Privacy Policy
Last updated: May 2026
This Privacy Policy explains how personal data is collected, processed and protected when you visit the website ccsi-strategy.com.
The website is operated by:
CCS International ltd.
Represented by: Thomas Klüglich
UL ZDRAVKO CHAKAROV 9
TTS VESTA, Office 17
Varna, Republic of Bulgaria
Company registration number / UIC: 208718403
Email: [email protected]
1. Controller
The controller responsible for the processing of personal data on this website within the meaning of the General Data Protection Regulation (GDPR) is:
CCS International ltd.
Represented by: Thomas Klüglich
UL ZDRAVKO CHAKAROV 9
TTS VESTA, Office 17
Varna, Republic of Bulgaria
Company registration number / UIC: 208718403
Email: [email protected]
2. General Information on Data Processing
We process personal data only to the extent necessary to provide this website, ensure its technical security, respond to enquiries, communicate with prospective clients, business partners and interested parties, and operate our business in a lawful and efficient manner.
Personal data means any information relating to an identified or identifiable natural person. This may include, for example, a name, email address, IP address, communication content or technical access data.
We do not sell personal data to third parties.
3. Legal Basis for Processing
We process personal data on the following legal bases under the GDPR:
Art. 6(1)(a) GDPR, where consent has been given.
Art. 6(1)(b) GDPR, where processing is necessary for pre-contractual or contractual purposes.
Art. 6(1)(c) GDPR, where processing is necessary to comply with legal obligations.
Art. 6(1)(f) GDPR, where processing is necessary for our legitimate interests, such as secure website operation, communication with interested parties, business administration and optimisation of our online presence.
4. Website Access and Server Log Files
When you visit this website, technical access data may be processed automatically by the website system and technical service providers.
This may include:
IP address
Date and time of access
Browser type and browser version
Operating system
Device type
Referrer URL
Pages accessed
Amount of data transferred
Status messages
Technical error information
Provider information
This data is processed to provide the website, ensure technical stability, prevent misuse, detect technical errors and maintain information security.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest is the secure, reliable and efficient operation of this website.
5. Website System and FunnelCockpit
This website is created and operated using FunnelCockpit.
FunnelCockpit is used for the technical creation, delivery, operation and optimisation of this website. In this context, FunnelCockpit may process technical access data and usage-related data as a technical service provider.
The data processed may include, in particular:
IP address
Date and time of access
Browser type and browser version
Operating system
Device type
Referrer URL
Pages visited
Country or approximate location derived from technical access data
Technical log data
Information about page views
Information about user interactions
Conversion-related information, where applicable
This processing is carried out in order to provide the website, ensure technical security, analyse the technical performance of the website and improve the user experience and effectiveness of our online presence.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest is the secure, reliable and efficient operation of this website, as well as the optimisation of our online presence.
6. Internal Statistics and Performance Measurement
We may use internal statistics and performance measurement functions provided by FunnelCockpit.
These functions may allow us to understand how often pages are visited, from which country visitors access the website, which device types are used and how visitors interact with the website.
This information helps us to improve the structure, usability, relevance and effectiveness of the website.
The processing is based on Art. 6(1)(f) GDPR. Our legitimate interest is the analysis, optimisation and economically efficient operation of our website.
We currently do not use Google Analytics, Meta Pixel, LinkedIn Insight Tag, Google Ads conversion tracking or comparable third-party marketing tracking tools.
7. Domain and Email Services
The domain and email services for this website are managed through Hostpoint AG, Switzerland.
Hostpoint may process technical data necessary for the provision of domain, DNS and email services. This may include email metadata, routing information and technical server log data.
Switzerland is recognised as providing an adequate level of data protection under EU data protection law.
8. Contact by Email
If you contact us by email, we process the personal data you provide in your message.
This may include:
Your name
Your email address
Your company name, if provided
Your message content
Any additional information voluntarily provided by you
We process this data to respond to your enquiry and, where applicable, to prepare or perform a contractual relationship.
The legal basis is Art. 6(1)(b) GDPR for pre-contractual or contractual communication and Art. 6(1)(f) GDPR for general business communication.
Please note that communication by email may not be fully secure unless additional encryption is used.
9. Cookies and Similar Technologies
This website may use technically necessary cookies or similar technologies that are required for the operation, security and functionality of the website.
FunnelCockpit may use cookies or similar technologies to provide and operate the website, store technical settings, enable basic website functions and measure the technical performance and effectiveness of the website.
According to the information currently available to us, we do not use non-essential third-party marketing cookies, advertising cookies, social media tracking pixels or comparable external tracking technologies on this website.
If we introduce non-essential cookies, analytics services, marketing tracking technologies, embedded videos or comparable third-party services in the future, this Privacy Policy will be updated and, where legally required, a cookie consent mechanism will be implemented.
10. No Contact Form, Newsletter or User Account
This website currently does not provide:
A contact form
Newsletter registration
User accounts
A login area
An online shop
Online payment functions
Job application forms
Contact is currently made by email only.
11. No Third-Party Marketing Tracking
We currently do not use:
Google Analytics
Google Tag Manager
Meta Pixel / Facebook Pixel
LinkedIn Insight Tag
Google Ads conversion tracking
Remarketing or retargeting technologies
Newsletter tracking
Affiliate tracking
If any of these tools are introduced in the future, this Privacy Policy will be updated before or at the time of implementation.
12. Embedded Third-Party Content
This website currently does not embed third-party videos, social media feeds, maps or comparable external content.
If third-party content such as YouTube videos, Vimeo videos, Google Maps or social media plugins is embedded in the future, this Privacy Policy will be updated accordingly.
Where required by law, such content will only be loaded after prior consent.
13. Business-Related Processing
We may process personal data of prospective clients, clients, business partners and other contacts for business communication, preparation of offers, contractual relationships, consulting-related services, administration, accounting and legal compliance.
This may include:
Name
Company name
Business address
Email address
Communication content
Contractual data
Billing and accounting data, where applicable
The legal basis is Art. 6(1)(b) GDPR for contractual and pre-contractual processing, Art. 6(1)(c) GDPR for legal obligations and Art. 6(1)(f) GDPR for legitimate business interests.
14. Recipients of Personal Data
Personal data may be disclosed to service providers or third parties only where this is necessary for the purposes described in this Privacy Policy, where there is a legal obligation, or where we have a legitimate interest.
Possible recipients may include:
Website and software providers
Domain and email service providers
IT service providers
Tax advisors, accountants or legal advisors
Public authorities, where legally required
Where service providers process personal data on our behalf, we take appropriate measures to ensure compliance with GDPR requirements.
15. International Data Transfers
Personal data is primarily processed within the European Union, the European Economic Area or countries with an adequate level of data protection.
Where personal data is transferred to countries outside the EU/EEA that do not provide an adequate level of data protection, appropriate safeguards will be used where required. These may include EU Standard Contractual Clauses or other lawful transfer mechanisms.
16. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, unless statutory retention obligations require a longer retention period.
Email enquiries are generally retained as long as necessary to process and document the communication.
Business and accounting-related records may be retained for longer periods where required by applicable law.
Data that is no longer required will be deleted or anonymised.
17. Your Rights under the GDPR
Subject to the conditions of applicable data protection law, you have the following rights:
The right to access your personal data
The right to rectification of inaccurate personal data
The right to erasure of your personal data
The right to restriction of processing
The right to data portability
The right to object to processing based on legitimate interests
The right to withdraw consent at any time, where processing is based on consent
The right not to be subject to a decision based solely on automated processing, including profiling, where applicable
To exercise your rights, you may contact us at:
18. Right to Object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data where the processing is based on Art. 6(1)(f) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless the processing serves the establishment, exercise or defence of legal claims.
19. Withdrawal of Consent
Where processing is based on your consent, you have the right to withdraw that consent at any time with effect for the future.
The lawfulness of processing carried out before withdrawal remains unaffected.
20. Right to Lodge a Complaint
You have the right to lodge a complaint with a competent data protection supervisory authority.
For Bulgaria, the competent supervisory authority is:
Commission for Personal Data Protection
Sofia, Republic of Bulgaria
You may also contact another competent supervisory authority in the EU or EEA.
21. Data Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.
However, no method of transmission over the Internet or electronic storage is completely secure. We therefore cannot guarantee absolute security.
22. Automated Decision-Making
We do not use automated decision-making, including profiling, within the meaning of Art. 22 GDPR.
23. Changes to This Privacy Policy
We may update this Privacy Policy from time to time if legal, technical or business-related changes make this necessary.
The current version published on this website applies.