Terms of Use of the Federal Government's Central Invoice Submission Portal (CISP)

Last updated: 5 June 2020

1. Scope of the terms of use

As operator of the Central Invoice Submission Portal (CISP), the Federal Republic of Germany (hereinafter referred to as "the operator") makes the CISP available through its IT service provider the Federal Information Technology Centre (ITZBund) as an online service to parties issuing and sending invoices (hereinafter referred to as "the user"). With the CISP, the user can create or upload electronic invoices and send them to the invoice recipient. By creating a user account, the user enters into a contract with the operator governing the use of the CISP.

The following terms of use apply to all services that are offered to the user as part of the CISP.

2. Definitions

Definitions of terms are set out in the Ordinance on Electronic Invoicing in Federal Public Procurement (E-Invoicing Ordinance), which was adopted on 4 April 2017 as a result of the Act to Implement EU Directive 2014/55/EU on electronic invoicing in public procurement. This applies in particular to the terms "invoice", "electronic invoice", "invoice issuer", "invoice recipient" and "invoice sender". The E-Invoicing Ordinance governs the organization of the Federal Government's electronic invoicing system.

The E-Invoicing Ordinance can be found online here (in German).

3. Details of the responsible bodies

a) Provider of the Central Invoice Submission Portal

Federal Ministry of Finance (BMF)

Wilhelmstraße 97
10117 Berlin
Postal address: 11016 Berlin, Germany

Tel.: +49 (0) 30 18682 0
Fax: +49 (0) 30 18682 3260
E-mail: poststelle@bmf.bund.de

Federal Ministry of the Interior and Community (BMI)

Alt-Moabit 140
10557 Berlin

Tel.: +49 (0) 30 / 18 681 0
Fax: +49 (0) 30 / 18 681 12926
E-mail: poststelle@bmi.bund.de

b) Technical service provider

Federal Information Technology Centre (ITZBund)

Bernkasteler Str. 8
53175 Bonn

Tel.: +49 (0) 228 99680 0

c) Data protection officer

Data Protection Officer for the Federal Ministry of Finance

Wilhelmstr. 97
10117 Berlin

Tel.: +49 (0) 30 18682 3208
E-mail: datenschutz@bmf.bund.de

Data Protection Officer for the Federal Ministry of the Interior and Community

Bundesallee 216-218
10719 Berlin

Tel.: +49 (0) 30 18681-0
E-Mail: bds@bmi.bund.de

4. Services and scope

By using the services of the CISP, the user can create and/or upload electronic invoices in order to make them available to the invoice recipient. While creating an electronic invoice, the user can opt to download the preliminary version of the electronic invoice and to continue creating the invoice at a later point in time or to use that version as a template. After the invoice has been completed, the CISP runs a validation check on the invoice and any additional documents to be submitted with it. The validation process includes a virus scan and a check that the invoice is formally correct and complete (e.g. in terms of invoice format, size restrictions and whether all required fields have been filled in; see section 8 for more information). If the electronic invoice is valid, it is then submitted to the invoice recipient for a final invoice check. From the time of creation or upload right through to final checking of the electronic invoice, the CISP allows the user to track the status of electronic invoices sent. The status of the invoice will be one of the following: new, submitted, collected and rejected.

Invoices will be deleted by the operator 30 days after submission in the CISP, regardless of their status.

The services provided by the CISP are limited to the creation or upload of electronic invoices for recipients. Collection of electronic invoices from the CISP by the invoice recipient, checking the arithmetic and factual correctness of the electronic invoice or ordering payment are solely the responsibility of the invoice recipient.

5. Creating a user account

To use the services of the CISP, a user account must be created and the following criteria must be met:

Any natural person of legal capacity or legal entity can create a user account with the CISP. The following user data is required to create a user account:

6. Session cookies

Session cookies are used once during the registration process. This is necessary to use the CISP web interface.

The user can configure their browser so that session cookies are automatically deleted on closing the browser.

7. Setting up input channels (transmission methods)

After registration, the user initially has browser-based access to their user account by default, which they can use to manually create, send and upload electronic invoices. In addition, the user can activate one of the following methods in their user account for sending electronic invoices: e-mail, De-Mail or PEPPOL web service. The following additional user information must be provided in order to use the respective transmission method:

Please note that according to section 10 of the E-Invoicing Ordinance, the abovementioned transmission methods may be changed later depending on the outcome of a review of the CISP.

8. Valid file formats and size restrictions

a) Electronic invoice formats

Section 4 of the E-Invoicing Ordinance sets out the requirements for the invoice data model, and states that electronic invoices must comply with the current version of the XRechnung standard or European standard EN 16931-1-2017.

The XRechnung standard was drawn up by the Coordination Office for IT Standards on behalf of the IT Planning Council. You can find the current version of the XRechnung standard here (in German).

The European Standard on Electronic Invoicing EN 16931-1-2017 was published by the European Committee for Standardization (CEN) on 28 June 2017.

Electronic invoices to be sent are verified for compliance with the XRechnung standard or European standard EN 16931-1-2017 for electronic invoices using schema and schematron validation that meets the specifications of the respective standard.

An electronic invoice must also contain required information according to section 5 of the E-Invoicing Ordinance in the following XRechnung fields or in the fields of the European standard EN 16931-1- 2017:

Mandatory information according to section 5 of the E-Invoicing Ordinance XRechnung fields or European standard fields
Buyer reference ID of the invoice recipient* BT-10
User's bank details For bank transfer:
BG-17 (BT-84 bis BT-86)
For direct debit**:
BG-19 (BT-89 to BT-91)
Terms of payment BT-20 and/or BT-9
User's De-Mail or e-mail address BT-43
Supplier number (if known) BT-29
Order number (if known) BT-13

BT = Business Term or information element
BG = Business Group or group of information elements
* Further information on the buyer reference ID is available at https://www.xoev.de/ or from the invoice recipient.
** Only with SEPA Direct Debit mandate

Invoice formats other than XRechnung standard that meet the European standard EN-16931-1-2017 and the E-Invoicing Ordinance are also accepted, as long as the Federal Information Technology Centre has successfully verified the technical compatibility of these invoice formats and a final application specification for these invoice data models has been made available to the Federal Information Technology Centre. It should be noted that the final application specification must be completed and fully documented. The following requirements must also be met:

b) Format of additional documents and size restrictions for electronic invoices and additional documents

The format regulations for additional documents and size restrictions for electronic invoices and additional documents can be found in the Technical Details document. The user should take into account any technical restrictions on the part of the invoice recipient. For instance, security authorities may only receive attachments in PDF/A format. In each case, the user should ask the invoice recipient whether any such restrictions apply, and if so which.

Additional documents can also be added as links (as separate downloadable resources via URL or as embedded documents) to an invoice. The user must request information on the requirements for links from the invoice recipient. If an invoice recipient cannot open a link, the invoice recipient can reject the invoice because it is not possible to check the invoice.

The provisions set out in this section must be met for the invoice to be submitted for collection to the invoice recipient by the CISP.

9. Technical requirements to be met by the user

Other technical requirements that the user must meet to ensure that the services of the CISP can be used are available in the Technical Details document (see section 8).

10. Electronic invoices received

An electronic invoice is considered to have been received by the invoice recipient as soon as the invoice status is displayed as awaiting collection. This is the case when the invoice has been submitted to the CISP and has undergone the validation checks outlined above. This is dependent on adherence to the requirements for formats and size restrictions for electronic invoices and supporting documents (see section 8). The CISP allows the user to track the status of electronic invoices via log data in the CISP web interface. Log data are deleted 180 days after submission of the invoice in the CISP.

11. Times of use

The user can use the services of the CISP from Monday to Sunday, from 0:00 to 23.59. Please note that response times may be slower or the website may be temporarily unavailable during the period from 18:00 to 8:00 each day due to maintenance work.

12. Support

In case of technical or specialist questions, the user can contact the CISP support hotline. This service can be contacted on working days from Monday to Friday, 8:00-16:00 (CET), on +49 (0)30 2598 4436, or any time via e-mail: sendersupport-xrechnung@bdr.de.

Use of this support is subject to the terms of use of the public enquiry service of the Federal Ministry of the Interior and Community.

13. Fees

Use of the CISP is free of charge. Costs incurred by the user for accessing the CISP, especially for the provision, connection and operation of the necessary software and hardware as well as for internet use, will not be reimbursed by the controllers of the CISP.

14. Data protection

The data protection notice for the CISP can be found here: Data protection notice

15. Duty of care

a) Responsibility for determining the protection requirement

A protection requirements analysis was carried out for the personal data included in invoices and the CISP was designed accordingly.

Invoices that contain confidential invoice data as provided for in Section 4 (2) numbers 1-3 of the Security Clearance Check Act (Sicherheitsüberprüfungsgesetz, SÜG), and are therefore excluded from the scope of the E-Invoicing Ordinance in line with section 8 (1) of that ordinance, may not be submitted to the CISP. Invoices that contain confidential invoice data as provided for in section 4 (2) number 4 of the Security Clearance Check Act may not be submitted via e-mail, in line with section 8 (2) of the E-Invoicing Ordinance. The user is responsible for adherence to these provisions.

b) Responsibility for access data

The user is responsible for ensuring that no third party gains unauthorized access to their password or user account. User accounts are strictly non-transferable.

c) Virus-free documents

It is the user's responsibility to scan any files for viruses prior to submission and to only send virus-free files to the CISP. Electronic invoices containing a virus will be deleted as part of the validation check.

16. Termination of use

Use of the CISP may be terminated by the user without explanation at any time. Temporary suspension or final termination of use by the operator requires a formal explanation of just cause for this. Just cause is deemed to exist in particular if there are reasonable grounds to believe that the user is not adequately complying with the duty to ensure that no unauthorized third party gains access to their password or user account (see section 15).

A user account will be suspended after one year of non-activity and the user will be notified accordingly via e-mail. The user then has the right to lift the suspension themself within a period of 30 days. If the user does not lift their suspension within this period, they will be removed entirely from the CISP. Regardless of this, the user can re-register at a later date.

17. No guarantee; disclaimer notice

a) No guarantee

The operator does not guarantee that the services of the CISP will be available at all times. It is the operator's aim to ensure that submitted, validated electronic invoices are made available for collection by the invoice recipient in a timely manner. The user can find detailed information regarding the status of a submitted invoice in their user account.

b) Disclaimer notice

c) Legal requirements for invoices

The operator is not liable for tax and legal compliance of electronic invoices transmitted using the CISP; this is the duty of the user. Furthermore, the operator is not responsible for ensuring compliance with retention periods required under commercial and tax law.

18. Final provisions

a) The laws of the Federal Republic of Germany apply, with the exclusion of the provisions of private international law.
b) The place of performance for all services is Berlin. The place of jurisdiction for all disputes arising from this contract is Berlin. The operator reserves the right to bring an action against the user at another competent court. This jurisdiction clause is only valid if the user is a trader, a legal person under public law or a special fund under public law.
c) Should individual conditions of these terms of use become completely or partially invalid, this will not affect the validity of the remaining provisions. The completely or partially invalid condition is to be replaced by another condition, whose objective comes as close as possible to the objective of the invalid condition.
d) Amendments, additions and the cancellation of a contract require the written form. The same applies to an amendment to the requirement of written form.
e) The operator must inform the user in writing of amendments to these terms of use. Such amendments are deemed to be approved by the user if the user does not lodge an objection to the validity of the new terms of use within six weeks of receipt of notice.

19. Technical details for the terms of use

Technical details for the terms of use of the CISP can be found here: Terms of Use - Technical details