This data protection declaration informs you about the type, scope and purpose of the processing of your personal data when using the web offer of “Centra – Coordinating Center for Traumatized Refugees” (https://centra.hamburg/). Responsible for the processing of your personal data within the meaning of the General Data Protection Regulation (GDPR) is the
University Medical Center Hamburg-Eppendorf (UKE)
Corporation under public law
1. data processed, purpose and duration of processing
“Centra – Coordinating Center for Traumatized Refugees” is a public website about the activities of Centra – Coordinating Center for Traumatized Refugees. Centra is funded by the Ministry of Labor, Social Affairs, Family and Integration (BASFI) of the Free and Hanseatic City of Hamburg. The website contains information on Centra’s activities and accessibility as well as on network partner:in institutions and their offers.
1.1 Processing of general information when visiting our website
The purpose of processing personal data when accessing the website is the presentation of the project, the partner:inside institutions and persons. When accessing the website and its content, personal data is only processed to the extent technically necessary (in particular: IP address; name of the file accessed; date and time of access; browser type and version; your operating system; the web page from which you reached us). This information is technically necessary in order to deliver the contents of our website requested by you without any problems. They are stored regularly when a website is accessed. The processing therefore serves to ensure the use of and connection to the web offer of “Centra – Coordinating Center for Traumatized Refugees”.
The processing of your personal data is based on our legitimate interest arising from the aforementioned data collection purposes (Art. 6 para. 1 lit. f) DSGVO). We do not assign this data to specific persons and do not combine it with other data sources. The only recipients of the data are the UKE and the service provider that hosts the website.
Server logs are not kept. The data named here is deleted immediately after the connection is terminated.
1.2 Use of contact forms
The website may also contain contact forms to make it easier for you to get in touch. The data to be entered by you in connection with the contact forms (usually name, e-mail address, message) will be forwarded directly to the office to which your enquiry is directed.
The data is required by the respective office for the purpose of processing your request. Please note that we do not usually respond electronically to inquiries regarding patients and probands, as an unencrypted e-mail does not have a sufficiently high level of security for the special need to protect health data.
The processing of the respective transmitted data is based on your consent to the data processing when sending the contact form. This consent can be revoked at any time. The UKE processes your personal data submitted via a contact form for as long as is necessary to deal with your enquiry. Depending on your request, further documentation and retention periods may apply (e.g. 30 years for notifications of patient data that become part of a patient:internal file).
2. the use of privacy-protecting techniques
2.1 SSL encryption
To protect the security of your data during transmission between your computer and the UKE website, the UKE uses state-of-the-art encryption methods (e.g. SSL) via HTTPS. You can recognise this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.
2.2 Integrated third-party content
No third-party content is integrated.
3. recipients of your data
Your personal data will not be disclosed to third parties. However, the UKE uses a service provider, ALL-INKL.COM – Neue Medien Münnich, as an order processor to operate the website. The latter may not use the data processed within the framework of the website for its own purposes and is contractually obliged to maintain confidentiality.
4. your data protection rights
You are entitled to so-called data subject rights, i.e. rights that you can exercise as a data subject in an individual case. You can assert these rights against the UKE.
You have the right to information about the personal data stored about you in accordance with Art. 15 DSGVO. If you discover that incorrect data relating to you is being processed, you may, under certain conditions, request rectification in accordance with Art. 16 DSGVO. Incomplete data must be completed taking into account the purpose of the processing. Insofar as the requirements of Art. 17 DSGVO are fulfilled, in particular the data is no longer required for the original purpose and the retention periods have expired, you can demand that we delete the data. Under Art. 18 of the GDPR, you may be able to request that UKE restricts further processing of the data. This means that although your data is not deleted, it is flagged to block it from further processing. Insofar as the processing of your patient data is based on a public or legitimate interest within the meaning of Art. 6 Para. 1 lit. e), f) DSGVO, you may object to the processing on the grounds of your particular personal situation in accordance with Art. 21 DSGVO.
5. complaint possibilities
The UKE makes every effort to process your personal data in accordance with legal requirements. Should you nevertheless be of the opinion that the processing of your personal data is not permitted under data protection law, you are welcome to contact the UKE’s data protection officer
University Medical Centre Hamburg-Eppendorf
Turn over. In addition, you also have the option of contacting the competent supervisory authority with a complaint. The supervisory authority responsible for you depends on the federal state of your residence or the alleged data protection violation. A list of the supervisory authorities with address can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html .
Responsible for UKE: