This website is operated by: simply Legal GmbH.
It is very important to us to handle our website visitors' data confidentially and to protect it in the best possible way. For this reason, we make every effort to comply with the requirements of the GDPR.
Below we explain how we process your data on our website. We use language that is as clear and transparent as possible so that you really understand what happens to your data.
Data protection applies to the processing of personal data. Personal data means all data with which you can be personally identified. This is, for example, the IP address of the device (PC, laptop, smartphone, etc.) you are currently using. Such data is processed when 'something happens to it'. Here, for example, the IP is transmitted from the browser to our provider and automatically stored there. This is then a processing (according to Art. 4 No. 2 GDPR) of personal data (according to Art. 4 No. 1 GDPR).
These and other legal definitions can be found in Art. 4 GDPR.
The scope of data protection is regulated by law. In this case, these are the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as a national law.
In addition, the TDDDG supplements the provisions of the GDPR as far as the use of cookies is concerned.
The controller within the meaning of the GDPR is responsible for data processing on this website. This is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
You can reach the person responsible at:
simply Legal GmbH
Burkarderstrasse 36 97082 Würzburg
info@simply-legal.ai
As we have already established, there is data (e.g. IP address) that is collected automatically. This data is mainly required for the technical provision of the website. If we also use personal data or collect other data, we will inform you of this or ask for your consent.
You consciously provide us with other personal data.
You will find detailed information on this below.
The GDPR provides you with comprehensive rights. These include, for example, free information about the origin, recipient and purpose of your stored personal data. You can also request the rectification, blocking or erasure of this data or lodge a complaint with the competent data protection supervisory authority. You can revoke your consent at any time.
You can find out what these rights look like in detail and how to exercise them in the last section of this Privacy Policy.
Data protection is more than just a chore for us! Personal data has great value and careful handling of this data should be a matter of course in our digitalized world. As a website visitor, you should also be able to decide for yourself what "happens" to your data, when and by whom. That is why we are committed to complying with all legal regulations, only collect the data we need and, of course, treat it confidentially.
The transfer and deletion of data are also important and sensitive issues. We would therefore like to briefly inform you in advance about our general approach to this.
Data will only be passed on on the basis of a legal basis and only if this is unavoidable. This may be the case in particular if it is a so-called Data Processor and a Data Processing Agreement has been concluded in accordance with Art. 28 GDPR.
We delete your data when the purpose and legal basis for processing no longer apply and the deletion does not conflict with any other legal obligations. Art. 17 GDPR also provides a 'good' overview of this.
For further information, please refer to this Privacy Policy and contact the controller if you have any specific questions.
The processing of personal data always requires a legal basis. The GDPR provides the following possibilities in Art. 6 para. 1 sentence 1:
a) The data subject has given their consent to the processing of their personal data for one or more specific purposes;
b) Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
c) The processing is necessary for compliance with a legal obligation to which the controller is subject;
d) Processing is necessary in order to protect the vital interests of the data subject or of another natural person;
e) The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
f) Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
In the following sections, we will provide you with the specific legal basis for the respective processing.
When you visit our website, we process your personal data.
We use SSL or TLS encryption to provide the best possible protection against unauthorized access by third parties. You can recognize this encrypted connection by the https:// or lock symbol in the address bar of your browser.
Below you can find out what data is collected when you visit our website, for what purpose this is done and on what legal basis.
When you visit the website, information is automatically stored in so-called server log files. This is the following information:
• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address
This data is required temporarily in order to be able to display our website to you permanently and without any problems. In particular, this data is used for the following purposes:
• System security of the website
• System stability of the website
• Troubleshooting on the website
• Establishing a connection to the website
• Presentation of the website
Data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and is based on our legitimate interest in the processing of this data, in particular our interest in the functionality of the website and its security.
Where possible, this data is stored in pseudonymized form and deleted once the respective purpose has been achieved.
If the server log files make it possible to identify the data subject, the data is stored for a maximum period of 14 days. An exception is made if a security-relevant event occurs. In this case, the server log files are stored until the security-relevant event has been resolved and finally clarified.
Otherwise, no merging with other data takes place.
This website uses so-called cookies. This is a data record, information that is stored in the browser of your end device and is related to our website.
The use of cookies can make it easier for visitors to navigate the website.
In our cookie consent tool, you will find all information about the cookies that we use on our website (if applicable, with your consent).
You can manage all cookies that are not technically necessary directly via our cookie consent tool.
You can prevent cookies from being set by adjusting your browser settings.
Here you will find the corresponding links to frequently used browsers:
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?redirectslug=Cookies+l%C3%B6schen&redirectlocale=en
Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=de
Microsoft Edge: https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Safari: https://support.apple.com/de-de/guide/mdm/mdmf7d5714d4/web and https://support.apple.com/de-de/guide/safari/sfri11471/mac.
If you are using a different browser, we recommend that you enter the name of your browser and 'delete and manage cookies' in a search engine and follow the official link to your browser.
Alternatively, you can also manage your cookie settings at www.aboutads.info/choices/ or www.youronlinechoices.com.
However, we must point out that a comprehensive blocking/deletion of cookies can lead to impairments in the use of the website.
We use technically necessary cookies on this website to ensure that our website functions correctly and in accordance with the applicable laws. They help to make the website user-friendly. Some functions of our website cannot be displayed without the use of cookies.
The legal basis for this is Art. 6 para. 1 lit. b, c and/or f GDPR, depending on the individual case.
We also use cookies on our website that are not technically necessary. These cookies are used, among other things, to analyze the surfing behavior of the website visitor or to offer functions of the website that are not technically necessary.
The legal basis for this is your consent in accordance with Art. 6 para. 1 lit. a GDPR.
Technically unnecessary cookies are only set with your consent, which you can revoke at any time in the cookie consent tool.
a) Telephone
If you contact us by telephone, the call data may be stored in pseudonymized form on the respective end device and with the telecommunications provider used. Personal data collected during the telephone call will only be processed in order to process your request. Depending on the request, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements.
b) Contact form
Our website uses the HubSpot contact form, provided by HubSpot, Inc, 1 Sir John Rogerson's Quay, Dublin 2, Ireland. The form is used to record and manage contact requests and supports integration into customer relationship management and the automation of marketing and sales processes. The data entered in the form, such as name, e-mail address, telephone number, company affiliation and, if applicable, other details and information provided in the course of making contact, as well as technical data such as the IP address and information on usage behavior collected by cookies, are processed. Processing is carried out for the purpose of processing contact inquiries, preparing and implementing contract initiation, organizing customer relationship management and evaluating and tracking inquiries. The legal basis is Art. 6 para. 1 lit. b GDPR for (pre-)contractual measures, Art. 6 para. 1 lit. f GDPR based on the legitimate interest in efficient communication and, insofar as consent is required (e.g. for marketing purposes, tracking via cookies), Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TDDDG. HubSpot uses functional, analysis and marketing cookies in the context of form use, which are only activated and set after express consent has been given; consent can be revoked at any time. Personal data may be transferred to third countries, in particular to the USA; HubSpot uses the EU standard contractual clauses pursuant to Art. 46 para. 2 lit. c GDPR as a suitable guarantee. The stored data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected or any consent given is revoked, unless statutory retention obligations prevent deletion. Detailed information can be found at: https://legal.hubspot.com/privacy-policy
The consent management tool Usercentrics is used on our website. Usercentrics is a service provided by Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany. The service makes it possible to obtain, manage and document consent to the use of cookies and to the processing of personal data by us and integrated third parties. Usercentrics provides consent banners, documents user decisions and controls which scripts and cookies are loaded depending on the individual consent. In particular, the selected consents (opt-in/opt-out), time stamps of the consents, banner interactions and specific consent statuses for integrated services and cookies are processed. The purpose of data processing is the legally compliant collection and management of consent for the use of non-essential cookies and other tracking technologies as well as proof of consent in accordance with legal requirements. The legal basis for the use of Usercentrics is Art. 6 para. 1 lit. c GDPR to fulfill legal obligations in the area of data protection and Art. 6 para. 1 lit. f GDPR, as there is a legitimate interest in transparent and documented consent management; for the setting of non-technically necessary cookies, consent is also obtained in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TDDDG, if necessary. Usercentrics uses technical cookies to store consent preferences; these cookies are functionally necessary to ensure compliance with data protection regulations. There is no transfer of personal data to third countries; processing takes place exclusively within the European Union. The recorded consents are deleted as soon as they are no longer required for the documentation, the purposes no longer apply or statutory retention obligations do not prevent deletion; consents can be revoked at any time with effect for the future. Detailed information is available at https://usercentrics.com/privacy-policy/.
Our website uses the API mediation platform OpenRouter, operated by OpenRouter (CEO: Alex Atallah, address not publicly known, contact via https://openrouter.ai/contact). OpenRouter provides a standardized interface for accessing numerous AI models from different providers and enables the integration of AI-based functions and web services. By using OpenRouter, technical metadata on API requests is processed, including the number of tokens processed, latency, timestamp, the model used and - when using an OpenRouter account - the email address stored; in addition, if this is explicitly activated in the account, the content of prompts and AI responses can also be stored. The purpose of data processing is to ensure the functionality and security of the connected AI services, to ensure user-oriented provision and optimization of use and monitoring of the functions offered. The legal basis for the processing of personal data via the API is Art. 6 para. 1 lit. b GDPR, insofar as the use is necessary for the fulfillment of the contract, otherwise Art. 6 para. 1 lit. f GDPR due to the legitimate interest in a reliable and efficient integration of AI functionalities; in the case of storage based on voluntary account settings, Art. 6 para. 1 lit. a GDPR applies. According to the current status, OpenRouter does not set any cookies on end devices. Personal data may be transferred to third countries, in particular to the USA. The standard contractual clauses of the EU Commission are used as suitable guarantees for such transfers. Personal data is deleted as soon as the purpose of processing no longer applies, consent has been withdrawn or applicable retention obligations have expired. Further information can be found in OpenRouter's Privacy Policy at https://openrouter.ai/privacy.
The Anthropic API is used on our website to provide AI-supported functions. Anthropic is offered by Anthropic PBC, 548 Market Street, PMB 64534, San Francisco, CA 94104-5401, USA. Anthropic's API enables the automated generation, processing and analysis of content as well as the integration of conversational AI solutions into internal and external workflows. In particular, user requests, responses generated by the AI, metadata such as timestamps and device information and, if applicable, data marked as critical by content recognition are processed. The purpose of data processing is to provide AI-based automation, text generation and the optimization of business and communication processes. The legal basis is Art. 6 para. 1 lit. f GDPR, as there is a legitimate interest in the efficient provision and improvement of interactive content; for the use of any analysis or functionality cookies and the storage of information on end devices, consent is required in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with. § 25 para. 1 TDDDG. No cookies are currently set by the API connection. Personal data is transferred to the USA. The EU standard contractual clauses are used as guarantees for an adequate level of data protection. Personal data is only stored for as long as is necessary to achieve the stated purpose or until it is deleted following revocation or on the basis of statutory retention obligations. Further information on data protection at Anthropic can be found at: https://privacy.claude.com/en/
This website uses Framer, a website builder for the creation and hosting of interactive websites. Framer is offered by Framer B.V., Rozengracht 207B, 1016 LZ Amsterdam, Netherlands. The service provides functions with which website content can be visually designed, published, animated and embedded with real-time elements such as CMS, e-commerce modules or 3D objects. Framer enables responsive designs, portfolios, blogs and the integration of external content as well as playout on your own domains. When Framer is used, the IP address, browser type and version, device information, access times, pages accessed, usage statistics, referrer, location data, device ID and, if applicable, identification data such as name, email address, telephone number and physical address are typically processed through the website visitor's input. The processing is carried out for the purpose of technical provision, presentation and optimization of the website, ensuring security and, if necessary, processing inquiries or orders via embedded functions. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR to safeguard legitimate interests in a functional and secure website. If a contractual relationship is initiated in embedded contact or order forms, Art. 6 para. 1 lit. b GDPR also applies. If cookies or similar technologies are used for analysis or marketing purposes, they are used exclusively on the basis of consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with. § 25 para. 1 TDDDG. Framer uses cookies for functional purposes, analysis and performance, in some cases also through integrated third-party providers; these are only activated with consent. The respective cookie types and their functional duration can be viewed in the cookie settings. Personal data is not generally transferred to third countries in connection with Framer. If data is transferred to business units outside the EEA, the EU standard contractual clauses are used as suitable guarantees. Personal data is generally deleted as soon as the purpose of the processing no longer applies, consent has been revoked or statutory retention periods have expired. Further information on data protection at Framer can be found at https://www.framer.com/legal/privacy-statement/.
Our website uses the analysis and tracking service HubSpot, operated by HubSpot, Inc, 1 Sir John Rogerson's Quay, Dublin 2, Ireland. HubSpot provides functions for marketing automation, lead generation, analysis of user behavior and the integration of CRM systems. Typically, the IP address, email address (for form entries), browser information, pages visited, entries in web forms, interactions with pop-ups and forms, engagement histories and traffic analysis data are processed. The processing is carried out for the purpose of measuring success and optimizing marketing measures, personalizing content, generating leads and analyzing and evaluating user behavior. The legal basis is regularly the consent pursuant to Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TDDDG, insofar as tracking technologies or cookies are used, as well as Art. 6 para. 1 lit. f GDPR for technically necessary analyses or to safeguard legitimate interests in targeted marketing. HubSpot uses various cookies, including analysis and personalization cookies, which are only activated with prior consent. Technically necessary cookies are used on the basis of Section 25 (2) TDDDG. Data may be transferred to locations outside the European Economic Area; in this case, HubSpot uses the EU standard contractual clauses as appropriate safeguards in accordance with Art. 46 GDPR to ensure an adequate level of data protection. The storage period of the processed data depends on the respective processing purpose; it will be deleted as soon as the purpose no longer applies or consent is revoked, provided that there are no legal storage obligations to the contrary. Further information can be found in HubSpot's Privacy Policy: https://legal.hubspot.com/privacy-policy
Our website uses the tag management service Google Tag Manager, which is operated by Google Ireland Limited, Google Building, 4th Floor, 70 Sir John Rogerson's Quay, Dublin 2, Ireland (D02 X576). With Google Tag Manager, various tracking and marketing scripts (so-called "tags") can be centrally managed and integrated on the website without the need to make any adjustments to the source code. The service itself does not use any tracking mechanisms, but forwards data streams to the integrated third-party tags. Google Tag Manager typically processes all personal data that is transmitted through configured tagging, such as IP address, user interaction data (e.g. clicks, page views, form submissions), technical information about the browser or end device, as well as tracking IDs, geographical location data and e-commerce information. The scope depends on the respective tag configuration and the respective third-party tags. The purpose of the use is the efficient management and display of analysis and marketing tags, the evaluation of user behavior and the optimization of the online offer. The legal basis for the use is Art. 6 para. 1 lit. f GDPR, as there is a legitimate interest in the technically secure, efficient and economical provision of analysis and marketing services. Insofar as tracking or marketing tags are set with consent, this is done on the basis of Art. 6 para. 1 lit. a GDPR i. V. m. § 25 para. 1 TDDDG. Google Tag Manager itself does not set any cookies, but can control the triggering of cookies by integrated third-party tags. Which cookies are set in detail depends on the respective tag configuration; more detailed information on this can be found in the corresponding sections of the Privacy Policy. Google Tag Manager may transfer personal data to third countries, in particular the USA, via downstream, integrated third-party tags. Google ensures suitable guarantees for its own processing operations in accordance with Art. 46 GDPR, in particular the use of the EU standard contractual clauses. The data collected as part of the tag will be deleted as soon as the respective purpose of the processing no longer applies, the data subject withdraws consent or statutory retention obligations permit deletion. The storage period of the integrated third-party services may differ and can be found in their Privacy Policies. Further information on data protection at Google Tag Manager can be found at: https://policies.google.com/privacy?hl=de
We use the analysis service Google Analytics on our website to evaluate visitor behavior and to optimize our online services. Google Analytics is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics collects and analyzes information about the interaction of users with our website, including page views, length of stay, clicks, navigation, geographical origin (at city and state level), device and browser information used and the origin of traffic. In addition, technical identifiers such as the anonymized IP address, cookie IDs, client IDs or user IDs are processed. If activated, demographic characteristics and interests may also be included. Processing is carried out for the purpose of measuring reach, analyzing user behavior, improving the website and checking the success of marketing measures. The legal basis for the use of Google Analytics is consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with. § 25 para. 1 TDDDG. Processing only begins after active consent has been given by the website visitor. Google Analytics uses cookies that are stored on the end device and read out corresponding information. These are analysis cookies that are used exclusively on the basis of consent. The transfer of personal data to a third country (e.g. the USA) cannot be ruled out. Insofar as data is processed outside the EU/EEA, Google uses the standard contractual clauses approved by the EU Commission as guarantees for compliance with the European level of data protection. The storage periods of Google Analytics can be configured and are 2 to 14 months by default. Collected data is deleted as soon as it is no longer required for the processing purposes or if consent is withdrawn, provided that there is no legal obligation to retain it. Further information can be found at: https://policies.google.com/privacy?hl=de
We use Google Consent Mode on our website to customize the use of Google services based on your consent. This means that, depending on your consent, we either use the full functionality of these services or only carry out limited data collection.
Google Consent Mode allows a certain amount of data processing, even if consent is denied, but in anonymized form.
We use the Advanced Consent Mode. This enables more detailed data collection if you have consented to the use of cookies in accordance with Art. 6 para. 1 lit. a GDPR. This data helps us to evaluate the performance of our marketing measures more precisely and to carry out user-defined analyses.
The processing is carried out in our legitimate interest in being able to better control and use certain functions of the Google services used on the website that require consent. The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR.
Further information on Google Consent Mode can be found at: https://support.google.com/analytics/answer/9976101.
Fonts from the Google Fonts service, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, are used on our website. Google Fonts makes it possible to integrate fonts directly from Google's servers in order to provide uniform and appealing typography and optimal loading times via a content delivery network (CDN). As part of the integration, the IP address of the website visitor, the requested font resource and HTTP header information such as user agent and referrer are processed. The purpose of the data processing is the technical provision of the fonts, the improvement of the design and the optimization of the display on different devices and browsers. The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as there is a legitimate interest in an appealing and consistent website design and technically secure and efficient provision. According to current information, Google Fonts does not use cookies to provide the fonts. There is no transfer of personal data to third countries, as the processing is carried out in Europe by Google Ireland Limited in accordance with Google. Personal data is only stored for as long as is necessary for the provision of the fonts and the security of the service; if the purpose ceases to apply or a justified request for deletion is made, the data is deleted, provided that there are no statutory retention obligations to the contrary. Further information is available at https://developers.google.com/fonts/faq/privacy.
We use the CRM system Hubspot. This service is offered by Hubspot Inc, 25 Street, Cambridge, MA 02141 USA. CRM (Customer Relationship Management) is a system for managing all of a company's interactions and relationships with its current and potential customers. It supports the automation and optimization of sales processes, marketing campaigns, customer service and customer communication. As soon as we collect your personal data on our website, we process it in the Hubspot CRM system. The legal basis for this is Art. 6 para. 1 lit. b GDPR. The data processing is carried out to fulfill (pre-)contractual obligations. Hubspot is certified under the EU-U.S. Data Privacy Framework. Otherwise, the Standard Contractual Clauses (SCC) of the EU Commission apply. Further information: https://legal.hubspot.com/de/privacy-policy?hubs_content=www.hubspot.de/&hubs_content-cta=Datenschutzbestimmungen.
Finally, we would like to inform you in detail about your rights and how you will be informed about changes to data protection requirements.
You can request information about whether your personal data is being processed. If this is the case, you can request further information on the type and manner of processing. A detailed list can be found in Art. 15 para. 1 lit. a to h GDPR.
This right includes the correction of incorrect data and the completion of incomplete personal data.
This so-called 'right to be forgotten' gives you the right, under certain conditions, to request the deletion of your personal data by the controller. This is generally the case if the purpose of the data processing no longer applies, if consent has been withdrawn or the initial processing took place without a legal basis. A detailed list of reasons can be found in Art. 17 para. 1 lit. a to f GDPR. This "right to be forgotten" also corresponds to the controller's obligation under Art. 17 para. 2 GDPR to take reasonable steps to ensure that the data is generally erased.
This right is subject to the conditions set out in Art. 18 para. 1 lit. a to d.
This regulates the basic right to receive your own data in a commonly used form and to transfer it to another controller. However, this only applies to data processed on the basis of consent or a contract in accordance with Art. 20 (1) (a) and (b) and insofar as this is technically feasible.
In principle, you can object to the processing of your personal data. This applies in particular if your interest in objecting outweighs the legitimate interest of the controller in the processing and if the processing relates to direct marketing and/or profiling.
In principle, you have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you. However, this right is also restricted and supplemented by Art. 22 (2) and (4) GDPR.
The GDPR contains comprehensive rights to inform third parties about whether or how you have asserted rights under Art. 16, 17, 18 GDPR. However, this only applies insofar as this is possible or feasible with reasonable effort.
We would like to take this opportunity to draw your attention once again to your right to withdraw your consent in accordance with Art. 7 (3) GDPR. However, this does not affect the lawfulness of the processing carried out up to that point.
We would also like to draw your attention to your rights under §§ 32 ff. BDSG, which, however, are largely congruent with the rights just described.
You also have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of personal data relating to you infringes this Regulation.
The current status of this Privacy Policy is 22.05.2025. From time to time it is necessary to adapt the content of the Privacy Policy in order to react to actual and legal changes. We therefore reserve the right to amend this Privacy Policy at any time. We will publish the amended version in the same place and recommend that you read the Privacy Policy regularly.
Created with the kind support of Dieter macht den Datenschutz