Privacy policy

1) Information on the collection of personal data and contact details of the data controller

1.1 We app­re­cia­te your visit to our web­site and thank you for your inte­rest. In the fol­lo­wing, we inform you about the hand­ling of your per­so­nal data when using our web­site. Per­so­nal data is any data by which you can be per­so­nal­ly iden­ti­fied.

1.2 The per­son respon­si­ble for data pro­ces­sing on this web­site within the scope of the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) is
Linus Drop
Lil­li­an Care GmbH
Augus­ta­an­la­ge 54–56
68165 Mann­heim

E‑Mail:

The per­son respon­si­ble for the pro­ces­sing of per­so­nal data is the per­son who alo­ne or joint­ly with others deter­mi­nes the pur­po­ses and means of the pro­ces­sing of per­so­nal data.

1.3 This web­site uses SSL or TLS encryp­ti­on for secu­ri­ty reasons and to pro­tect the trans­mis­si­on of per­so­nal data and other con­fi­den­ti­al con­tent (e.g. orders or enqui­ries to site owner) . You can reco­g­ni­se an encrypt­ed con­nec­tion by the string „https://“ and the lock sym­bol in your brow­ser bar.

2) Data collection when visiting our website

During the mere infor­ma­ti­ve use of our web­site, i.e. if you do not regis­ter or other­wi­se trans­mit infor­ma­ti­on to us, we only coll­ect such data that your brow­ser trans­mits to our ser­ver (so-cal­led „ser­ver log files“). When you visit our web­site, we coll­ect the fol­lo­wing data, which is tech­ni­cal­ly neces­sa­ry for us to dis­play the web­site to you:

  • The page visi­ted
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Source/reference from which you rea­ched the page
  • Brow­ser used
  • Ope­ra­ting sys­tem used
  • IP address used (if appli­ca­ble: in anony­mi­sed form)

Pro­ces­sing is car­ri­ed out in accordance with §6 1f GDPR on the basis of our legi­ti­ma­te inte­rest in impro­ving the sta­bi­li­ty and func­tion­a­li­ty of our web­site. The data will not be pas­sed on or used in any other way. Howe­ver, we reser­ve the right to check the ser­ver log files retro­s­pec­tively if the­re are con­cre­te indi­ca­ti­ons of ille­gal use.

3) Contacting

Per­so­nal data is coll­ec­ted when cont­ac­ting us (e.g. via cont­act form or e‑mail). Which data is coll­ec­ted in the event of the use of a cont­act form can be seen from the respec­ti­ve cont­act form. This data is stored and used exclu­si­ve­ly for the pur­po­se of ans­we­ring your request or for cont­ac­ting you and the asso­cia­ted tech­ni­cal admi­nis­tra­ti­on. The legal basis for the pro­ces­sing of this data is our legi­ti­ma­te inte­rest in respon­ding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your cont­act is aimed at the con­clu­si­on of a con­tract, the addi­tio­nal legal basis for the pro­ces­sing is §6 1b GDPR. Your data will be dele­ted after your request has been pro­ces­sed. This is the case if it is clear from the cir­cum­s­tances that the mat­ter in ques­ti­on has been con­clu­si­ve­ly cla­ri­fied and pro­vi­ded that the­re are no sta­tu­to­ry reten­ti­on obli­ga­ti­ons to the con­tra­ry.

4) Tools and miscellaneous

- Word­fence
For secu­ri­ty pur­po­ses, this web­site uses the „Word­fence“ plug­in, a ser­vice pro­vi­ded by Defi­ant Inc, 800 5th Ave Ste 4100, Seat­tle, WA 98104, USA (her­ein­af­ter „Word­fence“). The plug­in pro­tects the web­site and the asso­cia­ted IT infra­struc­tu­re from unaut­ho­ri­sed third-par­ty access, cyber attacks and viru­s­es and mal­wa­re. Word­fence coll­ects the IP addres­ses of users and, if neces­sa­ry, other data on your beha­viour on our web­site (in par­ti­cu­lar URLs cal­led up and hea­der infor­ma­ti­on) in order to reco­g­ni­se and pre­vent ille­gi­ti­ma­te page acces­ses and thre­ats. In the pro­cess, the coll­ec­ted IP address is com­pared with a list of known atta­ckers. If the cap­tu­red IP address is iden­ti­fied as a secu­ri­ty risk, Word­fence can auto­ma­ti­cal­ly block it from acces­sing the site. The infor­ma­ti­on coll­ec­ted in this way is trans­fer­red to a ser­ver of Defi­ant Inc. in the USA and stored the­re.
The descri­bed data pro­ces­sing is car­ri­ed out in accordance with §6 1f GDPR on the basis of our legi­ti­ma­te inte­rests in pro­tec­ting the web­site from harmful cyber attacks and in main­tai­ning struc­tu­ral and data inte­gri­ty and secu­ri­ty.
Defi­ant Inc. invo­kes the stan­dard data pro­tec­tion clau­ses accor­ding to §46 2c GDPR as the legal basis for the trans­fer of data to the USA.
If visi­tors to the web­site have log­in rights, Word­fence also sets coo­kies (= small text files) on the respec­ti­ve end device used by the visi­tor. With the help of the coo­kies, cer­tain loca­ti­on and device infor­ma­ti­on can be read out, which enables an assess­ment of whe­ther the log­in-aut­ho­ri­sed access ori­gi­na­tes from a legi­ti­ma­te per­son. At the same time, access rights can be eva­lua­ted via the coo­kies and released via a site-inter­nal fire­wall accor­ding to the aut­ho­ri­sa­ti­on level. Final­ly, the coo­kies are used to regis­ter irre­gu­lar access by site admi­nis­tra­tors from new devices or new loca­ti­ons and to noti­fy other admi­nis­tra­tors of this.
The­se coo­kies are only set if a user has log­in rights. Word­fence does not set coo­kies for site visi­tors wit­hout log­in rights.
If per­so­nal data is pro­ces­sed via the coo­kies, the pro­ces­sing is car­ri­ed out in accordance with §6 1f GDPR on the basis of our legi­ti­ma­te inte­rest in pre­ven­ting ille­gi­ti­ma­te access to the site admi­nis­tra­ti­on and defence against unaut­ho­ri­sed admi­nis­tra­tor access.
We have con­cluded a data pro­ces­sing agree­ment with Defi­ant Inc., with which we obli­ge the com­pa­ny to pro­tect the data of site visi­tors and not to pass it on to third par­ties.
For more infor­ma­ti­on on Defi­ant Inc.’s use of data for Word­fence, plea­se see Wordfence’s pri­va­cy poli­cy at https://www.wordfence.com/privacy-policy/.

5) Rights of the data subject

5.1 The appli­ca­ble data pro­tec­tion law grants you com­pre­hen­si­ve data sub­ject rights (rights of access and inter­ven­ti­on) vis-à-vis the con­trol­ler with regard to the pro­ces­sing of your per­so­nal data, which we inform you about below:

  • Right to infor­ma­ti­on pur­su­ant to §15 GDPR;
  • Right to rec­ti­fi­ca­ti­on in accordance with §16 GDPR;
  • Right to era­su­re pur­su­ant to §17 GDPR;
  • Right to rest­ric­tion of pro­ces­sing pur­su­ant to §18 GDPR;
  • Right to infor­ma­ti­on pur­su­ant to §19 of the GDPR;
  • Right to data por­ta­bi­li­ty pur­su­ant to §20 GDPR;
  • Right to revo­ke con­sent given in accordance with §7(3) GDPR;
  • Right to lodge a com­plaint pur­su­ant to §77 GDPR.

5.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

6) Duration of the storage of personal data

The dura­ti­on of the sto­rage of per­so­nal data is deter­mi­ned on the basis of the respec­ti­ve legal basis, the pur­po­se of pro­ces­sing and — if rele­vant — addi­tio­nal­ly on the basis of the respec­ti­ve sta­tu­to­ry reten­ti­on peri­od (e.g. reten­ti­on peri­ods under com­mer­cial and tax law).

When pro­ces­sing per­so­nal data on the basis of expli­cit con­sent pur­su­ant to §6 1a GDPR, this data is stored until the data sub­ject revo­kes his/her con­sent.

If the­re are sta­tu­to­ry reten­ti­on peri­ods for data that is requi­red in the con­text of legal tran­sac­tions or obli­ga­ti­ons simi­lar to legal tran­sac­tions on the basis of §6 1b GDPR, this data will be rou­ti­ne­ly dele­ted after expiry of the reten­ti­on peri­ods, pro­vi­ded that it is no lon­ger requi­red for the ful­film­ent of the con­tract or the initia­ti­on of the con­tract and/or the­re is no jus­ti­fied inte­rest on our part in con­ti­nuing to store it.

When pro­ces­sing per­so­nal data on the basis of §6 1f GDPR, this data is stored until the data sub­ject exer­ci­s­es his or her right to object pur­su­ant to §21 1 GDPR, unless we can demons­tra­te com­pel­ling legi­ti­ma­te grounds for the pro­ces­sing which over­ri­de the inte­rests, rights and free­doms of the data sub­ject, or for the estab­lish­ment, exer­cise or defence of legal claims.

When pro­ces­sing per­so­nal data for the pur­po­se of direct mar­ke­ting on the basis of §6 1f GDPR, this data is stored until the data sub­ject exer­ci­s­es his or her right to object pur­su­ant to §21 2 GDPR.

Unless other­wi­se indi­ca­ted in the other infor­ma­ti­on in this state­ment on spe­ci­fic pro­ces­sing situa­tions, stored per­so­nal data are other­wi­se dele­ted when they are no lon­ger neces­sa­ry for the pur­po­ses for which they were coll­ec­ted or other­wi­se pro­ces­sed.