Privacy policy
1) Information on the collection of personal data and contact details of the data controller
1.1 We appreciate your visit to our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data is any data by which you can be personally identified.
1.2 The person responsible for data processing on this website within the scope of the General Data Protection Regulation (GDPR) is
Linus Drop
Lillian Care GmbH
Augustaanlage 54–56
68165 Mannheim
The person responsible for the processing of personal data is the person who alone or jointly with others determines the purposes and means of the processing of personal data.
1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to site owner) . You can recognise an encrypted connection by the string „https://“ and the lock symbol in your browser bar.
2) Data collection when visiting our website
During the mere informative use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect such data that your browser transmits to our server (so-called „server log files“). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
- The page visited
- Date and time at the time of access
- Amount of data sent in bytes
- Source/reference from which you reached the page
- Browser used
- Operating system used
- IP address used (if applicable: in anonymised form)
Processing is carried out in accordance with §6 1f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.
3) Contacting
Personal data is collected when contacting us (e.g. via contact form or e‑mail). Which data is collected in the event of the use of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at the conclusion of a contract, the additional legal basis for the processing is §6 1b GDPR. Your data will be deleted after your request has been processed. This is the case if it is clear from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.
4) Tools and miscellaneous
- Wordfence
For security purposes, this website uses the „Wordfence“ plugin, a service provided by Defiant Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter „Wordfence“). The plugin protects the website and the associated IT infrastructure from unauthorised third-party access, cyber attacks and viruses and malware. Wordfence collects the IP addresses of users and, if necessary, other data on your behaviour on our website (in particular URLs called up and header information) in order to recognise and prevent illegitimate page accesses and threats. In the process, the collected IP address is compared with a list of known attackers. If the captured IP address is identified as a security risk, Wordfence can automatically block it from accessing the site. The information collected in this way is transferred to a server of Defiant Inc. in the USA and stored there.
The described data processing is carried out in accordance with §6 1f GDPR on the basis of our legitimate interests in protecting the website from harmful cyber attacks and in maintaining structural and data integrity and security.
Defiant Inc. invokes the standard data protection clauses according to §46 2c GDPR as the legal basis for the transfer of data to the USA.
If visitors to the website have login rights, Wordfence also sets cookies (= small text files) on the respective end device used by the visitor. With the help of the cookies, certain location and device information can be read out, which enables an assessment of whether the login-authorised access originates from a legitimate person. At the same time, access rights can be evaluated via the cookies and released via a site-internal firewall according to the authorisation level. Finally, the cookies are used to register irregular access by site administrators from new devices or new locations and to notify other administrators of this.
These cookies are only set if a user has login rights. Wordfence does not set cookies for site visitors without login rights.
If personal data is processed via the cookies, the processing is carried out in accordance with §6 1f GDPR on the basis of our legitimate interest in preventing illegitimate access to the site administration and defence against unauthorised administrator access.
We have concluded a data processing agreement with Defiant Inc., with which we oblige the company to protect the data of site visitors and not to pass it on to third parties.
For more information on Defiant Inc.’s use of data for Wordfence, please see Wordfence’s privacy policy at https://www.wordfence.com/privacy-policy/.
5) Rights of the data subject
5.1 The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:
- Right to information pursuant to §15 GDPR;
- Right to rectification in accordance with §16 GDPR;
- Right to erasure pursuant to §17 GDPR;
- Right to restriction of processing pursuant to §18 GDPR;
- Right to information pursuant to §19 of the GDPR;
- Right to data portability pursuant to §20 GDPR;
- Right to revoke consent given in accordance with §7(3) GDPR;
- Right to lodge a complaint pursuant to §77 GDPR.
5.2 RIGHT OF OBJECTION
IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.