This data protection declaration informs you about the type, scope and purpose of the processing of your personal data when using the web offers of HCSN ( including subdomains).

1. Data processed, purpose and duration of processing

1.1 Processing of general information when visiting our website

When accessing the website and its content, personal data is only processed to the extent technically necessary (in particular: IP address, name of the file accessed, date and time of access, browser type and version, your operating system, the webpage from which you reached us). This information is technically necessary in order to deliver the contents of our website requested by you without any problems. It is stored regularly when you access a website. Your data is processed in particular for the following purposes:

  • Ensuring the use of and connection to the HCNS web offer,
  • ensuring and evaluating system security and stability, and
  • or other administrative purposes.

The processing of your personal data is based on our legitimate interest arising from the aforementioned data collection purposes (Art. 6 (1) f) DSGVO). We do not assign this data to specific persons and do not combine it with other data sources. The only recipients of the data is the UKE and our order processors.

The server logs are anonymised daily and deleted after 4 weeks. This data is not statistically evaluated, but can be used for error analysis if necessary.

1.2 Use of contact forms

The HCNS website contains contact forms which are intended to make it easier for you to contact the HCNS. The data to be entered by you in connection with the contact forms (usually name, e-mail address, message) will be forwarded directly to the office to which your enquiry is directed. The data is required by the respective office for the purpose of processing your enquiry.

The processing of the data transmitted in each case is based on your consent to the data processing when you send the contact form. This consent can be revoked at any time. The UKE will process your personal data submitted via a contact form for as long as it is necessary to deal with your enquiry.

1.3 Use of cookies

The web offers of the HCNS use – like many other websites – so-called “cookies”. Cookies are small text files that are transferred from a server to your hard drive. Data is stored in these cookies on your computer (etc.).

Cookies cannot be used to start programmes or transfer viruses to a computer. The information contained in cookies can be used to facilitate your navigation and to enable the websites to be displayed correctly.

Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent.

Of course, you can also view our website without cookies. Internet browsers are regularly set to accept cookies. In general, you can deactivate the use of cookies at any time via the settings of your internet browser. Please use the help functions of your internet browser to find out how to change these settings. Please note that individual functions of our website may not work if you have deactivated the use of cookies.


2. Use of privacy-protecting techniques

2.1 Do Not Track

You can activate “Do Not Track” in your internet browser to partially reduce profiling on the internet. Do Not Track (DNT) signals to a website or web application that it does not wish to create a usage profile about the user’s activities. Of course, the HCNS web offer is designed to recognise and observe corresponding settings.

2.2 SSL encryption

In order to protect the security of your data during transmission between your computer and the UKE website, the UKE uses state-of-the-art encryption procedures (e.g. SSL) via HTTPS.

2.3 Integrated third-party content

The UKE is not responsible for the processing of data collected by third-party providers and makes only very sparing use of the integration of content from other providers.

2.4 Social Plugins


We use the plug-in of the social network Twitter on our website. Twitter is an internet service of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, hereinafter referred to as “Twitter”.

Through the certification according to the EU-US Privacy Shield (“EU-US Privacy Shield”), Twitter guarantees that the data protection requirements of the EU are also complied with when processing data in the USA.

The legal basis is Art. 6 para. 1 lit. f) DSGVO. Our legitimate interest lies in improving the quality of our website.

If the plug-in is stored on one of the pages of our website that you visit, your internet browser downloads a representation of the plug-in from the servers of Twitter in the USA. For technical reasons, it is necessary for Twitter to process your IP address. In addition, the date and time of your visit to our website are also recorded.

If you are logged in to Twitter while visiting one of our websites with the plug-in, the information collected by the plug-in from your specific visit will be recognised by Twitter. Twitter may assign the information collected in this way to your personal user account there. If, for example, you use the so-called “Share” button from Twitter, this information will be stored in your Twitter user account and possibly published via the Twitter platform. If you wish to prevent this, you must either log out of Twitter before visiting our website or make the appropriate settings in your Twitter user account.

Twitter provides further information on the collection and use of data as well as your rights and protection options in this regard in the data protection information available at


3. Your data subject rights

You are entitled to so-called data subject rights, i.e. rights that you can exercise as a person affected in an individual case. You can assert these rights against the UKE.

You have the right to information about the personal data stored about you in accordance with Art. 15 DSGVO. If you discover that incorrect data relating to you is being processed, you may, under certain conditions, request rectification in accordance with Art. 16 DSGVO. Incomplete data must be completed taking into account the purpose of the processing. As far as the requirements of Art. 17 DSGVO are fulfilled, in particular the data is no longer required for the original purpose and the retention periods have expired, you can request that we delete the data. According to Art. 18 DSGVO, you may be able to demand that UKE restricts further processing of the data. This means that although your data will not be deleted, it will be marked to block it from further processing. Insofar as the processing of your patient data is based on a public or legitimate interest within the meaning of Art. 6(1)(e), (f) DSGVO, you may object to the processing on the grounds of your particular personal situation in accordance with Art. 21 DSGVO.


4. Complaints

The UKE does everything in its power to process your personal data in accordance with legal requirements. Should you nevertheless be of the opinion that the processing of your personal data is not permitted under data protection law, you are welcome to contact the UKE’s data protection officer

Matthias Jaster
Martinistraße 52
20246 Hamburg
Phone:  +49 (0) 40 7410 – 56890

In addition, you also have the option of contacting the competent supervisory authority with a complaint. The supervisory authority responsible for you depends on the federal state of your residence or the alleged data protection violation. You can find a list of supervisory authorities with addresses at:


Responsible for the UKE:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Kurt-Schumacher-Allee 4
20097 Hamburg