www.ukhd.de
www.stadtmission-hd.de
www.pflege-ukhd.de
Translate
Privacy policy
Privacy policy as of 18.05.2018
Data protection and data security for our company's customers and partners as well as for interested parties and users of our website are of great importance to our company. Transparency regarding the processing of your personal data and the protection of your data are therefore particularly important to us.
This statement provides you with an overview of how your personal data is collected and processed when you use our website and what you can do yourself to better protect your data.
Controller responsible for the processing
Heidelberg University Hospital
Im Neuenheimer Feld 672
69120 Heidelberg
Institution under public law represented by theExecutive Board of the University Hospital
Im Neuenheimer Feld 672
69120 Heidelberg
Phone: 06221 56-0
Fax: 06221 56-5999
E-mail: klinikumsvorstand@med.uni-heidelberg.de
Data protection officer of the company
Heidelberg University Hospital
Data Protection Officer
Im Neuenheimer Feld 672
69120 Heidelberg
06221 56 7036
datenschutz@med.uni-heidelberg.de
What is personal data?
Personal data is any information relating to an identified or identifiable natural person. The decisive factor is therefore whether a personal reference can be established through the data collected. This includes information such as your name, address, telephone number and e-mail address. Information that is not directly associated with your real identity - such as favorite websites or the number of users of a site - is not personal data.
How we collect and process your personal data
When you visit our websites, our web servers temporarily store the connection data of the requesting computer, the websites you visit, the date and duration of the visit, the identification data of the browser and operating system type used and the website from which you visit us as standard for the purpose of system security. Additional personal data such as your name, address, telephone number or e-mail address are not collected unless you provide this information voluntarily, e.g. as part of a registration, a survey, a competition, to execute a contract or a request for information.
How we use your personal data, how we pass it on
If the opportunity for the input of personal or business data (e-mail addresses, names, addresses) is given, the input of these data takes place voluntarily. E-mails are sent via a contact form. If you send us such a message, your personal data will only be collected to the extent necessary for a reply. The e-mail is transmitted unencrypted.
We use the personal data provided by you exclusively for the purpose of technical administration of the websites and to fulfill your wishes and requirements, i.e. generally to process the contract concluded with you or to answer your inquiry.
We only use this data for product-related surveys, marketing purposes and statistical purposes if you have given us your prior consent or if you have not objected to this - insofar as this is provided for by law.
Your personal data will not be passed on, sold or otherwise transferred to third parties unless this is necessary for the purpose of processing the contract or you have expressly consented to this.
Any consent given can be revoked at any time with effect for the future.
How we pass on the data
Hosting
Some of the servers on which the hosting service is based are located in the data centers of Mittwald CM Service GmbH & Co KG. The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating the website. In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in the efficient and secure provision of our website in accordance with Art. 6 para. 1 sentence 1 f) GDPR in conjunction with Art. 28 GDPR. Art. 28 GDPR.
How long will your data be stored
In principle, we store all information that you transmit to us until the respective, e.g. contractual, purpose has been fulfilled. E.g. in the case of inquiries until they have been dealt with, in the case of newsletters until you unsubscribe from the newsletter. If longer storage is required by law, the data will be stored for this period.
If you no longer wish us to use your data, we will of course comply with this request immediately (please contact us at the address given under "Contact").
When will your data be deleted
Stored personal data will be deleted if you revoke your consent to storage, if knowledge of the data is no longer required to fulfill the purpose for which it was stored or if storage is inadmissible for other legal reasons. Data for billing and accounting purposes are not affected by a request for deletion.
Use of cookies
When you visit our website, we use so-called cookies. These are small text files that are stored on your computer. Cookies help us to determine the frequency of use and the number of users of our website, as well as to make our services as convenient and efficient as possible for you.
On the one hand, we use so-called "session cookies", which are only stored temporarily for the duration of your use of one of our Internet pages. On the other hand, we use "permanent cookies" to store information about visitors who repeatedly access one of our Internet pages. The purpose of using these cookies is to be able to offer you optimal user guidance and to "recognize" you and to be able to present you with a website that is as varied as possible and new content in the event of repeated use. The content of a permanent cookie is limited to an identification number. Name, IP address etc. are not stored. An individual profile of your usage behavior is not created.
It is also possible to use our website without cookies. You can deactivate the storage of cookies in your browser, restrict it to certain websites or set your browser so that it notifies you as soon as a cookie is sent. Please note, however, that if you deactivate cookies, you must expect a limited display of the site and limited user guidance.
Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this privacy policy
What we do to ensure the security of processing
Our company takes all necessary technical and organizational security measures to protect your personal data from loss and misuse. For example, your data is stored in a secure operating environment that is not accessible to the public. In certain cases, your personal data is encrypted during transmission using Secure Socket Layer (SSL) technology. This means that communication between your computer and our company's servers takes place using a recognized encryption method if your browser supports SSL.
These are the legal bases
"Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1d GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1f GDPR serves as the legal basis for the processing. Legitimate interests are, in particular, ensuring the operation and security of the website, examining the way in which visitors use the website and simplifying the use of the website."
These are your data protection rights
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and possible recipients and the purpose of data processing (Art. 15 GDPR) and, if applicable, a right to rectification of incorrect data (Art. 16 GDPR), erasure of this data (Art. 17 GDPR), the right to restriction of processing in accordance with Art. 18 GDPR, the right to object (Art. 21 GDPR) and the right to data portability of data provided by you in accordance with Art. 20 GDPR). The restrictions under Sections 34 and 35 BDSG apply to the right of access and the right to erasure.
In addition, you have the right to lodge a complaint with the competent supervisory authority in the event of breaches of data protection law (Art. 77 GDPR in conjunction with Section 19 BDSG). The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https: //www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
How you can withdraw your consent to data processing
Many data processing operations are only possible with your express consent. You can withdraw consent that you have already given at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation
Changes to the privacy policy
Changes may be made to this privacy policy, which will be announced on this page in good time.
Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
If your browser does not support web fonts, a standard font will be used by your computer.
Further information on Google Web Fonts can be found at developers.google.com/fonts/faq and in Google's privacy policy: https: //www.google.com/policies/privacy/.
Google Maps
This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
You can find more information on the handling of user data in Google's privacy policy: https: //www.google.de/intl/de/policies/privacy/.
Application and use of YouTube
YouTube components are integrated on this website. YouTube is an Internet video portal that enables video publishers to post video clips free of charge and other users to view, rate and comment on them, also free of charge. YouTube allows the publication of all types of videos, which is why complete film and television programs as well as music videos, trailers or videos made by users themselves can be accessed via the Internet portal.
The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time you access a page of our website on which a YouTube component (YouTube video) has been integrated, your Internet browser is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. Further information about YouTube can be found at www.youtube.com/yt/about/de/. During the course of this technical procedure, YouTube and Google gain knowledge of what specific sub-page of our website you are visiting.
If you are logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website the person concerned is visiting when a subpage containing a YouTube video is accessed. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.
YouTube and Google always receive information via the YouTube component that the data subject has visited our website if you are logged in to YouTube at the same time as accessing our website. This takes place regardless of whether you click on a YouTube video or not. If you do not want this information to be transmitted to YouTube and Google, you can prevent it by logging out of your YouTube account before accessing our website.
The data protection provisions published by YouTube, which can be accessed at www.google.de/intl/de/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.
Registration
The data subject has the option of registering on the controller's website by providing personal data. Which personal data is transmitted to the controller is determined by the respective input mask used for registration. The personal data entered by the data subject is collected and stored exclusively for internal use by the controller and for the controller's own purposes. The controller may arrange for the data to be passed on to one or more processors, such as a parcel service provider, who will also use the personal data exclusively for internal use attributable to the controller.
By registering on the controller's website, the IP address assigned by the data subject's Internet service provider (ISP), the date and time of registration are also stored. This data is stored against the background that this is the only way to prevent the misuse of our services and, if necessary, to make it possible to investigate criminal offenses and copyright infringements. In this respect, the storage of this data is necessary to safeguard the controller. This data is not passed on to third parties unless there is a legal obligation to pass it on or the passing on serves the purpose of criminal or legal prosecution.
The registration of the data subject with the voluntary provision of personal data serves the controller to offer the data subject content or services which, due to the nature of the matter, can only be offered to registered users. Furthermore, the registration of the data subject (in the data protection declaration generator) serves to monitor the use of the texts issued by us and protected by copyright, as well as to check the setting of links and the naming of authors, as well as for our own documentation purposes. We also use the data collected via the data protection declaration generator for customer acquisition, in particular for contacting customers by telephone and sending advertising by post and e-mail. Registered persons are free to have the personal data provided during registration completely deleted from the controller's database.
The controller shall provide any data subject at any time upon request with information about which personal data relating to the data subject is stored. Furthermore, the controller shall rectify or erase personal data at the request or indication of the data subject, insofar as this does not conflict with any statutory retention obligations. The data protection officer named in this privacy policy and all of the controller's employees are available to the data subject as contact persons in this context.
Our website contains links to the external social network Facebook. This website is operated exclusively by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (Facebook). The links on our website are identified by the Facebook logo or the addition "Like" (no Facebook plugins are used).
When you visit our website, functions and data transfers to Facebook are not automatically activated. The Facebook plugins are only activated when you click on the links and your browser establishes a direct connection with Facebook servers. If you follow the links and are logged into your Facebook user account at the same time, the information that you have visited our website will be forwarded to Facebook. Facebook can assign the visit to the website to your account. This information is transmitted to Facebook and stored there. To prevent this, you must log out of your Facebook account before clicking on the link.
For the purpose and scope of data collection by Facebook and the further processing and use of your data there, as well as your rights in this regard and settings options for protecting your privacy, please refer to Facebook's privacy policy(http://de-de.facebook.com/privacy/explanation.php).
Web analysis
Matomo analysis service
We use Matomo (Piwik), an open source software for the statistical analysis of visitor access. Matomo uses cookies that are stored on your computer and enable an anonymized analysis of your use of the website. It is not possible to draw conclusions about a specific person, as your IP address is anonymized immediately after processing and before storage.
You can object to the storage and analysis of this data by Matomo at any time. In this case, a so-called opt-out cookie is permanently stored in your browser, which causes Matomo not to collect any data for storage and analysis. However, if you delete this cookie intentionally or unintentionally, the objection to data storage and analysis will also be revoked and can be renewed via the above link.
Alternatively, most modern browsers have a so-called "Do Not Track" option, with which you can tell websites not to track your user activities. Matomo respects this option.