Data Privacy Policy - Clinic for Trauma Surgery, Orthopaedics and Plastic Surgery

jump to main navigation skip to content

Clinic for Trauma Surgery, Orthopaedics and
Plastic Surgery

Data Privacy Policy

  1. Scope of application

This data privacy policy explains to users the type, extent and purpose of the processing of personal data by the controller in accordance with Art. 4(7) GDPR, namely the following party:

Georg-August-Universität Göttingen

Stiftung öffentlichen Rechts

Universitätsmedizin Göttingen

Robert-Koch-Str. 42

37077 Göttingen

Represented by the Management Board

Tel: +49 (0)551 39-0
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

(hereinafter referred to as the “UMG”)

within the framework of the website provided at http://cuop-umg.de (hereinafter referred to as the “Website”).

The legal basis of the data protection can be found in the General Data Protection Regulation (GDPR), in the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), the Lower Saxony Data Protection Act (Niedersächsisches Datenschutzgesetz – NdsDSG) and the German Telemedia Act (Telemediengesetz – TMG). The UMG agrees to comply with the applicable laws, particularly when processing personal data.

The data protection officers of the UMG can be reached using the following details:

Universitätsmedizin Göttingen

-Datenschutzbeauftragter-

37099 Göttingen

Tel: +49 (0)551 39-22762

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

The supervisory authority responsible for the UMG in terms of data privacy is the following:

Die Landesbeauftragte für den Datenschutz Niedersachsen

Prinzenstraße 5

30159 Hannover

Tel: +49 (0511) 120 45 00

Fax: +49 (0511) 120 45 99

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

  1. Handling of personal data

Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Art. 4[1] GDPR).

The law relates to the processing of personal data:

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (Art. 4[2] GDPR).

Personal data is only processed by the UMG when legally permitted, or if the user agrees to the processing (see Art. 6 GDPR).

2.1 Processing when visiting the Website

We use cookies to enable the operator of the Website to collect and analyse various statistical data, for example to improve the quality of the structure and content of the Website, or to enable user-orientated and the smoothest possible navigation. Cookies are small text files that are assigned and stored on your hard drive by the browser you use, and which enable specific information to be transferred to where the cookie has been placed (in this case by us). They serve to facilitate the user-friendliness of websites and therefore to aid the users (for example, by storing login details). They also help gather statistical data about the use of the Website and enable it to be analysed for the purpose of improving the Website.

Limited to the duration of your visit, we place so-called session cookies on the user access device (PC, smart phone etc.), enabling specific information to be stored about that device, for instance. Your computer can therefore be recognised when you return to our Website. As so-called transient cookies, session cookies are automatically deleted when you close the browser or log out.

Cookies cannot cause any damage to your computer. They pose no risk to security in the sense of viruses or spying on your computer.

Users can influence the use of cookies. Most current browsers have an option with which the storage of cookies can be restricted or completely prevented.

Many online advertisement cookies from companies can be blocked via

the US website http://www.aboutads.info/choices/ or

the EU site http://www.youronlinechoices.com/uk/your-ad-choices/.

If you are merely using the Website for information, in other words if you do not register or otherwise provide us with information, we will only gather the personal data that your browser sends to our servers. If you wish to view our Website, we will collect the following information which is technically required for us to show you our Website and guarantee its stability and security (the legal basis is Art. 6[1][1][f] GDPR):

  • Page title of the page accessed
  • Date and time of the request
  • URL (address) of the site accessed
  • Previous URL (address) of the page accessed
  • Operating system of the user
  • Browser

The processing of the log files and use of the cookies takes place exclusively for statistical purposes, in particular to improve our own Website.

2.2 Processing in the case of contact via email

If personal data (e.g. name, address and email address) is collected via email queries, this always takes place on a voluntary basis. We would like to point out that personal data which is provided to us via email as part of initial queries will be processed by means of memory technology. However, this process is exclusively for the purpose of handling queries.

Please note in this regard that communication via email may pose security risks. In particular, manipulation of electronic documents by third parties cannot be completely excluded. In addition, it may be possible for well-versed experts in this matter to view or change emails en route. If you do not wish to accept the risks associated with email use, you should select another method of communication.

Additional personal data will only be processed if you have provided it yourself in the email, for example if this is for the purpose of concluding non-disclosure agreements or other contracts.

Your data will only be passed on to third parties if this is necessary for the purpose intended with your query (e.g. the processing of personal data to fulfil a contract [see Art. 6(1b) GDPR] or for fulfilment of legal obligations [see Art. 6(1c) GDPR), or if vital interests of the data subject make this necessary [see Art. 6(1d) GDPR]).

  1. Right to information: erasure and blocking

Upon request, you have the statutory right to receive information from the responsible person named in the legal notice, in accordance with GDPR and the BDSG.

Namely, you have the following rights regarding your personal data:

  • Right to information (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to objection to processing (Art. 21 GDPR)

The erasure or blockage of your stored personal data will take place in accordance with the statutory provisions.

In accordance with Art. 77 GDPR, you also have the right to lodge a complaint with a data privacy supervisory authority (e.g. with the data privacy supervisory authority responsible for the UMG, as listed above under point 1).

Version: August 2018