We thank you for your interest in our website and the University Hospital of Cologne. We operate this website to provide useful information on the University Hospital of Cologne and its hospitals and facilities. In spite of diligent monitoring of external content, we can, however, not assume any liability for the content of external links.
When you visit our website, the protection of your personal data within the scope of collection, processing and use is a top concern to us. Your data is protected within the scope of the statutory provisions.
Name and address of the Controller
The Controller in terms of the General Data Protection Regulation and other national data protection laws of EU Member States, as well as other data protection law provisions is the:
University Hospital of Cologne AöR [institution under public law]
Kerpener Str. 62
Telephone +49 221 478-0
Name and address of the data protection officer
Kerpener Str. 62
Telephone +49 221 478-88008
Please find below information on which data is collected during your visit on our website and how this data is use.
1. Provision of the Website
When you access our website, the browser used on your computer will automatically send information to the server of our website. This information is temporally stored in a so-called log file. The following information is collected and stored until automated erasure without any activity on your part:
- IP address of the requesting computer,
- access date and time,
- name and URL of the retrieved file,
- referring website (Referrer URL),
- used browser and operating system of your computer,
- as well as the name of your access provider.
We process the aforementioned data for the following purposes:
- to ensure smooth establishment of the connection to the website,
- to ensure convenient use of our website,
- analysis of system security and stability as well as
- for additional administrative purposes.
The legal basis for the processing of personal data is Art. 6 Para 1 S. 1 point f GDPR. Our justified interest follows from the data collection purposes listed above. In no event will we use collected data to unmask your identity.
2. Contact form
If you have questions of any kind, you may contact us using the contact form we provide on our website. You must provide a valid email address in the contact form so that we know who is sending us an inquiry and can reply to your inquiry. You must provide your first and last name and a valid email address in the contact form so that we know who is sending us an inquiry and can reply to your inquiry. You may provide additional information on a voluntary basis. When you establish a contact with us, we will process your personal data based on Art. 6 Para 1 S. 1 point a GDPR and your consent you provided on a voluntary basis. Personal data that we collected for the use of the contact form will be deleted within the scope of an erasure procedure after your inquiry is completed.
3. Online application
To handle your online application, we collect and process your provided personal data as follows: Mr./Ms., name, first name, address, birth date, email address, references and curriculum vitae data. You may also provide your telephone number and desired salary. In accordance with the statutory provisions, we will treat your personal data with strict confidentiality. Your application is exclusively processed and stored in the applicants’ database for the review procedure of your online application. Three months after the application procedure has been completed, your data is automatically deleted. Your written consent is required, if your data is to be stored beyond the application procedure’s completion. Your consent to this data protection provision does not include your consent to the storage of your data beyond the application procedure’s completion. Such consent must be provided separately. We employ data encryption for the transmission of your data, to ensure secure transmission of your data. Your application data will not be disclosed to any third party outside of the University Hospital of Cologne.
4. Online appointment booking
5. Your rights
According to Art. 15 GDPR, you have the right to request information on your stored personal data, including any recipients of your personal data and the planned period for which your personal data will be stored. In the event inaccurate personal data is processed, you have the right to demand that such data is rectified according to Art. 16 GDPR. If the statutory requirements are met, you may request erasure or restriction of processing of your personal data and you may object to the processing of your personal data (Art. 17, 18 and 21 GDPR). In addition, you have the right to lodge a complaint with the supervisory authority:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
P. O. Box 20 04 44 [Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia P. O. Box 20 04 44]
7. Web Analytics
We use the Open-Source-Software Matomo to analyse and statistically evaluate the use of the website in accordance with Art. 6 Para 1 lit. f GDPR. For this purpose cookies are used (see Item 5). The website use information created by the cookie is transmitted to our servers and consolidated in pseudonymous user profiles. This information is used to evaluate the use of the website and to facilitate adequate design of our website. This information is not disclosed to any third party.
The IP address is not matched with other data relating to the user in any case. IP addresses are rendered anonymous so that they cannot be referenced to an identifier (IP-Masking). Your visit of this website is currently recorded by Matomo Web analysis.
You can prevent data collection by Matomo by activating the function “Do Not Track” in your Internet browser. In the case of most browsers, this function can be found under “Settings -> Data Protection”. Alternatively, you can deactivate the following Plug-In.
8. Social Media
1. Use of Social Media Plugins
- The following Social Media Plugins are currently used by us: [Facebook, Google+, Twitter, Xing]. For this purpose, we employ the so-called two-click solution. This means, when you visit our website, personal data is generally not provided to the Plugins of the respective providers, unless you activate the Plugin as described below. You can identify the Plugin provider by the marking on the box or its initial letter or the Logo. We provide you with the option to directly communicate with the provider by clicking on the button. The Plugin provider will only receive the information that you called-up the respective web page of our online offering, if you click on the marked field. In addition to this information, the designated data in Section 3 of this statement is transmitted. In the case of Facebook and Xing, the IP address is rendered anonymous immediately after collection in Germany according to the information provided by the respective providers. Accordingly, by activating the Plugin, personal data is transmitted from your browser to the respective Plugin provider and stored on the Plugin provider’s servers (in the case of American providers in the USA). Plugin providers use, in particular, cookies for data collection purposes. For this reason, we recommend that you delete all cookies using the security settings of your browser before you click on the greyed out box.
- We do not have any influence on the collected data and data processing procedures and we do not know the full scope and extent of such data collection, data processing purposes and data storage periods. Furthermore, we do not have any information on the erasure of collected data by the Plugin provider.
- The Plugin provider stores your collected personal data as user profiles and uses these user profiles for advertising purposes, market research and / or adequate design of its website. This analysis is, in particular, performed (also for users that are not logged in) to display targeted advertising and to inform other users of the respective social network of your activities on our website. You have the right to object to the creation of these user profiles. To exercise your right to object, you must contact the respective Plugin provider. By providing these Plugins, we offer you the opportunity to interact with the social networks and other users, so that we are in a position to improve our offering and design our offering more interesting for you as a user. The legal basis for the use of Plugins is Art. 6 Para 1 S. 1 point f GDPR.
- Data transfer by Plugins is independent of if you have an account with the Plugin provider and if you are logged in with your account. If you are logged in with the Plugin provider, your collected data on our website will be directly assigned to your existing account with the Plugin provider. If you click on the activated button and, for example, you set a link for the page, the Plugin provider will also store this information in your user account and publish this information to your contacts. We recommend that you routinely log off from a social network after you used it, in particular, however, prior to activating the button, because in doing so you can prevent the assignment to your profile at the Plugin provider.
- You may access additional information on purpose and scope of data collection and data processing by the respective Plugin provider from the privacy statements of these providers at the following addresses provided below. These privacy statements also provide additional information regarding your respective rights and setting options to protect your privacy.
- The Internet addresses of the respective Plugin providers and URLs to access their privacy statements are listed below:
- [Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; www.facebook.com/policy.php; additional information on data collection: www.facebook.com/help/186325668085084, www.facebook.com/about/privacy/your-info-on-other; as well as www.facebook.com/about/privacy/your-info.
- Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de.
- Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy.
- Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.
2. Integration of YouTube Videos
- YouTube Videos are integrated into our online offering. These videos are stored on www.YouTube.com and can be directly accessed and played from our website. These videos are all integrated into the “extended data protection mode” i.e. If you do not play a video, your user data is not transferred to YouTube. The designated data in Paragraph 2 are only transferred to YouTube, when you play a video. We do not have any influence on this data transfer.
- By visiting the website, YouTube will receive the information that you called-up the respective sub-page on our website. In addition to this information, the designated data in Section 3 of this statement is transmitted. This data is transferred independent of if you are logged in with your YouTube user account or if you do not have a user account. If you are logged in with Google, your data will be directly assigned to your account. If you do not wish that YouTube assigns your data to your profile, you must log off prior to activating the button. YouTube stores your data as user profiles and uses these user profiles for advertising purposes, market research and / or adequate design of its website. This analysis is, in particular, performed (even for users that are not logged in) to provide targeted advertising and to inform other users of the respective social network of your activities on our website. You have the right to object to the creation of these user profiles. To exercise your right to object, you must contact YouTube.
- You may access additional information on purpose and scope of data collection and its data processing by YouTube from its privacy statement. This privacy statement also provides additional information regarding your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy.
3. Integration of Google Maps
- We use the offerings of Google Maps on this website. By using Google Maps, we can display to you interactive maps directly within the website and provide you with the ability to the convenient use of the map function.
- By visiting the website, Google will receive the information that you called-up the respective sub-page on our website. In addition to this information, the designated data in Section 3 of this statement is transmitted. This data is transferred independent of if you are logged in with your Google user account or if you do not have a user account. If you are logged in with Google, your data will be directly assigned to your account. If you do not wish that Google assigns your data to your profile, you must log off prior to activating the button. Google stores your data as user profiles and uses these user profiles for advertising purposes, market research and / or adequate design of its website. This analysis is, in particular, performed (even for users that are not logged in) to provide targeted advertising and to inform other users of the respective social network of your activities on our website. You have the right to object to the creation of these user profiles. To exercise your right to object, you must contact Google.
- You may access additional information on purpose and scope of data collection and data processing by the Plugin provider from the privacy statements of the provider. These privacy statements also provide additional information regarding your respective rights and setting options to protect your privacy:
Please note that when using the tools, your data may be transferred to recipients outside the EEA where there is no adequate level of data protection in accordance with the GDPR (e.g. USA).
9. Data Security
Within the scope of your visit on our website, we use the common SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your Browser. In general, this is a 256-bit encryption. If your Browser does not support 256-bit encryption, we use instead 128-bit v3 technology. You can recognise the encrypted transmission of an individual page on our Internet platform, if the key or lock symbol is displayed as closed in the lower status bar of your browser. In addition, we also employ appropriate technical and organisational security measures to protect your data against accidental or intentional manipulations, partial or total loss, destruction or unauthorised access by third parties. Our security measures are improved on an ongoing basis in accordance with technological developments.
10. Up-To-Dateness and Changes to this Privacy Statement
This privacy statement is currently valid. The version is May 2018. Further development of our website and our web offerings or due to changed statutory or official requirements it may become necessary to change this privacy statement.