Privacy Policy

Privacy Policy

We are pleased about your visit to our website and your interest in our company. We see data protection as a sign of quality for our customers. The protection of your personal data and the preservation of your individual rights are important to us.

With this data protection statement, we would like to inform all visitors to our website transparently about the type, scope and purpose of the collection, use and processing of personal data by us and also inform you about the rights to which you are entitled.

In principle, it is possible to use our website without providing personal data. However, should you make use of our company’s services via our website, the processing of your personal data may be necessary.

The personal data automatically collected when you visit our website or entered by you when using our services will be processed in accordance with the current legal provisions on the protection of personal data.

If it is necessary to process your personal data and there is no legal basis for such processing, we will always obtain your consent for the required purpose of the processing.

As the company responsible for processing, we have established technical and organisational measures to ensure the highest possible level of protection for your personal data.

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If the SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

However, we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

If you would like to use the services of our company without using the method of data transmission via the World Wide Web, you can also contact us by telephone.

1. Contact details of the data controller
The controller within the meaning of the General Data Protection Regulation, is:

Company: CCS-Express GmbH
Street: Lilienthalstraße 8
Postcode/Place: D-85399 Hallbergmoos
Tel.: +49 811-5500-0

The appointed data protection officer is:

Mr. Stephan Hartinger
Coseco GmbH
Phone: +49 8232-80988-70

2. Collection of general access information
Each time our website is accessed, server log file information that your browser transmits to us is automatically collected. These are:

  1. IP address (internet protocol address) of the accessing computer
  2. the website from which you are visiting us (referrer)
  3. the website you visit on our site
  4. the date and duration of your visit
  5. browser type and browser settings
  6. operating system.

We would like to point out that this data is not assignable to a specific person. We use this technical access information only for the following purposes:

  1. to improve the attractiveness and usability of our website,
  2. for early detection of technical problems on our website,
  3. to provide the content of our website correctly,
  4. and to provide law enforcement agencies with the information necessary for prosecution in the case of a cyber attack.

As a technical precaution, this data is stored for a maximum of 7 days to protect the data processing systems against unauthorised access.

3. Collection and disclosure of personal data
We use your personal data only for the purposes stated on this information page on data protection.

The following input masks for the collection of personal data exist on our website:

3.1 Registration on our website (customer area)
We offer you the opportunity to register on our website by providing your personal data in order to track the status of your shipments and to download invoices and shipment-related documents. To register in the customer area, we require the following information from you:

  1. First and last name
  2. Your position in the company
  3. Company name
  4. Email address
  5. Optional telephone and fax

The personal data you enter will be collected and stored exclusively for internal and our own purposes.

The registration of the person concerned by voluntarily providing personal data serves to offer you content or services that can only be offered to registered users. You can correct/add to the personal data provided during registration at any time.

The data will not be passed on to third parties.

3.2 Transmission of shipping order data
In our customer portal you have the possibility (even without prior registration) to fill in a shipping order (courier order or forwarding order) and to transmit it to us.

The personal data you enter will be collected and stored exclusively for the purpose of fulfilling the order.

Depending on the type of order, data may be passed on to one or more order processors, such as shipping companies or customs, if they are called upon to perform the service you have requested.

This applies in particular to your contact information (name, address, telephone number and e-mail). Your data will not be used for any other purpose or passed on to third parties.

3.3 Transmission of application documents
In the course of your application (online application or by e-mail), we collect and process various personal application data.

This includes in particular your

  • Contact information (name, address, telephone number and e-mail)
  • Application documents (letter of application, curriculum vitae, certificates or other proof of education and qualifications).

In the context of an online application via the application form, the transmission takes place exclusively via an encrypted page in accordance with the currently recognised state of the art, so that your personal data and your application documents are protected against manipulation and unauthorised access.

After sending, you will receive an e-mail confirming receipt of the application documents.

Your personal application data will be collected and processed exclusively for the purpose of filling vacancies within our company. As a matter of principle, your data will only be forwarded to the internal departments and specialist departments of our company responsible for the specific application procedure. Your personal application data will not be passed on to other companies without your prior express consent.
Your application data will not be used or passed on to third parties beyond this.

Your personal application data will be deleted automatically six months after completion of the application process. This does not apply if legal regulations prevent deletion, if further storage is necessary for the purpose of providing evidence or if you have expressly agreed to longer storage for future job advertisements, for example.

If a contract of employment is concluded with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.

4. What are cookies used for?
Our website uses so-called cookies in several places. Detailed information and which cookies are used can be found in our cookie policy on

5. Integration of plugins of social networks
Our website uses buttons for the social networks:

  • Facebook, Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA
  • Twitter, Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA
  • Xing, XING AG, Gänsemarkt 43, 20354 Hamburg, Germany
  • LinkedIn, LinkedIn Corp, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA

The buttons are marked with the logo of the respective social network. However, they are not the usual social plugins, but buttons with embedded links. The buttons must be activated (clicked) separately by you. As long as these buttons are not clicked, no data is transmitted to the social networks. Only when you click on the buttons and thereby declare your consent to communication with the servers of the social network, the buttons become active and the connection is established.

After clicking, the button corresponds to a so-called share plugin. The social network is provided with information about the visited page, which you can share with your contacts in your social network. If you want to “share” the information, you must be logged in. If you are not logged in, you will land on the login page of the social network you clicked on and you will no longer be on the pages of CCS-Express GmbH. If you are logged in, the information is transmitted that you would like to recommend the respective article.

By activating the button, the social network then also receives, among other things, the information that and when you accessed the corresponding page of our website, as well as, for example, your IP address, details of the browser used and the language settings. When you click the button, your click is transmitted to the social network and used according to its data usage guidelines.

We have no influence on the collected data and data processing operations when the button is activated and are not responsible for this data processing and therefore not liable in accordance with the General Data Protection Regulation (DSGVO). We are also not aware of the full extent of the data collection, its legal basis, the purposes and the storage periods.  Therefore, the information provided here is not necessarily complete.

The transmission of data takes place regardless of whether you actually have an account with the provider or are logged in there. If you are logged in to the provider, your data will be directly assigned to your account. If applicable, the providers also use cookies on your computer to track you.

As far as we are aware, the provider stores this data in usage profiles, which it uses for the purposes of advertising, market research and/or designing its website in line with requirements. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. To exercise this right of objection, please contact the respective provider.

For the purpose and scope of the data collection and the further processing and use of the data by the respective social network, as well as your rights in this regard and setting options for protecting your privacy, please refer to the information:

  • Facebook:
  • Twitter:
  • Xing:
  • LinkedIn:

If you do not want the social network to receive data about you, you must not click the button.

6. Deletion, blocking and duration of storage of personal data
We process and store your personal data only for the period of time required to achieve the respective purpose of storage or as provided for by the various retention periods stipulated by law.

After the end of a storage purpose or after the expiry of the retention period provided for by law, the personal data is routinely blocked or deleted for further processing in accordance with the statutory provisions.

7. Data protection rights of the data subject
If you have any questions about your personal data, you can contact us in writing at any time. You have the following rights under the General Data Protection Regulation (DS-GVO):
7.1 The right to information (sub-item Art. 15 DS-GVO).
7.2 The right to rectification (Art. 16 DS-GVO)
7.3 The right to erasure (Art. 17 DS-GVO)
7.4 The right to restriction (Art. 18 DS-GVO)
7.5 The right to data portability (Art. 20 DS-GVO)
7.6 The right to object (Art. 21 DS-GVO)
7.7 Right to lodge a complaint with the data protection supervisory
authority (Art. 77 DS-GVO in conjunction with § 19 BDSG
(Federal Data Protection Act)
7.8 Right to revoke consent under data protection law (Art. 7 para. 3

8. Legal basis of processing
When processing personal data for which we obtain the consent of the data subject, Article 6 (1), sentence 1 a) of the General Data Protection Regulation (DSGVO) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1, sentence 1 b) (DSGVO) serves as the legal basis.  This provision also covers processing operations that are necessary for the performance of pre-contractual measures.

If processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1, sentence 1 c) (DSGVO) serves as the legal basis.

If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Art. 6 (1), sentence 1 f) (DSGVO) serves as the legal basis for the processing. The legitimate interest of our company lies in the performance of our business activities as well as in the analysis, optimisation and maintenance of the security of our online offer.

9. Transfer of data to third parties
We generally do not sell or lend user data. A transfer to third parties beyond the scope described in this data protection declaration only takes place if this is necessary for the processing of the respective requested service.

We only transfer data if there is a legal obligation to do so. This is the case if state institutions (e.g. law enforcement agencies) request information in writing or a court order has been issued.

A transfer of personal data to so-called third countries outside the EU / EEA area does not take place.

10. Legal or contractual regulations for the provision of personal data as well as possible consequences of the non-provision
We hereby point out that the provision of personal data in certain cases (e.g. tax regulations) is required by law or may result from contractual regulations (e.g. information on/of the contractual partner). For example, it may be necessary for the conclusion of a contract that the person concerned/the contractual partner must provide his/her personal data so that his/her request (e.g. order) can be processed by us at all. An obligation to provide personal data arises primarily when a contract is concluded.

If no personal data is provided in this case, the contract with the person concerned cannot be concluded. Before providing personal data by the data subject, the data subject may contact our data protection officer or the controller. The data protection officer or the controller will then inform the data subject whether the provision of the required personal data is prescribed by law or contract or is necessary for the conclusion of the contract and whether an obligation arises from the concerns of the data subject to provide the personal data or what the consequences are for the data subject of not providing the requested data.

11. Existence of automated decision-making
As a responsible company, we do not use automated decision-making or profiling in our business relationships.

12. Additional information
In addition to this web-specific data protection information, it is possible to view our transparent information.