and Location Data.  

The legal basis of the processing is your explicit consent (Art. 6(1)(1)(a), 9(2)(a) GDPR). You may revoke your consent at any time, e.g. by email to support@coros.com.

As part of the processing, we transfer your data to the following categories of recipients: Third Party Platform Data Provider.  


11. Emergency contact

You may save an emergency contact in your account. If you use the COROS helmet and the helmet detects an emergency we will send an SMS to your emergency contact. We will inform your emergency contact that you have had an emergency and tell them your location.  

For this purpose, we process Emergency Contact Data and Location Data.  

The legal basis of the processing is the performance of a contract to which you are a party or taking steps at your request prior to entering into a contract (Art. 6(1)(1)(b) GDPR).  

As part of the processing, we transfer your data to the following categories of recipients: Your emergency contact and Hosting Provider.


VI. Use of the COROS Training Hub

When you login to and use the COROS Training Hub, you may check Data Protection Information for COROS Training Hub for more details regarding how we process your personal data (including health data) additionally to the purposes listed above in order to provide the Training Hub services.  


Are users obliged to provide the data and what would be the consequences of not providing it?

You are not obliged to provide your data. Provision is neither legally nor contractually required. However, if you do not provide the data, you may not be able to use all of our services. Providing data which is marked as mandatory data in our online shop checkout process is required to enter into a contract via our online shop.

While we strongly recommend that users use the app with an internet connection because certain features and functions are delivered via the internet, COROS watches can be used without pairing with the COROS app. The COROS app and watch can also be used without any internet connection for a limited duration such as a hiking trip due to the lack of cellular services. In that case, the data will be synced from the watch and saved on the user’s phone.


Does automated decision-making take place?

We do not use automated decision-making, including profiling, on the basis of your personal data in accordance with Art. 22(1) and (4) of the GDPR.


Do we transfer data to countries outside the European Union or the European Economic Area?

COROS products and services are provided worldwide. To offer our products, apps, and services, we may need to transfer your personal data to COROS Group Companies (see definition below), to perform processing activities such as those described in this Privacy Policy in connection with your use of COROS products and services.

For customers residing in a country in the European Economic Area ("EEA") and United Kingdom ("U.K."), your personal data that we collect from you will be collected and stored on servers in the EEA. For customers outside of EEA, U.K, and China, your personal data that we collect from you will be collected and stored on servers in the U.S.

Personal data relating to individuals in the EEA and the U.K. are controlled by COROS Wearables, Inc. Upon receiving your explicit consent (cf. Art. 49(1)(1)(a) GDPR), we will transfer personal data to countries where our Group Companies locate outside the EU that may not provide for an adequate level of data protection to provide with you customer support upon your request. This entails the risk that personal data may also be accessed and processed for the purposes of authorities and/or third parties without your knowledge and that there may be no efficient legal protection against such access and processing.  

Please contact us if you want further information about how COROS transfers your personal data.


How long do we store personal data for?

As a matter of principle, we store personal data only for as long as is necessary to achieve the above-mentioned purposes. Depending on the type of data, there may be statutory retention obligations that make it necessary to retain the data even if the actual processing purpose for which we collected the data has already been fulfilled. For documents relevant to commercial and tax law, statutory retention periods apply.


What rights do you have in relation to the processing under GDPR?

Right to object on grounds relating to your particular situation (Art. 21(1) GDPR)

As a data subject, you have the right under Art. 21(1) GDPR to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6(1)(1)(e) or (f) GDPR; this also applies to profiling based on these provisions.  

In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms as a data subject, or for the assertion, exercise or defense of legal claims.


Right to object to direct marketing (Art. 21(2) GDPR)

If personal data is processed for direct marketing purposes, you as the data subject have the right to object at any time pursuant to Art. 21(2) GDPR to processing of personal data concerning you for such marketing; this also applies to profiling insofar as it is related to such direct marketing.  

In the event of an objection, we will no longer process the personal data for direct marketing purposes.


As a data subject, you also have the following rights in relation to the processing of your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure ("right to be forgotten") (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)  
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)


Privacy Disclosures for California Residents

The California “Shine the Light” Law

California residents are entitled once a year, free of charge, to request and obtain certain information regarding our disclosure, if any, of certain categories of personal information to third parties for their own direct marketing purposes in the preceding calendar year. Please contact us to obtain this information. We do not share your personal information with third parties for those third parties’ direct marketing purposes.


The California Consumer Privacy Act

The California Consumer Privacy Act (“CCPA”) provides California residents with rights to receive certain disclosures regarding the collection, use, and disclosure of information about them, as well as rights to know/access, delete, and limit disclosure of personal information. You have the right to be free from discrimination based on your exercise of your CCPA rights. To the extent that we collect personal information that is subject to the CCPA, that information, our practices, and your rights are described below.


Notice at Collection Regarding the Categories of Personal Information Collected

You have the right to receive notice of the categories of personal information we collect and the purposes for which we use personal information. The following table summarizes the categories of personal information we collect, the categories of sources of that information, and whether we disclose or sell that information to service providers or third parties, respectively. The categories we use to describe personal information are those enumerated in the CCPA. We collect this personal information for the purposes described under “How do we process your personal data?” above.


CategoryInformation TypeSourceWe Disclose To:We Sell To:
Identifiers- Contact information or personal characteristics
- Social media handles
- You
- Our social media pages
- Third party subscription service providers
Service providersNot sold
Health Information- Health information (heart rate, calories burned, steps taken, sleep information)- YouService providersNot sold
Financial Information- Payment card data
- Bank account information
- YouService providersNot sold
Protected Classifications and Other Sensitive Data- Date of Birth
- Gender
- YouService providersNot sold
Geolocation information- Precise (information that describes location with more precision than ZIP code, e.g., GPS data)
- Coarse (information that describes location at ZIP code-level or less precision)
- You
- Our analytics and advertising partners
Service providersAnalytics and advertising partners (coarse location only)
Internet or Electronic Network Activity Information- IP address
- Device identifier (e.g., MAC)
- Unique identifiers (such as those assigned in cookies)
- You
- Our analytics and advertising partners
Service providersAnalytics and advertising partners
Commercial Information- Transaction information
- Billing and payment records
- Order history
- YouService providersNot sold
Professional or Employment-Related Information- Current employer
- Job title
- YouService providersNot sold
Education Information- Education history
- Level of education
- YouService providersNot sold


Entities to whom we disclose information for business purposes are service providers, which are companies that we engage to conduct activities on our behalf. We restrict service providers from using personal information for any purpose that is not related to our engagement.

Entities to whom we “sell” information are third parties. Under the CCPA, a business “sells” personal information when it discloses personal information to a company for monetary or other benefit. A company may be considered a third party either because we disclose personal information to the company for something other than an enumerated business purpose under California law, or because its contract does not restrict it from using personal information for purposes unrelated to the service it provides to us.


Your rights under the CCPA

  • Opt out of sale of personal information: You have the right to opt out of our sale of your personal information to third parties. To exercise this right, please visit our [Do Not Sell My Personal Information] webpage or contact us or our data protection officer using the contact information above. Please be aware that your right to opt out does not apply to our disclosure of personal information to service providers.
  • Know and request access to and deletion of personal information: You have the right to request access to personal information collected about you and information regarding the source of that personal information, the purposes for which we collect it, and the third parties and service providers with to whom we sell or disclose it. You also have the right to request in certain circumstances that we delete personal information that we have collected directly from you. Please contact us or our data protection officer using the contact information above to exercise these rights.


Privacy Disclosures for Nevada Residents

Residents of the State of Nevada have the right to opt out of the sale of certain pieces of their information to third parties. Currently, we do not engage in such sales. If you are a Nevada resident and would like more information about our data sharing practices, please contact us.


Information on defined terms used and categories of recipients indicated in this Data Protection Information

The terms used in this Data Protection Information generally have the meaning used in the General Data Protection Regulation. In addition, we use other terms which are explained below:

  • “App Log File Data” is HTTP data stored in the app’s log files.  
  • “Account Data” includes in particular account name, email address, gender, birth date, height, weight, profile photo/images, country/region.
  • “Communication Data” includes any messages we might exchange, in particular your inquiries and our answers.
  • “Contact Data” includes in particular your name, email address and address.
  • “Contract Data” includes in particular information on your purchases, payment and warranty claims.
  • “COROS Device ID” is a 6-digit device ID assigned to each of our products.  
  • “Customer Support Tool Provider” means Zendesk Inc., 1019 Market Street, San Francisco, CA 94103, USA., and Hangzhou Netease Cloud Technology Co., Ltd.
  • “Email Service Provider” means The Rocket Science Group LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308 USA.
  • “Emergency Contact Data” is the name and telephone number of your emergency contact.  
  • “Emergency Message Data” is the message we send to your emergency contact to inform him or her of your emergency.
  • “End Device Data” is information assigned to the end device you use, e.g. Device ID.
  • “End Device Characteristics” includes in particular module, product, brand, board, device, display, SDK version.
  • “Exercise Data” includes your exercise capacity, 7-day fatigue trend, 7-day exercise performance, 7-day exercise record, recent exercise, fatigue status, lactate threshold, heart rate interval, lactate threshold pace interval, performance prediction.
  • “Group Companies” means the companies that are affiliated with COROS Wearables Inc., including companies with their registered office in China.
  • “Health Data” means data collected by the COROS wearables’ sensors and includes resting heart rate, heart rate variability, calories consumed, sleep time, plateau adaptation, maximum oxygen consumption, sports ability, sport performance, training load, performance prediction, allostatic load, stimulus load, load fatigue, recovery time, training effect, 7-day load total, 4-week load intensity distribution, lactate threshold speed distribution, lactate threshold.
  • “Health Status Data” means the data that you provided when you created your user account and includes health data, in particular age, weight and height.  
  • “Hosting Provider” means Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, USA.
  • “HTTP Data” is protocol data that is technically generated when the website is called up via the Hypertext Transfer Protocol (Secure) (HTTP(S)). This includes the IP address, type and version of your internet browser, the operating system used, the page accessed, the previously visited page (referrer URL), date and time of access.
  • “Location Data” includes your coarse and precise location such as your coordinates and tracked movement path, and the sporting trail thumbnail images that are generated by us based on your tracked movement path during the exercises.
  • “Localization Data” includes the SIM card location of your mobile phone, your IP address, your Country/region provided by you when you create your COROS account, the setting language of the mobile operating system and the time zone you are in when you register an account.
  • “Login Data” is the user name and password you choose for the registration of your account with COROS.
  • “Online Shop Tool” means Shopify Inc., 33 New Montgomery St #750, San Francisco, CA 94105, USA.
  • “Order Data” is information assigned to your order, e.g. Order ID, the name of the product, the quantity.  
  • “Payment Data” includes in particular the amount you paid, timing of your payment and the payment method you used.  
  • “Payment Service Provider” means the payment service provider you choose for the payment of COROS wearables.  
  • “Pixel Device Data” is data that is assigned to your device by the pixel. These include, in particular, a unique visitor ID for recognising returning visitors.
  • “Pixel Event Data” is data that the provider of the pixel collects through the pixel, which is matched with the unique visitor ID of the visitor in question, stored in the Pixel Device Data. This includes actions that take place on the website ("events"). These include, for example, completing a purchase or a registration, the addition of payment information, initiating the checkout process, adding objects to the shopping cart, adding them to wish lists, performing searches, and viewing content. This also includes information related to the actions recorded in each case ("parameters"). These include, for example, the value and currency in which purchases are made.  
  • “Pixel HTTP Data” is protocol data which accrues via the Hypertext Transfer Protocol (Secure) (HTTP(S)) for technical reasons when the pixel on our website is used. This includes IP address, type and version of your internet browser, operating system used, site accessed before visiting the site (referrer URL), date and time of the visit.
  • “Pixel Service Provider” means Facebook Inc., 1601 S California Ave, Palo Alto, CA 94304, USA.
  • “Product Review Tool Provider” means Stamped Technologies Pte. Ltd, 51, Bukit Batok Crescent, #08-05, Unity Centre, Singapore 658077 and Atahost LLC, Washington DC, 20416, USA.
  • "Sale Performance HTTP Data" is data that is technically generated when using the web analytics tool used on our website via the Hypertext Transfer Protocol (Secure) (HTTP(S)). This includes your IP address, type and version of your internet browser, the operating system you are using, the page you accessed, the page you visited previously (referrer URL), and the date and time you accessed it.
  • "Sale Performance Device Data” is data assigned to your end device by the sale performance tool providers used on our website. This includes a unique ID for (re)recognizing your end device. This also includes certain parameters that are relevant for web analysis.
  • “Sale Performance Tool Provider” means Refersion Inc., 242 W 38th St 10th floor, New York, NY 10018, USA and WordPress Corporate Office Headquarters Automattic, Inc. 60 29th Street #343 San Francisco, California 94110-4929 USA.
  • “Shopping Cart Data” includes in particular article description, article number, quantity, size, color, price, currency.
  • “Shopping Cart Device Data” is data assigned to your end device to assign the shopping cart to you. This includes a unique ID for (re)recognizing your end device.  
  • “Social Network Provider” means Facebook Inc., 1601 S California Ave, Palo Alto, CA 94304, USA and WeChat, Singapore, 10 Anson Road, #21-07 International Plaza, Singapore.
  • “Training Data” means data collected by sensors (e.g. GPS sensors, photo plethysmograph sensors, barometer and 9-axis sensors) and includes in particular distance, speed, acceleration, workout time, altitude, temperature, stride rate, stride length, rate of climb, user-created workout programs, training plans.
  • “Transaction Email Data” is data from transaction emails which we send for the (return) processing of your order (e.g. order receipt confirmation). This includes the content and time of the transaction emails.
  • “Third-Party Platform Provider” means TrainingPeaks, LLC, 285 Century Pl, Louisville, CO 80027, USA and any other platform you may choose.
  • "Web Analytics HTTP Data" is data that is technically generated when using the web analytics tool used on our website via the Hypertext Transfer Protocol (Secure) (HTTP(S)). This includes your IP address, type and version of your internet browser, the operating system you are using, the page you accessed, the page you visited previously (referrer URL), and the date and time you accessed it.
  • "Web Analytics Device Data” is data assigned to your end device by the web analytics tool used on our website. This includes a unique ID for (re)recognizing your end device. This also includes certain parameters that are relevant for web analysis.
  • "Web Analytics Profile Data” is data that is generated by the web analytics tool used on our website and stored in a device-related profile. This includes information about the use of our website, in particular page views, call frequency and dwell time on accessed pages.
  • “Web Analytics Tool Provider” means Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.