Privacy policy

Data Privacy Statement


The protection of personal data is an important concern for the University Medical Center Hamburg-Eppendorf (UKE). We process personal data collected during visits to our websites in compliance with the applicable data protection regulations. When using our website for information purposes only, we collect the data that your browser transmits to our server:

IP address
Date and time of the query
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page or file and amount of data)
Access status/HTTP status code
Website from which the request originated
Web browser and language used
Operating system and its interface

After your visit, the IP address is stored for a short period of time to ensure IT security – in particular to protect our IT systems from misuse and to defend against attacks. All other data is deleted as soon as you have finished using our website. We reserve the right to evaluate the data in anonymized form for statistical purposes and to improve our website. This data protection declaration informs you about the type, scope and purpose of the processing of your personal data when using the web offers of FOR2799 ( including subdomains).

Data processed, purpose and duration

The Internet pages partly use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies allow us to recognize your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, these are treated separately in this privacy policy.

Use of Cookies

The web offers of the FOR2799 use – like many other websites – so-called „cookies“. Cookies are small text files that are transferred from a server to your hard drive. Data is stored in these cookies on your computer (etc.).

Cookies cannot be used to start programmes or transfer viruses to a computer. The information contained in cookies can be used to facilitate your navigation and to enable the websites to be displayed correctly.

Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent. Of course, you can also view our website without cookies. Internet browsers are regularly set to accept cookies. In general, you can deactivate the use of cookies at any time via the settings of your internet browser. Please use the help functions of your internet browser to find out how to change these settings. Please note that individual functions of our website may not work if you have deactivated the use of cookies.

Cookie consent with WebToffee

Our website uses the cookie consent technology of WebToffee to obtain your consent to the storage of certain cookies in your browser and to document this in accordance with data protection law. The provider of this technology is WebToffee – Mozilor Limited 3 Warren Yard, Wolverton Mill, England (hereinafter WebToffee).

When you enter our website, a cookie from WebToffee is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data will not be shared with the provider of WebToffee.

The collected data will be stored until you request us to delete it or until you delete the cookies from WebToffee yourself or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on data processing by WebToffee can be found at The use of WebToffee consent technology takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.

Cookie consent Wordfence security plugin

This website is secured with the service “Wordfence Security”, which is operated by Defiant Inc, 800 5th Ave, Suite 4100, Seattle, WA 98104, USA. The use is based on legitimate interest within the meaning of the GDPR. The website uses Wordfence Security to protect against viruses and malware and to defend against attacks by criminals. The plugin sets cookies to detect whether the website is actually visited by a person or by a robot. For the purpose of protection against so-called brute force attacks (numerous automated login attempts from the same identity) or hacker comment spam, IP addresses are stored on the Wordfence servers. IP addresses classified as harmless are placed on a white list. Wordfence Security secures this website and thus also protects visitors to the website from viruses and malware. This constitutes a legitimate interest within the meaning of the GDPR. The Live Traffic View option (real-time live traffic) of the PlugIn is reduced to security-related listing. For more information on the collection and use of data by Wordfence Security, please refer to the provider’s privacy policy: 

Use of privacy-protecting techniques

Do Not Track

You can activate „Do Not Track“ in your internet browser to partially reduce profiling on the internet. Do Not Track (DNT) signals to a website or web application that it does not wish to create a usage profile about the user’s activities. Of course, the FOR5159 web offer is designed to recognize and observe corresponding settings.

SSL encryption

In order to protect the security of your data during transmission between your computer and the UKE website, the UKE uses state-of-the-art encryption procedures (e.g. SSL) via HTTPS.

Integrated third-party content

The UKE is not responsible for the processing of data collected by third-party providers and makes only very sparing use of the integration of content from other providers.

Your data subject rights

You are entitled to so-called data subject rights, i.e. rights that you can exercise as a person affected in an individual case. You can assert these rights against the UKE.

You have the right to information about the personal data stored about you in accordance with Art. 15 DSGVO. If you discover that incorrect data relating to you is being processed, you may, under certain conditions, request rectification in accordance with Art. 16 DSGVO. Incomplete data must be completed taking into account the purpose of the processing. As far as the requirements of Art. 17 DSGVO are fulfilled, in particular the data is no longer required for the original purpose and the retention periods have expired, you can request that we delete the data. According to Art. 18 DSGVO, you may be able to demand that UKE restricts further processing of the data. This means that although your data will not be deleted, it will be marked to block it from further processing. Insofar as the processing of your patient data is based on a public or legitimate interest within the meaning of Art. 6(1)(e), (f) DSGVO, you may object to the processing on the grounds of your particular personal situation in accordance with Art. 21 DSGVO.


The UKE does everything in its power to process your personal data in accordance with legal requirements. Should you nevertheless be of the opinion that the processing of your personal data is not permitted under data protection law, you are welcome to contact the UKE’s data protection officer

Matthias Jaster
Martinistraße 52, 20246 Hamburg
Phone: +49 (0) 40 7410–56890

In addition, you also have the option of contacting the competent supervisory authority with a complaint. The supervisory authority responsible for you depends on the federal state of your residence or the alleged data protection violation. You can find a list of supervisory authorities with addresses at:

Responsible for the UKE:

Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Straße 22, 20459 Hamburg