Data Protection

1. General Information and Mandatory Disclosures


a) Privacy Policy

The operators of this website take the protection of your data very seriously. We treat your personal data confidentially and in accordance with applicable data protection laws and this privacy policy.
When you use this website, various types of personal data are collected. Personal data is data that can be used to personally identify you. This privacy policy explains what data we collect and how we use it. It also explains how and for what purpose this is done.
However, we would like to point out that data transmission over the Internet (e.g., when communicating via email) may involve security vulnerabilities. It is not possible to completely protect data from access by third parties.

b) Information on the controller

The controllerresponsible for data processing on this website is:

simplefox GmbH
Am See 1
24259 Westensee

Tel.: +49 (0) 431 90886979
Email: info (at) simplefox.de

Explanation: The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g., names, email addresses, etc.).

2. Your Rights

Under applicable data protection law, in particular the EU General Data Protection Regulation (GDPR), you have extensive rights as a data subject with respect to the processing of your personal data, and we would like to inform you about these rights below. You have the right to:

  • pursuant to Article 15 of the GDPR, to request information about your personal data that we process. In particular, you may request information regarding the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned retention period, the existence of a right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, as well as information regarding the existence of automated decision-making, including profiling, and, where applicable, meaningful information regarding its details;
  • in accordance with Article 16 of the GDPR, to request the immediate rectification of inaccurate personal data or the completion of your personal data stored by us;
  • to request the erasure of your personal data stored by us in accordance with Article 17 of the GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
  • to request the restriction of the processing of your personal data pursuant to Article 18 of the GDPR, provided that you contest the accuracy of the data, the processing is unlawful but you oppose its erasure and we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims, or you have objected to the processing pursuant to Article 21 of the GDPR;
  • in accordance with Article 20 of the GDPR, to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, or to request that it be transmitted to another controller;
  • pursuant to Article 7(3) of the GDPR, to withdraw your consent at any time. As a result, we may no longer continue processing the data based on this consent in the future and
  • to lodge a complaint with a supervisory authority pursuant to Article 77 of the GDPR. As a general rule, you may contact the supervisory authority in your usual place of residence, your place of work, or the location of our practice. A list of supervisory authorities and their contact details can be found at the following link:
    https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
  • In accordance with Article 21 of the GDPR, you have the right to object to the processing of your personal data in specific cases, as well as to direct marketing:

Explanation of Art. 21 GDPR:

If data processing is based on Article 6(1)(e) or (f) of the GDPR, you have the right at any time to object to the processing of your personal data on grounds relating to your particular situation; this also applies to profiling based on these provisions. You can find the specific legal basis on which processing is based in this Privacy Policy. If you object, we will no longer process your personal data in question unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims (objection under Article 21(1) of the GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for such marketing purposes; this also applies to profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be used for the purposes of direct marketing or profiling (objection pursuant to Art. 21(2) GDPR).

3. Data Collection During Your Visit to Our Website


a) Cookies

This website uses so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offering more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer by your browser.

Some of the cookies we use are so-called "session cookies." They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.

You can configure your browser to notify you when cookies are set and to allow cookies only on a case-by-case basis, to block cookies in specific cases or generally, and to enable the automatic deletion of cookies when you close your browser. Disabling cookies may limit the functionality of this website. Cookies that are necessary for the execution of the electronic communication process or for the provision of certain functions you have requested are stored on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in storing cookies to ensure the technically flawless and optimized provision of its services. To the extent that other cookies (e.g., cookies for analyzing your browsing behavior) are stored, these are addressed separately in this privacy policy.

b) Server Log Files

When you use our website for informational purposes only—that is, if you do not otherwise provide us with any information—we collect only the personal data that your browser transmits to our server (so-called server log files). When you visit our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security:

• IP address
• Date and time of the request
• Time zone difference from Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• Amount of data transferred
• Website from which the request originated
• Browser
• Operating system and its interface
• Language and version of the browser software.

The legal basis for data processing is Article 6(1)(f) of the GDPR. Our legitimate interest stems from the purposes of data collection described above. This data is not combined with data from other sources.

c) Contact via email, telephone, fax, or contact form

When you contact us via email, phone, fax, or the contact form, your inquiry—including all personal data contained therein (name, inquiry)—will be stored and processed by us for the purpose of handling your request. When you contact us via the contact form, personal data is also transferred to HubSpot (see No. 10) under a data processing agreement in accordance with Article 28 of the GDPR.

The processing of this data is based on Article 6(1)(b) of the GDPR, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on your consent (Article 6(1)(a) of the GDPR) and/or on our legitimate interests (Article 6(1)(f) of the GDPR), as we have a legitimate interest in the effective processing of inquiries directed to us.

The data you send us via contact requests will remain with us until you request that we delete it, revoke your consent to its storage, or the purpose for storing the data no longer applies (e.g., once your request has been processed). Mandatory legal provisions—in particular statutory retention periods—remain unaffected.

4. External Hosting

This website is hosted by an external service provider on servers located in Germany (host). The host is Raidboxes GmbH, Friedrich-Ebert-Straße 7, DE – 48153 Münster (https://raidboxes.io/).

Personal data collected on our website is stored on the hosting provider’s servers. This may include, in particular, IP addresses, contact requests, metadata and communication data, contract data, contact information, names, website visits, and other data generated through the website.

The use of the hosting provider is based on a data processing agreement and serves the purpose of entering into or fulfilling contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and is carried out in the interest of ensuring the secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR).

Our hosting provider will process your data only to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

5. Our social media presence


a) Data Processing by Social Networks

We maintain publicly accessible profiles on social networks. The specific social networks we utilize are listed below. Social networks such as Facebook, Google+, etc., can typically conduct comprehensive analyses of your user behavior when you visit their website or a website with integrated social media content (e.g., Like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. Specifically:

If you are logged into your social media account and visit our social media page, the operator of the social media platform may associate this visit with your user account. However, your personal data may also be collected even if you are not logged in or do not have an account with the respective social media portal. In this case, data collection occurs, for example, through cookies stored on your device or by recording your IP address.

Using the data collected in this way, social media platform operators can create user profiles that store your preferences and interests. This allows them to display interest-based ads to you both on and off the respective social media platform. If you have an account on the respective social network, these interest-based ads may appear on any device on which you are currently logged in or have previously been logged in.

Please also note that we are unable to track all data processing activities on social media platforms. Depending on the provider, additional processing operations may therefore be carried out by the operators of these platforms. For more details, please refer to the terms of use and privacy policies of the respective social media platforms.

b) Legal Basis

Our social media presences aim to ensure the broadest possible online presence. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by social networks may be based on different legal grounds, which must be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 para. 1 lit. a GDPR).

c) Controller and Assertion of Rights

When you visit one of our social media pages (e.g., Facebook), we are jointly responsible with the operator of the social media platform for the data processing activities triggered by your visit. You may generally exercise your rights (right of access, rectification, erasure, restriction of processing, data portability, and the right to lodge a complaint) both against us and against the operator of the respective social media portal (e.g., against Facebook).

Please note that despite joint responsibility with social media portal operators, we do not have full influence over the data processing operations of social media portals. Our capabilities are primarily determined by the corporate policy of the respective provider.

d) Storage Duration

Data collected directly by us through our social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request that we delete it, you revoke your consent to its storage, or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal provisions—in particular retention periods—remain unaffected.

We have no control over how long your data is stored by social media platform operators for their own purposes. For more details, please contact the social media platform operators directly (e.g., by reviewing their privacy policies, see below).

e) Social Networks in Detail

aa) Facebook

We have a Facebook page. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified under the EU-U.S. Privacy Shield.

We have entered into a joint processing agreement (Controller Addendum) with Facebook. This agreement specifies which data processing operations we and Facebook are responsible for when you visit our Facebook page. You can view this agreement at the following link:https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your ad settings yourself in your user account. To do so, click the following link and log in:https://www.facebook.com/settings?tab=ads. For more details, please refer to Facebook’s Privacy Policy:https://www.facebook.com/about/privacy/.

bb) LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EU-U.S. Privacy Shield. LinkedIn uses advertising cookies.

If you would like to disable LinkedIn advertising cookies, please use the following link:https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. For details on how LinkedIn handles your personal data, please refer to LinkedIn’s Privacy Policy:https://www.linkedin.com/legal/privacy-policy.

6. Right to Make Changes

Please note that we reserve the right to adapt or amend this privacy policy from time to time within the scope of applicable laws.

Last updated: April 25, 2026