Privacy Policy

We, simpleshow GmbH, welcome you to our website https://simpleshow.com/. On our website you will find various tools and services with which you can easily create animated explainer videos and eLearnings. On our main page simpleshow.com we inform you about our platform, formats, fields of application and use cases of animated explainer videos. After creating a user account, you will have access to our applications, which you can use to create content yourself or with our help.

1. General information on the processing of personal data

1.1 In the following, we provide information about the processing of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior. In doing so, we would like to inform you about our processing procedures and at the same time comply with legal obligations, in particular those arising from the EU General Data Protection Regulation (GDPR) and other applicable laws in other jurisdictions, including but not limited to the California Privacy Protection Act (CCPA) in the United States. If you are a California resident please see the section entitled “Information for California Residents” below,
1.2 The controller pursuant to Art. 4 (7) GDPR is simpleshow GmbH, Am Karlsbad 16, 10785 Berlin, info@simpleshow.com (see also our legal notice).
1.3 You can contact our data protection officer at datenschutz@simpleshow.com or at our postal address with the addition “the data protection officer”.
1.4 For the processing operations we carry out, we indicate below how long we store the data and when it is deleted or blocked. Unless an explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies. Your data will only be stored on our servers in Germany, subject to any disclosure in accordance with the provisions in section. 1.7 and para. 1.8. However, data may be stored beyond the specified period in the event of an (impending) legal dispute with you or other legal proceedings or if storage is provided for by statutory provisions to which we are subject as the controller (e.g. Section 257 HGB, Section 147 AO). If the storage period prescribed by the statutory provisions expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for this.
1.5 We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties (e.g. TSL encryption for our website), taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including its probability and impact) for the data subject. Our security measures are continuously improved in line with technological developments. We will be happy to provide you with more detailed information on request. Please contact our data protection officer (see section 1.3).
1.6 As with any company, we also use external domestic and foreign service providers to process our business transactions (e.g. for IT, logistics, telecommunications, sales and marketing). These service providers only act in accordance with our instructions and are contractually obliged to comply with data protection regulations within the meaning of Art. 28 GDPR.
1.7 If your personal data is passed on by us to our group companies or is passed on to us by our group companies (e.g. for advertising purposes), this is done on the basis of existing order processing relationships.
1.8 As part of our business relationships, your personal data may be passed on or disclosed to third-party companies. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Unless otherwise stated in this data protection notice, such processing takes place exclusively for the fulfillment of contractual and business obligations and to maintain your business relationship with us (legal basis is Art. 6 para. 1 lit. b or lit. f in each case in conjunction with. Art. 44 et seq. GDPR). We will inform you about the respective details of the transfer at the relevant points below. The European Commission certifies that some third countries have data protection standards comparable to the EEA standard by means of so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. If this is the case, we ensure that data protection is adequately guaranteed. This is possible via binding corporate rules, standard contractual clauses of the European Commission for the protection of personal data pursuant to Art. 46 para. 1, 2 lit. c GDPR (the standard contractual clauses of 2021 are available at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32021D0915&locale-en), certificates or recognized codes of conduct. Please contact our data protection officer (see under para. 1.3) if you would like more information on this.
1.9 We do not intend to use personal data collected from you for automated decision-making (including profiling).
1.10 We do not make the conclusion of contracts with us dependent on you providing us with personal data beforehand. As a customer, you are under no legal or contractual obligation to provide us with your personal data; however, we may only be able to provide certain services to a limited extent or not at all if you do not provide the necessary data. If this should exceptionally be the case within the scope of the services offered by us as presented below, you will be informed of this separately.
1.11 We may be subject to a special legal or statutory obligation to provide the lawfully processed personal data to third parties, in particular public authorities (Art. 6 para. 1 sentence 1 lit. c GDPR).
1.12 Unless otherwise specified below for individual data processing activities, the following applies to the duration of the storage of your personal data: We delete your personal data as soon as the purpose of storage no longer applies. We may also store your data if this has been provided for by the European or national legislator in EU regulations, national laws or other regulations to which we are subject. Exceptions to the principle of deletion after the purpose has been achieved may result, for example, from the provisions of the GDPR and the provisions of German federal law, in particular the BDSG. Deletion will still not take place, for example, as long as there are retention obligations under commercial, tax and professional law. Longer storage may also be necessary in individual cases due to the assertion or possible assertion of claims against us in connection with a contract or pre-contractual measures. This would be the case, for example, if there are indications that you will assert claims against us. The same applies if, in individual cases, an assertion of claims by us takes place, is intended or comes into consideration due to specific circumstances. The data will then be stored for as long as the processing of the data is necessary for the assertion, exercise or defense of legal claims plus the duration of any existing statutory retention obligation. If a statutory retention obligation prevents deletion, your data will initially be stored by us in such a way that it can only be processed by a restricted group of people and will only be deleted after the retention obligation has ended.

2. Your rights

2.1 You can exercise your rights as a data subject with regard to your processed personal data by contacting us using the contact details provided at the beginning of Section 1. 1.2 above at any time. As the data subject, you have the right to:
  • to request information about your data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
    • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect data or the completion of your data stored by us;
    • in accordance with Art. 17 GDPR, to demand the deletion of your data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
    • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your data if the accuracy of the data is disputed by you or the processing is unlawful;
    • in accordance with Art. 20 GDPR, to receive your data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller (“data portability”);
    • pursuant to Art. 21 GDPR to object to the processing if the processing is based on Art. 6 para. 1 sentence 1 lit. e or lit. f GDPR. This is particularly the case if the processing is not necessary for the performance of a contract with you. If it is not an objection to direct advertising, we ask you to explain the reasons why we should not process your data as we have done when exercising such an objection. In the event of your justified objection, we will examine the situation and either discontinue or adapt the data processing or point out to you our compelling reasons worthy of protection on the basis of which we will continue the processing;
    • in accordance with Art. 7 (3) GDPR, to withdraw your consent once given – i.e. your voluntary, informed and unequivocal expression of your consent to the processing of the personal data concerned for one or more specific purposes by means of a statement or other unequivocal affirmative act – at any time, if you have given such consent. The consequence of this is that we may no longer continue the data processing based on this consent in the future and
    • in accordance with Art. 77 GDPR, to complain to a data protection supervisory authority about the processing of your personal data in our company, for example to the data protection supervisory authority responsible for us: Berlin Commissioner for Data Protection and Freedom of Information, Alt-Moabit 5961, 10555 Berlin, phone: +49 30 13889-0, fax: +49 30 2155050, email: mailbox@datenschutz-berlin.de.

    3. Processing of personal data when visiting our website

    3.1 Informational use

    3.1.1 When using the website for information purposes, i.e. simply viewing it without registering and without providing us with any other information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security and must therefore be processed by us. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR:
    • IP address
    • Date and time of the request
    • Time zone difference to Greenwich Mean Time (GMT)
    • Content of the request (page visited)
    • Access status/HTTP status code
    • Amount of data transferred in each case
    • Previously visited page
    • Browser
    • Operating system
    • Language and version of the browser software.
    3.1.2 The aforementioned data is stored for the duration of the display of the website and, for technical reasons, for a maximum of 7 days. For the rest, para. 1.12.

    3.2 Processing of data from your end devices ("Cookie Policy")

    3.2.1 In addition to the above-mentioned data, we use technical aids for various functions when you use our website, in particular cookies, which can be stored on your end device. When you access our website and at any time thereafter, you have the choice of whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. In the following, we first describe cookies from a technical perspective (see section 3.2.2), before we go into more detail about your individual choices by describing technically necessary cookies (see section 3.2.3) and cookies that you can voluntarily select or deselect (see section 3.2.4).
    3.2.2 Cookies are text files or information in a database that are stored on your hard disk and assigned to the browser you are using so that certain information can flow to the location that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer, but are primarily used to make the website faster and more user-friendly. This website uses the following types of cookies, whose function and legal basis are explained below:
    • Transient cookies: Such cookies, especially session cookies, are automatically deleted when the browser is closed or by logging out. They contain a so-called session ID. This allows various requests from your browser to be assigned to the shared session and your computer can be recognized when you return to our website.
    • Persistent cookies: These are automatically deleted after a specified period, which varies depending on the cookie. You can view the cookies set and the duration at any time in your browser settings and delete the cookies manually.
    3.2.3 Mandatory functions that are technically necessary to display the website: The technical structure of the website requires us to use technologies, in particular cookies. Without these technologies, our website cannot be displayed (completely correctly) or the support functions could not be enabled. These are basically transient cookies that are deleted at the end of your visit to the website, at the latest when you close your browser. You cannot deselect these cookies if you wish to use our website. The individual cookies can be seen in the Consent Manager. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR, § 25 para. 2 no. 2 TTDSG.
    3.2.4 Optional cookies if you give your consent: We only set various cookies with your consent, which you can select on your first visit to our website via the so-called cookie consent tool. The functions are only activated if you give your consent and can be used in particular to enable us to analyze and improve visits to our website, to make it easier for you to use different browsers or end devices, to recognize you when you visit us again or to place advertising (possibly also to tailor advertising to your interests, measure the effectiveness of advertisements or show interest-based advertising). The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with. § 25 para. 1 TTDSG. You can withdraw your consent at any time without this affecting the lawfulness of processing up to the time of withdrawal.
    3.2.5 We provide information on the respective services for which we use cookies in the individual processing operations below. Detailed information on the cookies used and detailed selection options can be found in the cookie settings.

    3.3 Amazon Web Services (AWS)

    3.3.1 We use the products and services of Amazon Web Services Germany GmbH, Krausenstraße 38, 10117 Berlin, Germany (“AWS”), which processes our data on our behalf in accordance with Art. 28 GDPR, to host and distribute the website content. Hosting takes place exclusively in AWS data centers in the European Union.
    3.3.2 We use the products and services of Amazon Web Services Germany GmbH, Krausenstraße 38, 10117 Berlin, Germany (“AWS”), which processes our data on our behalf in accordance with Art. 28 GDPR, to host and distribute the website content. Hosting takes place exclusively in AWS data centers in the European Union.
    3.3.3 Unless otherwise stated in this data protection notice, the data will be deleted as soon as the intended purpose has been fulfilled and there are no contractual, official or statutory retention regulations. Otherwise, para. 1.12.

    3.4 Google Analytics

    3.4.1 This website uses Google Analytics, a web tracking service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The purpose of our use of this tool is to enable us to analyze your user interactions on websites and in apps and to use the statistics and reports obtained to improve our offering and make it more interesting for you as a user.
    3.4.2 We primarily record the interactions between you as a user of the website and our website using cookies, device/browser data, IP addresses and website or app activities. In Google Analytics, your IP addresses are also recorded to ensure the security of the service and to provide us as the website operator with information about the country, region or location from which the respective user comes (so-called “IP location determination”). For your protection, however, we naturally use the anonymization function (“IP masking”), i.e. Google truncates the IP addresses by the last octet within the EU/EEA.
    3.4.3 Google acts as a processor and we have concluded a corresponding contract with Google. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. For these cases, Google has, according to its own information, imposed a standard that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws when transferring data internationally. We have also agreed so-called standard contractual clauses with Google, the purpose of which is to maintain an appropriate level of data protection in the third country.
    3.4.4 The legal basis for the collection and further processing of the information (which takes place for a maximum of 14 months) is your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). You can withdraw your consent at any time without this affecting the lawfulness of processing up to the point of withdrawal. In apps, you can reset the advertising ID in the Android or iOS settings. The easiest way to revoke your consent is via our Consent Manager or by installing the Google browser add-on, which can be accessed via the following link: tools.google.com/dlpage/gaoptout?hl=en/.
    3.4.5 You can find more information on the scope of services provided by Google Analytics at marketingplatform.google.com/about/analytics/terms/en/. Google provides information on data processing when using Google Analytics at the following link: support.google.com/analytics/answer/6004245?hl=en/. General information on data processing, which according to Google should also apply to Google Analytics, can be found in Google’s privacy policy at www.google.de/intl/de/policies/privacy/.

    3.5 Google Ads

    3.5.1 We use Google Ads to draw attention to our offers with the help of advertisements. If you access our website via a Google ad, Google Ads will store a cookie on your device. The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent.
    3.5.2 The advertising material is delivered by Google via so-called “ad servers”. For this purpose, we and other websites use so-called ad server cookies, through which certain parameters for measuring success, such as the display of ads or clicks by users, can be measured. We can obtain information about the success of our advertising campaigns via the Google Ads cookies stored on our website. These cookies are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that a user no longer wishes to be addressed) are usually stored as analysis values for this cookie.
    3.5.3 The cookies set by Google enable Google to recognize your Internet browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Ads customer so that the cookies cannot be tracked via the websites of other Ads customers. By integrating Google Ads, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out your IP address and store it.
    3.5.4 Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We ourselves do not independently collect personal data in the aforementioned advertising measures, but only provide Google with the opportunity to collect the data. We only receive statistical evaluations from Google, which provide information on which advertisements were clicked on how often and at what prices. We do not receive any further data from the use of the advertising material; in particular, we cannot identify users on the basis of this information.
    3.5.5 You can withdraw your consent at any time without this affecting the permissibility of processing up to the time of withdrawal. The easiest way to revoke your consent is via our Consent Manager or via the following functions: a) by setting your browser software accordingly, in particular by suppressing third-party cookies so that you do not receive any ads from third-party providers; b) by setting your browser to block cookies from the domain “www.googleadservices.com”, www.google.de/settings/ads, whereby this setting will be deleted when you delete your cookies; c) by deactivating the interest-based ads of the providers that are part of the “About Ads” self-regulation campaign via the link www.aboutads.info/choices, whereby this setting will be deleted when you delete your cookies; d) by permanently deactivating them in your Firefox, Internet Explorer or Google Chrome browsers under the link www.google.com/settings/ads/plugin. We would like to point out that in this case you may not be able to use all functions of this website to their full extent.
    3.5.6 The data will be deleted as soon as it is no longer required for the purpose for which it was collected. Deletion takes place after 24 months at the latest. Otherwise, para. 1.12.
    3.5.7 Further information on data protection at Google can be found here: www.google.com/intl/de/policies/privacy and services.google.com/sitestats/en.html.

    3.6 Google Conversion Tracking

    3.6.1 We use Google Ads (see sec. 3.5) with the additional application “Google Conversion Tracking”. This is a procedure with which we can check the success of our advertising campaigns. For this purpose, the advertisements are provided with a technical provision, e.g. an ID, with which we can determine how a user interacts after clicking on the advertisements and whether one of our services is actually used. This provides us with statistical information about the total number of readers of our advertisements, which advertisements are particularly popular and, if applicable, further information about the consequences of the advertisement.
    3.6.2 The legal basis for the processing of your data in this respect is also Art. 6 para. 1 sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent. You can prevent or stop using the conversion tracking function in the same way as described above for Google Ads (see section 3.5.5).

    3.7 Google Remarketing

    3.7.1 We use Google Ads (see sec. 3.5) with the additional application “Google Remarketing”. This process enables us to create advertisements based on existing information about you and to address you again when you continue to use the Internet. This is done by means of cookies set when you visit our website (usually through cookies), which are used by Google to record and pseudonymize your usage behavior when you visit various websites. According to Google’s own statements, the data collected as part of remarketing is not merged with your personal data, which may be stored by Google.
    3.7.2 The legal basis for the processing of your data in this respect is also Art. 6 para. 1 sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent. You can prevent or stop using the remarketing function in the same way as described above for Google Ads (see section 3.5.5).
    3.7.3 The cookies set by this website in this context are stored for up to 180 days. For the rest, para. 1.12.

    3.8 Google Tag Manager

    3.8.1 This website uses Google Tag Manager. Google Tag Manager is a service provided by Google and enables us to manage website tags via an interface. The tool itself (which implements the tags) is a cookie-less domain and does not store any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.
    3.8.2 The service is used in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR on the basis of our legitimate interest in improving our offer.

    3.9 Google reCAPTCHA

    3.9.1 We have integrated Google reCAPTCHA components on our website. Google reCAPTCHA is a service provided by Google and enables us to distinguish whether a contact request comes from a natural person or is automated by means of a program. When you access this content, you establish a connection to Google’s servers. Your IP address and other data that Google requires for its reCAPTCHA service may be processed in the process. As a rule, IP addresses are truncated before they are stored. If you are not logged in with your Google account, the IP address will not be combined with other Google data. Google reCAPTCHA also records, among other things, the duration of the user’s visit and mouse movements in order to distinguish automated requests from human ones. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google reCAPTCHA. The data is not used for personalized advertising.
    3.9.2 The use of the service and the associated data processing is based on our legitimate interest in preventing misuse and spam in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
    3.9.3 The specific storage period of the processed data cannot be influenced by us, but is determined by Google. Further information about Google reCAPTCHA and Google’s privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

    3.10 Intercom

    3.10.1 We have integrated the technical support tool Intercom from Intercom, Inc. (INTERCOM, INC., 55 2nd St, 4th Fl., San Francisco, CA 94105 USA) on our websites. We use Intercom to analyze and evaluate website usage. In addition, Intercom is a communication platform via which we provide you with a chat. This gives you the opportunity to contact us if you have any questions and we can provide you with targeted assistance in a timely manner. Your personal data (in particular browser type/version, operating system used, time of server entry, first name, surname and e-mail address) is collected in this context and transmitted securely to Intercom using SSL encryption.
    3.10.2 Intercom is used in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR on the basis of our legitimate interests, i.e. interest in optimizing our online offer.
    3.10.3 The data will be deleted as soon as the purpose of the survey has been fulfilled. Intercom automatically deletes the data after two years at the latest. Otherwise, para. 1.12.
    3.10.4 Further information can be found in Intercom’s privacy policy at: https://www.intercom.com/legal/privacy

    3.11 AWIN

    3.11.1 We participate in the performance advertising network of AWIN AG, Eichhornstraße 3, 10785 Berlin, Germany (hereinafter “AWIN”). As part of its tracking services, AWIN stores cookies on the end devices of users who visit or use websites or other online offers of its customers (e.g. register for a newsletter or place an order in an online store) in order to document transactions (e.g. leads and sales).
    3.11.2 The cookies serve the sole purpose of correctly allocating the success of an advertising medium and the corresponding billing within its network. Personal data is not collected or otherwise processed by AWIN. Only the information about when a specific advertising medium was clicked on by an end device is placed in a cookie. In the AWIN tracking cookies, an individual sequence of digits is stored, which cannot be assigned to the individual user, with which the partner program of an advertiser, the publisher and the time of the user’s action (click or view) are documented. AWIN also collects information about the end device from which a transaction is carried out, e.g. the operating system and the calling browser. The storage of “AWIN cookies” takes place on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. The website operator has a legitimate interest in this, as the amount of its affiliate remuneration can only be determined through the cookies.
    3.11.3 If you do not delete your cookies, AWIN cookies are generally stored for a period of 11 months. Otherwise, para. 1.12.
    3.11.4 Further information on AWIN’s data processing can be found at: https://www.awin.com/us/privacy

    3.12 Matelso

    3.12.1 We have integrated components from Matelso on our website. This is a telephone tracking service provided by Matelso GmbH, Heilbronner Str. 150, 70191 Stuttgart, Germany. Matelso integrates – as a contractor – telephone numbers on our website that enable us to anonymously trace calls from our website visitors to transaction data. The data includes in particular the anonymized telephone number of the caller (if transmitted, the last three digits of the telephone number are replaced by an “X”), the telephone number called, the date, the time and the duration of the call. As part of telephone tracking, this personal data is transmitted to Matelso servers. As part of an “integration”, the information is transferred back to our web analysis tool Google Analytics. Google Analytics is thus informed which cookie ID triggered a call. Essentially, the call duration, call status (accepted or missed) and time of the call are transmitted.
    3.12.2 You can prevent the collection and forwarding of the aforementioned personal data and the processing of this data by suppressing your telephone number before making a call or by calling from an anonymous telephone number.
    3.12.3 Your data will be processed by your call for the purpose of communicating and processing your request and optimizing our online offer on the basis of your consent pursuant to Art. 6 para. 1 sentence 1 lit. a DS-GVO. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. The easiest way to withdraw your consent is via our Consent Manager.
    3.12.4 The above-mentioned data is stored directly by Matelso in anonymized form, i.e. no personal data is stored.
    3.12.5 Further information on data protection when using Matelso can be found at: https://www.matelso.com/en/privacy-policy/

    3.13 Thrive Leads

    3.13.1 This website uses Thrive Leads. Thrive Leads is a WordPress plug-in from Thrive Themes Whitesquare GmbH, Beckengaesschen 1, 8200 Schaffhausen Switzerland. As part of Thrive Leads Builder, we create individual registration forms and use conversion tracking. This cookie is only set if you fill out one of the forms.
    3.13.2 Thrive Leads is used on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. The easiest way to withdraw your consent is via our Consent Manager.
    3.13.3 Thrive Themes does not process any data according to its own information, the lifetime of the cookie is one month. We store your data until you withdraw your consent. Otherwise, para. 1.12.
    3.13.4 You can find more information about Thrive Themes here: https://thrivethemes.com/privacy-policy/

    3.14 Advertising with Facebook

    3.14.1 Furthermore, the website uses advertising measures of Facebook Inc (“Facebook”). By integrating the so-called “Facebook Pixel” on our website, we can display our advertising measures (“Facebook Ads”) to users of our website and the social network Facebook and measure and evaluate their success (“Conversion Tracking”). This connection between Facebook and our website takes place technically via the “Facebook Pixel”. The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent.
    3.14.2 Due to the marketing tools used, your browser automatically establishes a direct connection with the Facebook server when you visit our website. We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore present you with the processes known to us: By integrating the Facebook pixel, Facebook receives the information that you have accessed the corresponding website of our Internet presence or have clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider will find out your IP address and other identifying features and use them to create a profile.
    3.14.3 The information collected is stored on Facebook servers, including in the USA. In these cases, the provider has, according to its own information, imposed a standard that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws when transferring data internationally. We have also agreed so-called standard data protection clauses with Facebook, the purpose of which is to maintain an appropriate level of data protection in the third country.
    3.14.4 You can withdraw your consent at any time without affecting the lawfulness of the processing up to the time of withdrawal. The easiest way to withdraw your consent is via our Consent Manager. In addition, (only logged-in users) can object via the provider’s function at the following link: www.facebook.com/settings/?tab=ads#_.
    3.14.5 Further information on data processing by Facebook can be found at Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Privacy Policy: www.facebook.com/about/privacy.
    3.14.6 We also use the remarketing function “Custom Audiences”, which also uses the Facebook pixel and displays interest-based advertisements when you visit our website or other websites that have also integrated the Facebook pixel. This allows us to show you advertisements that are of interest to you in order to make our website more interesting for you and to market our offer.

    4. Integration of videos

    4.1 YouTube

    4.1.1 We have integrated YouTube videos into our online offering, which are stored on YouTube.com and can be played directly from our website. These are all integrated in the ” extended data protection mode “, i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data described in para. 4.1.2 are transmitted. We have no influence on this data transfer. The legal basis for the display of the videos is Art. 6 para. 1 sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent.
    4.1.2 When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the above-mentioned basic data such as IP address and timestamp are transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.
    4.1.3 The information collected is stored on Google servers, including in the USA. In these cases, the provider has, according to its own information, imposed a standard that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws when transferring data internationally. We have also agreed so-called standard data protection clauses with Google, the purpose of which is to maintain an appropriate level of data protection in the third country.
    4.1.4 Further information on the purpose and scope of data collection and its processing by YouTube can be found in the provider’s privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://policies.google.com/privacy.

    4.2 Video upload to YouTube

    4.2.1 In the simpleshow video maker there is an upload option for videos to YouTube, which is located on the video page of each rendered video. The simpleshow video maker uses YouTube API services for this. The following data about your YouTube account is stored in simpleshow video maker when you use the upload function: Access token, refresh token and the name of your YouTube channel. This data is required so that no manual login to YouTube is required for further uploads to YouTube. simpleshow does not make the stored data relating to your YouTube account available to third parties. You can prevent the transfer of data to YouTube and the saving of data from your YouTube account in simpleshow video maker by not using the upload function or by not linking your YouTube account to simpleshow video maker.
    4.2.2 The legal basis is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. If the processing is carried out to fulfill a contract to which you are a party or to carry out pre-contractual measures, the legal basis is also Art. 6 para. 1 sentence 1 lit. b GDPR.
    4.2.3 Information on the processing of personal data by Google can be found https://policies.google.com/privacy. You can find YouTube’s terms of use at https://www.youtube.com/t/terms. You can revoke the link between your YouTube account and the simpleshow video maker at https://security.google.com/settings/security/permissions. Alternatively, you can remove the link to your YouTube account via your account settings under the menu item Social media integration in the YouTube publishing channel by clicking the “Disconnect” button.

    4.3 Wistia

    4.3.1 We have integrated videos from Wistia on our website. Wistia is operated by Wistia, Inc, 17 Tudor Street, Cambridge, Massachusetts, 02139 USA. Wistia is a service for hosting and integrating videos into websites. We use the Wistia Video Player to display and play videos. We use videos to provide information and entertainment for our visitors. Wistia collects data about video usage by the user, such as the size of the video view, when it was paused, rewound or skipped, how many videos were viewed and how often they were viewed. Wisita uses cookies for user identification. Other logged data includes IP address, device class (“desktop”, “mobile”), operating system, browser, embed URL (page on which the video is played), internet provider, location, region and country, session start time (date and time of the first video view per video). If you are logged in as a member of Wistia, Wistia assigns this information to your personal user account on this platform. You can prevent such an assignment by logging out of your user account before visiting our website.
    4.3.2 The legal basis for the display of the videos is Art. 6 para. 1 sentence 1 lit. f GDPR in conjunction with. § 25 para. 2 no. 2 TTDSG; our legitimate interest lies in enabling the playback of multimedia content. Insofar as data processing is not absolutely necessary to display the videos, the legal basis is also your consent Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with § Section 25 (1) sentence 1 TTDSG, i.e. the integration only takes place with your consent. You can withdraw your consent at any time without affecting the permissibility of the processing up to the time of withdrawal. The easiest way to withdraw your consent is via our Consent Manager.
    4.3.3 The specific storage period of the processed data cannot be influenced by us, but is determined by Wistia Inc.
    4.3.4 Further information on data protection and the technologies used can be found on the Wistia website at: https://wistia.com/privacy.

    4.4 Vimeo

    4.4.1 We have integrated Vimeo videos into our online offering, which are stored on vimeo.com and can be played directly from our website. Vimeo is a service provided by Vimeo Inc, 555 West 18th Street New York, New York 10011, USA. The legal basis for the display of the videos is Art. 6 para. 1 sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent.
    4.4.2 When you visit the website, Vimeo receives the information that you have accessed the corresponding subpage of our website. In addition, the above-mentioned basic data such as IP address and time stamp are transmitted. This occurs regardless of whether Vimeo provides a user account through which you are logged in or whether no user account exists. If you are logged in to Vimeo, your data will be assigned directly to your account. If you do not wish your data to be associated with your Vimeo profile, you must log out before activating the button. Vimeo stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Vimeo to exercise this right.
    4.4.3 The information collected is stored on Vimeo servers, including in the USA. In these cases, the provider has, according to its own information, imposed a standard that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws when transferring data internationally. We have also agreed so-called standard data protection clauses with Vimeo, the purpose of which is to maintain an appropriate level of data protection in the third country.
    4.4.4 Further information on the purpose and scope of data collection and its processing by Vimeo can be found in the provider’s privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://vimeo.com/privacy.

    5. Further functions and offers

    In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do so, you must generally provide additional personal data that we use to provide the respective service and for which the aforementioned data processing principles apply.

    5.1 Creation of a user account

    5.1.1 Registration and creation of a user account is required to use some of our services. You can register using your e-mail address and a password. Which personal data we process can be seen from the respective input mask that we use for registration. Mandatory information required for the registration process is marked separately; other information is voluntary.
    5.1.2 We process the data you provide to process our services and to give you access to our video maker. The legal basis is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. If your data is processed for the performance of a contract to which you are a party or for the implementation of pre-contractual measures, the legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR. In addition, the legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR on the basis of our legitimate interests in requiring registration for some of our services. There is no legal or contractual obligation to provide your data, but it is not possible to use our services without disclosing your data.
    5.1.3 We store your personal data until you withdraw your consent or until the purpose for which it was stored ceases to apply for other reasons. Otherwise, para. 1.12.

    5.2 Social sign-in buttons

    5.2.1 We have integrated the buttons “Log in with Facebook”, “Log in with Google” and “Log in with Microsoft” on our website. With these functions, we enable you to log in easily via your social network login. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent.
    5.2.2 The plug-in provider stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be assigned directly to your existing account with the plug-in provider and information will be exchanged that also enables you to log in with us.
    5.2.3 The information collected is stored on the provider’s servers, in the case of international providers also outside Europe. For these cases, the provider has, according to its own information, imposed a standard that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws when transferring data internationally. We have also agreed so-called standard data protection clauses with the providers, the purpose of which is to maintain an appropriate level of data protection in the third country.
    5.2.4 You can withdraw your consent at any time without this affecting the lawfulness of processing up to the time of withdrawal. The easiest way to withdraw your consent is via our Consent Manager or via the functions of the social media providers.
    5.2.5 Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy. Addresses of the respective plug-in providers and URL of the respective data protection notices:
  • Facebook Single-Sign-On: Authentication service; Provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.facebook.com; Privacy Policy: https://www.facebook.com/about/privacy; Opt-Out: https://www.facebook.com/adpreferences/ad_settings (Facebook login required).
  • 5.3 ElevenLabs

    5.3.1 You can use the “imitate voice” function on our website to automatically create a voice recording in your voice color. This is a service provided by ElevenLabs Inc, 576 Vanderbilt Avenue Apartment 4, Brooklyn, NY 11238, USA. You can use an integrated API to create a language profile with which voiceover audio tracks are created for your videos in all available languages. If you do not use this function, no data will be transmitted to the provider.
    5.3.2 Your data is processed by using this function for the purpose of creating voice recordings using generative artificial intelligence. There is no legal or contractual obligation to provide your data, but the creation of the synthetic voice recording is not possible without your consent at the appropriate point in the creation process. The legal basis is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future.
    5.3.3 We would like to point out that this function may only be used if the basic voice recording originates from the respective user himself or if the user has demonstrably obtained the express and effective consent of the speaker.
    5.3.4 Your voice profile will be deleted from the provider immediately after the requested voice recordings have been created. Each time the function is used again, a new voice profile is generated based on the sample file you have stored with us.
    5.3.5 Information on the processing of personal data by ElevenLabs can be found here https://elevenlabs.io/privacy. You can find ElevenLabs’ terms of use here: https://elevenlabs.io/terms.

    5.4 OpenAI

    5.4.1 When using the functionality offered on our website to create explanatory videos yourself (prerequisite: creation of a user account, see para. 5.1), there is the option of selecting the story generator function instead of a self-written text as the basis for the video. The selection screen for this appears as soon as users start a new project and have selected a project title and a project language. When using the “Generate your story with AI” option, so-called large language models, which are classified as generative artificial intelligence, are used to create the explanatory video script. We systematically ensure that this technology is used in a responsible manner and meets the highest standards of output quality and data security.
    5.4.2 We access the services of Open AI, a company engaged in research into artificial intelligence, via an API (Application Programming Interface) intended for professional use: OpenAI, LLC, 3180 18th St., San Francisco, CA 94110, USA.
    5.4.3 Information entered by the user in the simpleshow interface is transmitted once to Open AI for the purpose of text generation. Open AI’s data protection policy applies, available at https://openai.com/policies/api-data-usage-policies. The key points are: 1) content entered will not be used to train or improve the data model under any circumstances, 2) content entered will be retained for 30 days for abuse monitoring purposes and then deleted. By design, the API does not allow personal data to be transmitted.

    5.5 Salesforce Sales Cloud

    5.5.1 If you use our professional services or our Enterprise offering, we manage all the necessary customer and contract data via our CRM system. We use Salesforce Sales Cloud for this purpose. The provider is salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich (hereinafter “Salesforce”). The data includes your first and last name, email address, telephone number and, if necessary, billing address and company affiliation.
    5.5.2 Among other things, Salesforce Sales Cloud enables us to manage existing and potential customers and customer contacts and to organize sales and communication processes. Using the CRM system also enables us to analyze our customer-related processes. Customer data is stored on the Salesforce servers. Personal data may also be transmitted to the parent company of salesforce.com Germany GmbH, salesforce.com inc, Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA. The use of Salesforce Sales Cloud is based on Art. 6 para. 1 sentence 1 lit. f GDPR. We have a legitimate interest in the most efficient customer management and customer communication possible. If a corresponding consent has been given, the processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. a GDPR; the consent can be revoked at any time with effect for the future. If your data is processed to fulfill a contract to which you are a party or to carry out pre-contractual measures, the legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR. Salesforce only uses user data for the technical processing of requests and does not pass it on to third parties.
    5.5.3 We store your data until you revoke your consent or the purpose of storage no longer applies. Otherwise, para. 1.12.
    5.5.4 Further information can be found in Salesforce’s privacy policy: https://www.salesforce.com/company/privacy/.

    5.6 Twilio

    5.6.1 We use the Twilio communication platform from the provider Twilio Ireland Limited 25-28 North Wall Quay, Dublin 1, Ireland. Twilio offers the possibility to chat and exchange documents with the simpleshow team on a project-related basis in our service portal. This service portal is only available to business customers as part of our range of professional creative services.
    5.6.2 If your data is processed to fulfill a contract to which you are a party or to carry out pre-contractual measures, the legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR. In addition, Twilio is used in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR on the basis of our legitimate interests in being able to offer you a chat function.
    5.6.3 In the case of data processing by Twilio, personal data may also be transferred to the USA. If this transfer is to companies of the Twilio Group, the legal basis is based on binding internal data protection regulations (Binding Corporate Rules, BCR) in accordance with Art. 47 GDPR. Details can be found at n here: https://www.twilio.com/legal/bcr/processor#twilios-binding-corporate-rules-processor-policy. For data transfers to companies that are not subject to the Binding Corporate Rules, we base the data transfer on the standard contractual clauses, which we have concluded together with an order processing contract. Details can be found at here: https://www.twilio.com/legal/data-protection-addendum. General provisions on data protection at Twilio can be viewed here: https://www.twilio.com/legal/privacy.

    5.7 Contact form

    5.7.1 On our website, we offer you the opportunity to contact us via using the forms. The information collected via mandatory fields is required to process the request. You can also voluntarily provide additional information that you believe is necessary to process the contact request. When using the contact form, your personal data will not be passed on to third parties.
    5.7.2 The processing of your data by using our contact form is carried out for the purpose of communication and processing your request on the basis of your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, insofar as you have given such consent. If your data is processed to fulfill a contract to which you are a party or to carry out pre-contractual measures, the legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing the information in the mandatory fields. If you do not wish to provide this data, please contact us by other means.
    5.7.3 If you use the contact form on the basis of your consent, we will store the data collected for each inquiry for a period of three years, starting with the completion of your inquiry or until you withdraw your consent. Otherwise, we store the data until the purpose for which it was stored no longer applies. Otherwise, para. 1.12.

    6. Online store

    6.1 Subscriptions, orders, contracts

    6.1.1 If you would like to purchase paid subscriptions for additional functions on of our website or conclude contracts via our website, it is necessary for the conclusion of the contract that you provide your personal data, which we require for the purpose of processing your order. Mandatory information required for the processing of contracts is marked separately, other information is voluntary. For payment purposes, you can enter your payment details with our payment service provider (see section 6.2) or we can forward your payment data to our house bank, whereby these third parties are independently responsible for payment processing. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b GDPR.
    6.1.2 We may also process the data you provide in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information.
    6.1.3 To prevent unauthorized access to your personal data by third parties, the order process is encrypted using TLS technology.

    6.2 Payment data

    6.2.1 We use the company BS PayOne GmbH, Lyoner Straße 9, 60528 Frankfurt/Main, Germany, to process payments via our website for all payment methods. BS PayOne is therefore the recipient of your personal data collected in connection with the payment process.
    6.2.2 Your data will only be passed on for the purpose of payment processing with the payment service provider BS PayOne and only to the extent that it is necessary for this purpose. The legal basis for the involvement of BS PayOne is contract processing in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.
    6.2.3 BS PAYONE is obliged to handle the information in accordance with data protection laws. You can view the data protection provisions of PAYONE GmbH at https://www.payone.com/DE-en/data-protection-regulations.

    6.3 Storage duration

    Due to commercial and tax law requirements, we are obliged to store your address, payment and order data for a period of ten years. However, we restrict processing after three years, i.e. from this point on, your data will only be used to comply with legal obligations. For the rest, para. 1.12.

    7. Data processing in relation to applications

    In the event that you apply to us as an employee, trainee, intern or for another contractual relationship, we would like to provide you with the following additional information. On our website, we also offer you the opportunity to submit an application to us using a form provided. The information that is collected via mandatory fields is required in order to process the request. You can also voluntarily provide additional information that you consider necessary. You are not obliged to provide us with personal data in order to carry out the application process. However, we cannot carry out the application process without the information required to assess your suitability, to check the requirements for lawful employment and your availability and to contact you.

    7.1 Decision on a contractual relationship

    7.1.1 Your personal data will be collected and processed by us for the purpose of deciding on the establishment of a contractual relationship for which you are applying (employment relationship, training relationship, internship relationship or other contractual relationship).
    7.1.2 The legal basis for the processing is the GDPR in conjunction with Section 26 BDSG. If the contractual relationship for which you are applying is not an employment relationship within the meaning of Section 26 (8) BDSG (i.e. in particular not an employment relationship or employment for vocational training), the legal basis for the processing of your personal data is Art. 6 (1) sentence 1 lit. b GDPR. Personal data may also be processed on the basis of other legal provisions, in particular labor law, vocational training law and social law in their respective versions. Insofar as the processing of personal data is necessary to fulfill a legal obligation to which the controller is subject, it is based on Art. 6 para. 1 sentence 1 lit. c GDPR. If you give us your consent to the processing of your personal data, the legal basis for data processing is Art. 6 para. 1 sentence 1 lit. a GDPR.
    7.1.3 Personal data that is processed for the purpose of deciding on the establishment of a contractual relationship is generally deleted when the processing is no longer necessary for the decision on the establishment of a contractual relationship. In this respect, the duration of storage depends on the duration of the decision-making process.

    If you have sent us an unsolicited application – i.e. an application that does not relate to a specific position advertised by us – we will also process your personal data in order to decide on the establishment of a contractual relationship. The above statements apply accordingly, whereby we will generally delete your data if, in our opinion, it is not foreseeable that your personal data could be used to decide on the establishment of a contractual relationship.

    If the processing of your personal data is based on consent, the storage period resulting from the declaration of consent and the possible exercise of your right of revocation are generally the decisive criteria for the storage period, whereby the revocation does not affect the processing based on other legal bases. In all other respects, para. 1.12.

    7.2 Any processing for the assertion, exercise or defense of legal claims in connection with applications

    7.2.1 Under certain circumstances, your personal data may be used for the establishment, exercise or defense of legal claims if you or the controller to whom you have submitted the application has or is asserting legal claims.
    7.2.2 The legal basis in these cases is Art. 6 para. 1 sentence 1 lit. f GDPR. Accordingly, the processing of personal data is lawful if the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by your interests and rights which require the exclusion of processing by the controller or by a third party. The legitimate interests of the controller or third party then lie in the assertion, exercise or defense of legal claims.
    7.2.3 In individual cases, this may result in a storage period that extends beyond the decision on the establishment of a contractual relationship. This would be the case, for example, if there are indications that you will assert claims against the controller. The data will then be stored for as long as the processing of the data is necessary for the establishment, exercise or defense of legal claims. The criteria for the storage period may include the periods under the General Equal Treatment Act and the Labor Court Act (Section 15 (4) sentence 1 AGG; Section 61b ArbGG) as well as limitation periods or statutory retention periods.

    Data may also be stored if this is provided for or prescribed by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. Otherwise, para. 1.12.

    8. Newsletter

    8.1 You can subscribe to our newsletter, with which we inform you about our current interesting offers, by declaring your consent. The advertised goods and services are named in the declaration of consent.
    8.2 We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after you have registered, we will send you an email to the email address provided, in which we ask you to confirm that you are the owner of the email address provided and that you wish to receive the notifications. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store the IP addresses you use and the times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.
    8.3 The only mandatory information for sending the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and is used to address you personally. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR.
    8.4 You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation, for example, by clicking on the link provided in every newsletter e-mail or by sending an e-mail to marketing@simpleshow.com.
    8.5 We would like to point out that we evaluate your user behavior when sending the newsletter. For this analysis, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. For the evaluations, we link the data described above in para. 3 above and the web beacons with your e-mail address and an individual ID. The information about your user behavior is collected exclusively in pseudonymized form, i.e. the IDs are not linked to your other personal data; direct personal reference is excluded.
    8.6 You can object to this tracking at any time by unsubscribing from our newsletter or revoking your consent to the sending of the newsletter in accordance with para 8.4. After unsubscribing, we store the data purely statistically and anonymously. Such tracking is also not possible if you have deactivated the display of images in your e-mail program by default. In this case, the newsletter will not be displayed in full and you may not be able to use all the functions. If you display the images manually, the above-mentioned tracking will take place.
    8.7 To send the newsletter, we use a service provided by The Rocket Science Group LLC (Mailchimp), 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, United States. Mailchimp processes your personal data on our behalf in accordance with Art. 28 GDPR. According to its own statements, the provider has imposed a standard that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws when transferring data internationally. We have also agreed so-called standard data protection clauses with Mailchimp, the purpose of which is to maintain an appropriate level of data protection in the third country. You can find details about Mailchimp in the data protection information at: https://mailchimp.com/legal/.
    8.8 For storage, para. 1.12 applies.

    9. Social media

    9.1 Plug-ins

    9.1.1 We currently use the following social media plug-ins: Facebook, Instagram, X (formerly Twitter), LinkedIn and YouTube, which are only loaded if you have previously activated the function by giving your consent. We offer you the opportunity to interact with the social networks and other users via the plug-ins. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. a GDPR, i.e. the integration only takes place with your consent.
    9.1.2 The plug-in provider stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be assigned directly to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.
    9.1.3 The information collected is stored on the provider’s servers, in the case of international providers also outside Europe. For these cases, the respective provider has, according to its own information, imposed a standard that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws when transferring data internationally. We have also agreed so-called standard data protection clauses with the providers, the purpose of which is to maintain an appropriate level of data protection in the third country.
    9.1.4 You can withdraw your consent at any time without this affecting the lawfulness of processing up to the time of withdrawal. The easiest way to withdraw your consent is via our Consent Manager or via the functions of the social media providers.
    9.1.5 Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy. Addresses of the respective plug-in providers and URL of the respective data protection notices:
  • Facebook: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Privacy Policy: https://www.facebook.com/policy
  • 9.2 Our presence on social networks

    9.2.1 We have various presences on social media platforms. We operate these sites with the following providers: Facebook, Instagram, X (formerly Twitter), LinkedIn and YouTube. You can find more information on the providers and their data protection notices via the contact details provided in Section 9.1.5 above.
    9.2.2 We use the technical platform and services of the providers for these information services. We would like to point out that you use our presence on social media platforms and their functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating). When you visit our websites, the providers of the social media platforms collect, among other things, your IP address and other information that is stored on your device in the form of cookies. This information is used to provide us, as the operator of the accounts, with statistical information about the interaction with us.
    9.2.3 The data collected about you in this context is processed by the platforms and may be transferred to countries outside the European Union, in particular the USA. According to their own information, all of the aforementioned providers maintain an appropriate level of data protection that corresponds to that of the former EU-US Privacy Shield and we have concluded standard data protection clauses with the companies. We do not know how the social media platforms use the data from your visit to our account and interaction with our posts for their own purposes, how long this data is stored and whether data is passed on to third parties. Data processing may differ depending on whether you are registered and logged in to the social network or whether you visit the site as a non-registered and/or non-logged-in user. When you access a post or the account, the IP address assigned to your end device is transmitted to the provider of the social media platform. If you are currently logged in as a user, a cookie on your device can be used to track how you have moved around the network. Buttons integrated into websites enable the platforms to record your visits to these websites and assign them to your respective profile. This data can be used to tailor content or advertising to you. If you want to avoid this, you should log out or deactivate the “stay logged in” function, delete the cookies on your device and restart your browser.
    9.2.4 As the provider of the information service, we also only process the data from your use of our service that you provide to us and that requires interaction. For example, if you ask a question that we can only answer by email, we will store your information in accordance with the general principles of our data processing, which we describe in this privacy policy. The legal basis for the processing of your data on the social media platform is Art. 6 para. 1 sentence 1 lit. f GDPR.
    9.2.5 To exercise your rights as a data subject, you can contact us or the provider of the social media platform. If one party is not responsible for responding or must receive the information from the other party, we or the provider will then forward your request to the respective partner. Please contact the operator of the social media platform directly for questions about profiling and the processing of your data when using the website. If you have any questions about the processing of your interaction with us on our site, please write to the contact details provided by us above.
    9.2.6 What information the social media platform receives and how it is used is described by the providers in their privacy policies (for links, see section. 9.1.5). There you will also find information about contact options and the settings options for advertisements. Further information on social networks and how you can protect your data can also be found at www.youngdata.de.

    10. Information for California Residents

    We are required by the California Consumer Privacy Act of 2018, as amended (“CCPA”) to provide to California residents an explanation of how we collect, use and share their Personal Information, and of the rights and choices we offer California residents regarding our handling of Personal Information.
    10.1 Your California privacy rights. As a California resident, you have the rights listed below. However, these rights are not absolute, and we may decline your request as permitted by the CCPA.
    10.1.1 Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:
  • The categories of Personal Information that we have collected.
  • The categories of sources from which we collected Personal Information.
  • The business or commercial purpose for collecting and/or selling Personal Information.
  • The categories of third parties with whom we share Personal Information.
  • Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of recipient.
  • Whether we have sold your Personal Information; and, if so, the categories of Personal Information received by each category of recipient.
  • 10.1.2. Access. You can request a copy of the Personal Information that we maintain about you.
    10.1.3. Deletion. You can ask us to delete the Personal Information that we maintain about you.
    10.1.4. Nondiscrimination. You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as by denying you goods or services, increasing the price/rate of goods or services, decreasing the service quality, or suggesting that we may penalize you as described above for exercising your rights. However, the CCPA allows us to charge you a different price or provide a different service quality if that difference is reasonably related to the value of the Personal Information we are unable to use.
    10.1.5. How to exercise your rights. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by contacting us at privacy@simpleshow.com. Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12 month period. The verifiable consumer request must:
  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

  • We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
    10.1.6. Sale of Personal Information. We do not generally sell information as the term “sell” is traditionally understood. However, to the extent “sale” under the CCPA is interpreted to include advertising technology activities such as those disclosed in the section “When We Share Your Information,” we will comply with applicable law as to such activity.
    10.1.7. Personal information that we collect, use and share. We have collected information corresponding to the following categories of information enumerated in the CCPA.
    • Identifiers, including name, email address, account name, IP address – and an ID number assigned to your account.
    • User records, billing address, credit or debit card information, employment or education information.
    • Commercial information, including purchases of our software and/or services, downloads of our downloadable products, and engagement with the services and our downloadable products.
    • Internet activity, including history of visiting and interacting with our software and/or service, browser type, browser language and other information collected automatically.
    • Geolocation data, including location enabled services such as WiFi and GPS.
    • Inferences, including information about interests and preferences.
    We disclose the following categories of information for commercial purposes pursuant to CCPA:
  • Commercial Information;
  • User Records;
  • Demographic Data;
  • Location Data;
  • Identifiers;
  • Inferences; and
  • Internet activity.
  • 10.1.8. Right to Know and Delete. If you are a California resident, you have the right to know certain information about our data practices in the preceding 12 months. In particular, you have the right to request the following from us:
    • The categories of Personal Information we have collected about you;
    • The categories of sources from which the Personal Information was collected;
    • The categories of Personal Information about you that we disclosed for a business purpose or sold;
    • The categories of third parties to whom the Personal Information was disclosed for a business person or sold;
    • The business or commercial purpose for collecting or selling the Personal Information; and
    • The specific pieces of Personal Information we have collected about you.
    In addition, you have the right to delete the Personal Information we have collected from you. However, this is not an absolute right and we may have legal grounds for keeping such data.
    10.1.9. Reporting Violations. If at any time you believe that we have violated these policies, please notify us by email at privacy@simpleshow.com and we will use all commercially reasonable efforts to promptly investigate and remedy the problem.
    10.1.10. Authorized Agent. You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly.
    10.1.11. Right to Non-Discrimination. You have the right to non-discriminatory treatment by us, should you exercise any of your rights.

    11. Changes to the data protection information

    As part of the ongoing development of data protection law and technological or organizational changes, our data protection information is regularly reviewed to determine whether it needs to be adapted or supplemented. You will be informed of any changes, in particular on our website at https://simpleshow.com/. This data protection notice is valid as of December 1st, 2023.