Skip to main content

Privacy policy

For CSP GmbH & Co. KG, CSP IT-Business GmbH and its subsidiaries (hereinafter referred to as “CSP”), the protection of your personal data is very important. In compliance with the applicable data protection regulations, we process personal data that is collected when you visit our website. We do not publish your data, nor do we pass it on to third parties without authorization. In the following, you will learn which data we collect during your visit to our website and how it is used:

1. contact information

Responsible party in the sense of data protection law
CSP GmbH & Co. KG
Herrenäckerstr. 11
94431 Großköllnbach
Phone +49 (0) 9953 3006 – 0

Contact details of the data protection officer
WS Data Protection GmbH
Kemal Webersohn, LL.M.
Data Protection Officer
Dircksenstrasse 51
10178 Berlin

2. definitions

Our privacy policy should be simple and understandable for everyone. The privacy policy generally uses the official terms of the General Data Protection Regulation (DSGVO). The official definitions are explained in Art. 4 DSGVO.

3. data collection and data processing
When visiting our website, our web servers temporarily store all accesses in a log file. The following data is collected and stored until automated deletion: IP address of the requesting computer, name and URL of the retrieved data, website from which the access is made, date and time of access, amount of data transferred, message whether the retrieval was successful, name of your Internet access provider and identification data of the browser and operating system used.

This data is processed for the purpose of establishing the connection (to enable use of the website), technical administration of the network infrastructure, system security and stability, and optimization of the Internet offering. Only in the case of attacks on the network infrastructure of the CSP, the IP address is evaluated. The legal basis for the temporary storage of the data or the log files is Art. 6 para. 1 lit. f DSGVO.
Beyond that, personal data is not processed unless you expressly consent to further processing. According to the explanations on web analysis, pseudonymous usage profiles can be created (see below).

4. contact form and contact via e-mail
If you send us inquiries via contact form or e-mail, your data from the inquiry form or your e-mail, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. Under no circumstances will we pass on this data without your consent. The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO and, if applicable, Art. 6 (1) lit. b DSGVO, if your request is aimed at concluding a contract. Your data will be deleted after final processing of your request, unless there are legal obligations to retain data. Please note the data protection information for applicants when applying.

5. registration

You have the option of registering for certain services provided on our website and thus creating a user profile. In the course of registration and setup, we collect and use the following personal data:

If applicable, first name, last name, title
E-mail address of the user
Date and time of registration
In addition, voluntary information can be provided (e.g. company). Mandatory information provided for the purpose of registration is marked in the input mask with an asterisk as a required field. With your user account you get the possibility to use further parts of our website and to log in for the offers you have purchased. The legal basis for data processing is Art. 6 para. 1 lit. a DSGVO in the case of consent or Art. 6 para. 1 lit. b DSGVO if processing is necessary to provide the requested services. Your data will be deleted as soon as the user account on our website is deleted and insofar as no legal retention obligations exist. You can usually make a change and/or delete your user account, including the data you have provided, directly in your user account after logging in or by sending a message to the responsible person mentioned at the beginning.

6 Newsletter and Newsletter Tracking

If you would like to receive the newsletter offered on the website with regular information about our offers and products, we require your e-mail address as mandatory information. For sending the newsletter, we use the so-called double opt-in procedure. This means that we will only send you our newsletter by e-mail if you have expressly confirmed that you consent to the sending of newsletters. In the first step, you will receive an e-mail with a link that you can use to confirm that you, as the owner of the corresponding e-mail address, want to receive newsletters in the future. With the confirmation, you give us your consent in accordance with Art. 6 para. 1 lit. a DSGVO that we may use your personal data for the purpose of the desired newsletter dispatch (via our mailing tool CleverReach).

When registering for the newsletter, we store, in addition to the e-mail address required for sending, the IP address through which you registered for the newsletter, as well as the date and time of registration and confirmation, in order to be able to track possible misuse at a later date.

You can unsubscribe from the newsletter at any time via the link included in each newsletter or by sending an e-mail to the responsible person named above. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to the continued use of the data collected or the continued processing is otherwise permitted by law.

Our e-mail newsletters are sent via the technical service provider CleverReach GmbH & Co. KG, Mühlenstr. 43, D-26180 Rastede (“CleverReach”), to whom we pass on your data provided during newsletter registration. This transfer takes place in accordance with Art. 6 Para. 1 lit. f DSGVO and serves our legitimate interest in using an effective advertising, secure and user-friendly newsletter system. The data you enter for the purpose of receiving newsletters (e.g. email address) is stored on CleverReach’s servers in Germany or Ireland.

CleverReach uses this information to send and statistically evaluate the newsletters on our behalf. For the evaluation, the sent emails contain so-called web beacons or tracking pixels, which are single-pixel image files that are stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (e.g. carrying out a download on our website) has taken place after clicking on the link in the newsletter. In addition, technical information is collected (e.g. time of download, IP address, browser type and operating system). The data is collected exclusively pseudonymously and is not linked to your other personal data, a direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.

We have concluded an order processing agreement with CleverReach, in which we oblige CleverReach to protect our customers’ data and not to pass it on to third parties. You can read more information about CleverReach’s data analysis here. You can view CleverReach’s privacy policy here.

7 Use and disclosure of personal data
Any use of your personal data will only be for the stated purposes and only to the extent necessary. Your data will not be passed on to third parties. Personal data will only be transferred to state institutions and authorities within the framework of mandatory national legal provisions or if the transfer is necessary for legal or criminal prosecution in the event of attacks on our network infrastructure. There is no transfer for any other purpose.

8. cookies
Cookies are used on our website to store technical session control data in your browser’s memory. Depending on the configuration of your browser, your data will be deleted after you close your browser. If, in exceptional cases, we would also like to store personal data in a cookie (for example, a user ID), we will inform you of this separately.

If personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 (1) lit. b DSGVO either for the execution of the contract or in accordance with Art. 6 (1) lit. f DSGVO to protect our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.

Of course, it is also possible to view our website without cookies. However, most browsers accept cookies automatically. You can prevent cookies from being stored by specifying this in your browser settings. The cookie settings can be managed under the following links for the respective browsers:

Internet Explorer:

If you do not accept cookies, this may lead to functional limitations of our website.

9. web analysis and advertising tracking
CSP does not create personal user profiles. § However, Section 15 (3) of the German Telemedia Act (TMG) allows the use of user profiles under a pseudonym for the purposes of market research, advertising and individual design of offers, unless the user objects to this.


Our website uses Opentracker, a web analytics service provided by Opentracker Company from the Netherlands (“Opentracker”). Opentracker uses so-called cookies. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of the website is usually transmitted to and stored by Opentracker on servers in the Netherlands. We only use Opentracker with IP anonymization enabled. This means that the IP address of the user is shortened by Opentracker within member states of the European Union or in other contracting states to the Agreement on the European Economic Area, which means that it cannot be linked to a person. The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO or § 15 para. 3 TMG on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.

On behalf of the operator of this website, Opentracker will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Opentracker will not be merged with other third-party data. The data will be deleted after 14 months. The terms of use of Opentracker and information on data protection can be accessed via the following link:
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Opentracker and the processing of this data by Opentracker by setting a so-called opt-out cookie, which you can find under the following link:

For information on how Opentracker handles user data, please see Opentracker’s privacy policy:

Google Web Fonts
This site uses so-called web fonts provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) for the uniform display of fonts. Google Web Fonts enables us to use external fonts, so-called Google Fonts. When you access our website, the required Google Font is loaded into your browser cache by your web browser in order to display texts and fonts correctly. This is necessary so that your browser can also display a visually improved representation of our texts. If your browser does not support this function, a standard font will be used by your computer for display. The integration of these web fonts is done by a server call, usually a Google server in the USA. This transmits to the server which page of our website you have visited. Also, the IP address of the browser of the end device of the visitor is stored by Google.

We use Google Web Fonts for optimization purposes, in particular to improve the use of our website for you and to make its design more user-friendly. This is also our legitimate interest according to Art. 6 para. 1 lit. f DSGVO. Google has submitted to the Privacy Shield agreement concluded between the European Union and the USA and has certified itself. Google thereby undertakes to comply with the standards and regulations of European data protection law. You can find more detailed information in the entry linked below:

Further information on data protection can be found in Google’s privacy policy:
Further information on Google Web Fonts can be found at, and

10 PlugIns and Social PlugIns
On our website, we use social PlugIns of the social network YouTube and for WordPress.
Our website may contain links to websites of other providers. Please note that this privacy policy applies exclusively to the website of CSP. We do not control them and have no influence on whether other providers comply with the applicable data protection regulations.


This website uses the YouTube embedding function to display and play videos from the provider “YouTube” (YouTube is part of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland).

The extended data protection mode is used here, which, according to the provider, only triggers the storage of user information when the video(s) is/are played. If the playback of embedded YouTube videos is started, the provider “YouTube” uses cookies to collect information about user behavior. According to information from “YouTube”, these are used, among other things, to collect video statistics, to improve user-friendliness and to prevent abusive behavior. If you are logged in to Google, your data is directly assigned to your account when you click on a video. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in particular in accordance with Art. 6 para. 1 lit.f DSGVO on the basis of Google’s legitimate interests in the insertion of personalized advertising, market research and/or needs-based design of its website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

Independently of a playback of the embedded videos, a connection to the Google network “DoubleClick” is established each time this website is called up, which may trigger further data processing operations without our influence. Google LLC, based in the USA, is certified for the us-European data protection agreement “Privacy Shield”, which ensures compliance with the level of data protection applicable in the EU.

Further information on data protection at “YouTube” can be found in the provider’s privacy policy at:

Google Maps

Our homepage uses the online map service provider Google Maps via an interface. The provider of the map service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). To use the functionalities of Google Maps, it is necessary to store your IP address. This information is transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. The use of the map service Google Maps is in the interest of an appealing presentation of our online offer and in the easier location of the addresses listed by us on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. For more information on the handling of user data, please refer to Google’s privacy policy: .

Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

The purpose of reCAPTCHA is to verify whether data entry on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information, e.g.

IP address
length of time the website visitor spends on the website
mouse movements made by the user
The data collected during the analysis is forwarded to Google. Further information on Google reCAPTCHA as well as Google’s privacy policy can be found in the following links: and

The reCAPTCHA analyses run completely in the background. Website visitors are not made aware that an analysis is taking place. The data processing is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in protecting our website from abusive automated spying and from unwanted automated mailings (spam).

CSP does not store any personal data from the use of reCAPTCHA. In general, personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies.

Facebook Pixel

We use the visitor action pixel (“conversion pixel”) of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). By calling up the pixel from your browser, Facebook can recognize whether a Facebook ad was successful (and, for example, led to an online purchase). Facebook only provides us with statistical data without reference to a specific person. Facebook’s privacy information can be found here: To revoke your consent for Pixel, please go to:

Google Analytics
We use Google Analytics, a web analytics service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The data obtained from this is used to optimize our website and advertising measures. Google processes the website usage data on our behalf and is contractually obligated to take measures to ensure the confidentiality of the processed data. During your visit to our website, the following data is recorded, among others: Pages viewed, your behavior on the pages, your approximate location, your IP address, technical information such as browser, Internet provider, terminal equipment and screen resolution, source of origin of your visit. This data is transferred to a Google server in the USA. Google Analytics stores cookies in your web browser for a period of two years since your last visit. In order to recognize you on future website visits, these cookies contain a randomly generated user ID. The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely. If you do not agree with the collection, you can prevent this by installing once.

Privacy policy for WordPress
We operate our website with the content management system (CMS) WordPress and the following extensions: BackUpWordPress, CleverReach Newsletter Integration, Contact Form 7, Contact Form DB, Cookie Consent, CryptX, Email as Username for WP-Members, Hide Admin Bar Toolbar, Integration: Yoast SEO & qTranslate-X, Jobs for WordPress, Manage Notification E-mails, MCE Table Buttons, Members, Nav Menu Roles, Peter’s Login Redirect, qTranslate slug, qTranslate-X, Quick Page/Post, Redirect Plugin, Really Simple CAPTCHA, Really Simple SSL, Smashballoon Instagram Feed, Slider Revolution, WP-Members and Yoast SEO.

CSP is active on the following additional social media platforms:

Facebook (privacy:
Instagram (privacy:
Xing (privacy:
LinkedIn (Privacy:

11. security
CSP uses organizational and technical measures to secure and protect your personal data managed by us against accidental or intentional destruction, manipulation, loss or access by unauthorized third parties. In this respect, TÜV Süd regularly certifies us according to ISO/IEC 27001. We continuously improve our security measures in line with technological developments.

12. duration of the storage of personal data
The duration of the storage of personal data is measured by the relevant statutory retention periods (e.g. from commercial law and tax law). After expiry of the respective period, the corresponding data is routinely deleted. If data is required for the fulfillment or initiation of a contract or if we have a legitimate interest in continuing to store it, the data will be deleted when it is no longer required for these purposes or when you exercise your right of revocation or objection.

13 Links to websites of other providers
Our website may contain links to websites of other providers. Please note that this privacy policy applies exclusively to the website of CSP. We do not control them and have no influence on whether other providers comply with the applicable data protection provisions.

14. your rights
In the following, you will find information on which data subject rights the applicable data protection law grants you vis-à-vis the controller with regard to the processing of your personal data:

The right to request information about your personal data processed by us pursuant to Article 15 of the GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details.

The right to request the correction of inaccurate or incomplete personal data stored by us without undue delay in accordance with Art. 16 DSGVO.

The right to request the erasure of your personal data stored by us in accordance with Article 17 of the GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.

The right to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO.

The right, pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.

The right to complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of the federal state of our registered office stated above or, if applicable, that of your usual place of residence or workplace for this purpose.

Right to revoke consent given in accordance with Art. 7 (3) DSGVO: You have the right to revoke consent to the processing of data once given at any time with effect for the future. In the event of revocation, we will immediately delete the data concerned, unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Right of objection
Insofar as your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, insofar as this is done for reasons arising from your particular situation. Insofar as the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement to specify a particular situation. If you would like information about your personal data, its correction or deletion, or have further questions about its use, please contact us at

15. up-to-dateness, validity and inclusion of the data protection declaration
Our privacy policy is currently valid and as of 25.05.2018. By using our website, you consent to the use of data described above.

Due to implementation of new technologies or further development of our website, it may be necessary to change this privacy policy. CSP reserves the right to change the data protection declaration if necessary with effect for the future. Therefore, please review the current privacy policy from time to time.