SimplyPrint Privacy Policy
Last updated: July 1, 2026
View change history
2026-07-01
- Moved the full third-party sub-processor list to a dedicated, always-current page (Sub-Processors) and linked to it from this policy. The new page lists each provider's legal entity, registered address, country, the data they process, where it is processed, and the transfer basis, and is available as a PDF on request.
2026-05-29
- Added a "How long do we keep your data?" section clarifying our data retention periods, including that after account deletion we may keep a minimal set of transaction and security data for up to around 13 months to defend payment disputes and prevent fraud, and accounting records for longer where required by law.
2026-05-23
- Added a US K-12 districts subsection under the existing DPA section, noting SimplyPrint has signed the SDPC / TEC multi-state National Data Privacy Agreement (NDPA v1.0) for 15 US states.
2026-01-28
- Added "Schools & Organizations" section: managed accounts (students/employees) never receive marketing or attribution cookies
- Switched from Google reCAPTCHA to Cloudflare Turnstile for bot protection (privacy-preserving, no tracking)
- Switched geo IP provider from geoplugin.com to ipinfo.io (both in third-parties and Print jobs section)
- Removed "Dinero" accounting system (reduced third-parties)
- Clarified Arcade does not place any cookies
- Clarified YouTube cookies are set when you choose to load a video
- Updated third-party embeds policy: consent banner applies if you've accepted Functional cookies
- Rewrote tracking/consent sections
- Added geographic consent handling
- Consolidated cookie section
- New attribution purpose
- Updated subprocessor data sharing
2025-09-19
- Privacy Policy v2 released
2022-10-30
Privacy policies are boring, complicated, legal mumbo jumbo, so let's start with a quick
overview.
Tracking & cookies
-
No third-party tracking pixels - we don't use Google Pixels, Reddit Pixels, or Meta Tags
-
We use Plausible for analytics,
which is cookie-free and doesn't track individuals
-
You're always in control - manage your preferences anytime via "Cookie Settings" in the footer
-
If you found us through an ad, we notify the platform via secure server-to-server calls -
we only share anonymous click IDs, never your personal info
-
See our Cookie Policy for a complete list of everything we store
Your data
- We don't sell the data we collect on you, but do share some data for
internal use with third party software
- We may use your name, email, phone number and address for internal accounting
purposes
- We try to only collect what's required to make the platform work for you
- Your password is encrypted and stored in a safe database hosted in
the
European Union
- Only you can access your files and camera feed - while it's on our servers, we
don't
have tools allowing us to view either
- We don't collect any sensitive personal information, only the personal information we must,
like;
name, email, phone if you wish to get SMS notifications and address on purchase
Your rights
- You can always ask us to delete the data we have on you
- You can also always ask for us to give you the data we have on you
At SimplyPrint, we aim to only collect the minimum required data on our users. This means, we only ask for our user’s phone number if they want a text message when their print is finished, and we only ask for their address when required for invoicing. We wish to be fully transparent in how we use your data. This privacy policy will explain what data we collect, how we use it, and what rights you have regarding your data.
What data do we collect?
Our company collects the following data:
- Personal identification information; first name, last name, email address, and optionally phone number and address upon paid subscription. Email address is optional for SSO (Single Sign On) users.
- When you sign in via Single Sign-On (SSO) or a federated identity provider, we receive attributes such as name, possibly email address, organizational affiliation, and group membership from your institution’s identity provider.
- Company details for our Enterprise subscription; company name, email, country and timezone, address and billing address, possibly phone number, full name of att. person, company VAT number, possibly EAN number in Denmark.
- User info; on each user, other than the mentioned personal identification information above, we store info about login sessions and the IP address of those sessions, as well as which pages within SimplyPrint the user visited during the given session, and how long the session was. An action log of every action the user makes within the SimplyPrint platform (like starting a print, cancelling, etc.), with the IP and possibly country, city, and region of the action. This is done to help the user undo their actions, and for organizational profiles to see which user did what. The user’s password is also stored in our databases, using a one-way hash function.
- User files & folders; full file content, file name and extension, date uploaded, and name of folders.
- Printers; Each printer is powered by a device that communicates with SimplyPrint. For each device, we collect network information such as SSID, MAC address, and local IP address (private network). Additionally, we collect its public IP address, which is used to pair pending printers (that are pending setup) with the user. We also gather device specifications, including model information (e.g., Raspberry Pi 4B), machine hostname, CPU details, and memory capacity, as well as device software details like the version of OctoPrint and a list of installed plugins. We collect real-time updates from the printer, including temperature, print job status, and other operational metrics, to provide users with current information for remote monitoring. Printer-specific data, such as firmware version, ambient temperature, and auto bed leveling (ABL) data, may also be collected. If enabled by the user, the printer's downtime is logged, noting the start and end times of any lost internet connection.
- Print jobs; each print a printer that is connected to SimplyPrint starts is logged; whether it’s started via SimplyPrint or any other way (SD card, OctoPrint, etc.), as long as the Raspberry Pi/machine running SimplyPrint is connected to the printer. For each print job, we collect; date of start and finish, number of times the print was paused, if the print finished, failed, or was cancelled, percentage reached, time left of the print, ID of user that prints, filament usage (either calculated via SimplyPrint, or provided by the printer itself/local services such as OctoPrint), local name of the printed file, slicer used (when printed through SimplyPrint & analyzed), and longitude/latitude coordinates where the print was started, with 10-200 kilometer+ buffer, provided from the machine’s IP address, gotten from https://ipinfo.io/ (find their privacy policy here) - the coordinates are only used internally.
- Livestream & camera; when using a camera on the machine running SimplyPrint, the user has the option to stream the camera feed to SimplyPrint. This is done by the machine taking a picture and sending the image file to SimplyPrint’s servers in a secure request. The image is then stored for as little as 10 seconds before it’s permanently removed. We only store pictures up to 7 days, and the pictures can only be accessed by the account that owns the printer from which the picture is taken.
How do we use your data?
Our company collects your data so we can:
- Process possible orders
- Manage your account
- Gather data on general user behavior, guiding us to improve our software
- Send emails, print notifications, and special offers
- Understand how users discover SimplyPrint (attribution) - We temporarily store how you found us (e.g., which ad or link) in your browser's sessionStorage. If you don't create an account, this data is deleted when you close the tab and is never sent to us. On signup, this attribution data is saved with your consent preferences. If you consented to marketing cookies and came from an advertisement, we notify the ad platform via a secure server-to-server call - we only send an anonymous click ID and action type, never your personal information.
For federated SSO login, SimplyPrint adheres to the REFEDS Data Protection Code of Conduct v2
regarding the use of identity attributes. This means we only request and process the minimum attributes necessary to provide access to our service, and we do not use them for any unrelated purpose.
How do we store your data?
Our company securely stores your data at a DigitalOcean datacenter in Frankfurt, Germany. This datacenter is located within the EU and is fully GDPR-compliant.
If you wish to learn more about how we handle security at SimplyPrint, you can read our Security Overview by clicking the button below. Here we go more in-depth regarding what measures we take to keep your data safe and providing a deeper look into the different third-party providers we use for our web services. This document also digs into the security of the local SimplyPrint setup, on Raspberry Pi's/other machines, and what websites & ports that will be requested from within your local network.
Read the SimplyPrint security overview
DPA (Data Processing Agreement)
If you, as an enterprise customer of SimplyPrint and/or a company, school, institution, or government, SimplyPrint offers a custom Data Processing Agreement between you and SimplyPrint. This agreement is a legal document with digital signatures. This agreement can be requested by writing to [email protected] - we aim to respond within 24 hours.
US K-12 districts: SDPC Multi-State NDPA
For US K-12 school districts, SimplyPrint has also signed the Student Data Privacy Consortium (SDPC) / TEC Standard National Data Privacy Agreement (NDPA), Version 1.0. Eligible districts in Massachusetts, Maine, Colorado, Illinois, Iowa, Missouri, New Hampshire, Nebraska, New Jersey, Ohio, Rhode Island, Tennessee, Vermont, Virginia, and Washington can subscribe to the existing agreement via the General Offer of Privacy Terms (Exhibit E) without renegotiating from scratch. New York is currently excluded. Districts in other states (or outside the US) can still request a custom DPA via the same [email protected] address.
How long do we keep your data?
We keep your personal data only for as long as we need it for the purposes described in this policy, and then we delete it. When you delete your account, we remove your personal data from our live systems, with a few limited exceptions where the law allows or requires us to keep specific records for a bounded period:
- Accounting and tax records. Where we are legally required to retain invoices and payment records (for example under Danish bookkeeping law), we keep those records for the period required by that law, which is currently up to 5 years, after which they are deleted.
- Payment dispute and fraud-prevention records. Even after you delete your account, we may keep a minimal set of transaction and security data tied to a recent payment, such as billing and transaction identifiers, the email address on the account, and the IP and usage logs associated with that payment, for up to around 13 months from the charge. We keep this only where it is necessary to defend payment disputes and chargebacks and to prevent fraud, and we automatically delete it once that window has passed. This is separate from, and shorter than, the accounting retention above. We do not retain your files, printer data, or full profile for this purpose, only the limited information needed to defend a specific charge.
Where the law requires us to keep a record for longer than the periods above, we keep it only for as long as that legal obligation applies.
Your data & third parties
We use a small number of third-party services ("sub-processors") to run SimplyPrint. We never sell your data, we keep the number of third parties to a minimum, and wherever possible we choose privacy-friendly, EU-hosted providers or services we can host ourselves.
A few principles we hold to:
- Your data is stored in the EU by default - our hosting is in Frankfurt and Germany.
- We never sell your personal data, and we don't use third-party advertising or tracking pixels.
- Optional AI features are opt-in and off by default - your data is only shared with an AI provider if you choose to enable them.
- Where a provider is outside the EU/EEA, we rely on a valid transfer mechanism - the EU-US Data Privacy Framework and/or the EU Standard Contractual Clauses (2021) - with supplementary safeguards.
The complete, always-current list of our sub-processors - including each provider's legal entity, address, country, what data they process, where it is processed, and the transfer basis - is published on a dedicated page:
See our full Sub-Processors list
We give account owners advance written notice before a new sub-processor that handles personal data goes live, and you may object on specific grounds. See our Data Processing Agreement (Section 8.2) for details, or email [email protected] to request our DPA or a transfer impact assessment summary.
What are your data protection rights?
Our company would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access - You have the right to request SimplyPrint for copies of your personal data.
The right to rectification - You have the right to request that SimplyPrint correct any information you believe to be inaccurate. You also have the right to request SimplyPrint to complete information you believe is incomplete.
The right to erasure - You have the right to request that SimplyPrint erase your personal data, under certain conditions.
The right to restrict processing - You have the right to request that SimplyPrint restrict the processing of your personal data, under certain conditions.
The right to data portability - You have the right to request that SimplyPrint transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have 2 weeks to respond to you. If you would like to exercise any of these rights, please contact us at our email: [email protected].
What are cookies?
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our website, we may collect information from you automatically through cookies or similar technology. For further information, visit cookiesandyou.com.
How do we use cookies?
Our company uses cookies in a range of ways to improve your experience on our website, including:
- Keeping you signed in
- Remembering your preferences
- Understanding how you found us (with your consent)
What types of cookies do we use?
We categorize cookies into three types:
- Essential - Strictly necessary cookies that enable core functionality like logging in and maintaining your session. These cannot be disabled.
- Functional - Cookies that enable enhanced features like live chat support and remembering your preferences. Some are set by third-party services we use (like Crisp). Third-party embeds (such as YouTube videos) may also set cookies when you choose to load them. Note: Arcade demos do not place any cookies in your browser.
- Marketing - Cookies that help us understand how you discovered SimplyPrint. We do not use third-party tracking pixels (no Google Pixels, Reddit Pixels, or Meta Tags). When attribution data is sent, it happens via secure server-to-server calls, not browser scripts. See "Geographic Consent Handling" below for how consent works in your region.
For a complete, transparent list of every cookie, localStorage item, sessionStorage key, and IndexedDB database we use, please see our Cookie Policy.
How to manage cookies
You can change your cookie preferences at any time by clicking "Cookie Settings" in our website footer. You can also configure your browser not to accept cookies, though some features may not function as a result.
Geographic Consent Handling
We handle cookie consent differently based on your location to comply with regional privacy laws:
- Zone A (EU/EEA, UK, Switzerland): We present a consent banner when you first visit. Marketing cookies are disabled by default and only enabled if you explicitly accept them. Essential and Functional cookies are always active as they are necessary for the service.
- Zone B (Rest of World): Marketing cookies are enabled by default, but you can opt out at any time using the "Cookie Settings" link in our footer. Essential and Functional cookies remain active.
Your preference is stored and respected across all your visits. You can change your choice at any time.
Schools & Organizations
For users under a managed organization account (such as students or employees), we enforce a strict Functional-Only cookie policy. Regardless of any consent preferences selected, we never set Marketing or Attribution cookies for these accounts. Tracking and attribution data is only ever collected for the primary Account Owner (Admin) with their explicit consent.
Privacy policies of other websites
Our company website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.
Changes to our privacy policy
Our company keeps its privacy policy under regular review and places any updates on this web page.
How to contact us
If you have any questions about our company’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us at [email protected].
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that our company has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s office.