Skip to main content

Data Protection Information

In this data protection information we inform you about the processing of personal data by Honic.

You can address questions regarding data protection to us via the following contact details.

Name and contact details of the controller

Health Data Technologies GmbH
Robert-Mayer-Str. 12
74172 Neckarsulm
Phone: +49 (0) 7132 89 986-0
Email: info@honic.eu

You can reach our data protection officer via datenschutz@honic.eu. 

Personal data of you will be processed by us as the data controller and stored for the period necessary to fulfill the specified purposes and legal obligations. According to Art. 4 No. 1 of the General Data Protection Regulation ("GDPR"), personal data is any information relating to an identified or identifiable natural person.

In Part 1 - Website and Contacting, we inform you about the processing of personal data on our website and when you contact us.

In Part 2 - Research Data Platform, we inform you about the processing of personal data on our research data platform.

In Part 3 - Your rights regarding the processing of personal data, we inform you about your rights regarding the processing of personal data by us.

Part 1 - Website and Contacting

a) When you visit our website

When you visit our website, we collect data that the web browser transmits to the server of our website (e.g. date and time of access, name and URL of the file accessed, browser type and version, website from which access is made (referrer URL)) for technical reasons in order to display the content of our website to you and to ensure the security of the IT infrastructure.
This also includes the IP address of your requesting end device. The IP address is temporarily stored in a log file and automatically deleted after 14 days, unless a security-relevant event occurs (e.g. a DDoS attack). In the event of a security-relevant event, we will store the log files until the security-relevant event has been eliminated and fully clarified. We cannot draw any direct conclusions about your identity from the processing of the IP address in the log file.

This data is encrypted in transit using SSL.

The legal basis of the processing is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f) GDPR). Our legitimate interest is the provision of the website accessed by you and the security of our IT infrastructure.

As part of the processing, we transmit the data to the following recipients: Schwarz IT KG, Stiftsbergstraße 1, 74172 Neckarsulm (hosting provider).

b) When you contact us

When you communicate with us, we process data to answer your inquiry. This is usually the e-mail address and the IP address of the sender, as well as the content of the e-mail and any attachments, which may contain personal data.

We offer you the possibility to send us general inquiries via the contact form provided online. Here we collect the following mandatory information:

  • name (first and last name)
  • company
  • e-mail address

We need your last name to know, who the request is from. We need your e-mail address to be able to answer your request.

The personal data collected by us for the use of the contact form will be deleted as soon as your inquiry has been conclusively answered and the deletion does not conflict with any retention obligations.

The legal basis of the processing is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f) GDPR). Our legitimate interest is the processing of your contact request.

c) Newsletter

We offer a newsletter in which we inform you about the data available on the Honic platform and about research projects that Honic is conducting or supporting. In addition, through the newsletter you will also receive information about events and workshops offered by Honic or others that may be of interest to you. In order for us to send you the newsletter, you will need to register for the newsletter and also give your express consent to receive it. We will document your consent by means of the so-called "double opt in" procedure.

For this purpose, we collect the following information:

  • Name (first and last name)
  • Business email address
  • Company

The legal basis of the processing is your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). You can revoke your consent at any time via the unsubscribe link in the newsletter or by sending an email to datenschutz@honic.eu.

As part of the processing, we transmit the data to the following recipients: Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin (newsletter service provider).

d) Use of etracker on our Website

We use the services of etracker GmbH (http://www.etracker.de) on this website to analyse usage data in order to improve our website with the findings.

Among other data, we process the IP address and login or device identifiers for this purpose. This data is pseudonymised or anonymised as soon as possible. It is not used in any other way, merged with other data or passed on to third parties.

The legal basis for processing is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f) GDPR). Our legitimate interest is the optimisation of our website.

As part of the processing, we transmit the data to the following recipient: etrackerGmbH, Erste Brunnenstraße 1, 20459 Hamburg (website analysis service provider). You can object to the data processing described above at any time by clicking on the slider. The objection has no negative consequences. If no slider is displayed, data collection has already been prevented by other blocking measures.

Part 2 - Research Data Platform

We process personal data on our research data platform, including health data that we receive from healthcare providers, insofar as this is necessary for statistical purposes or scientific research projects.

We only process pseudonymised data from patients and treating physicians. Pseudonymisation means that the personal data can no longer be assigned to a specific person without the use of additional information. The service providers commission an external data trustee, Bundesdruckerei GmbH, Kommandantenstraße 18, 10969 Berlin, to pseudonymise the patient data. The data trustee pseudonymises the patient data before it is transmitted to our platform.

We do not receive any directly identifying data such as real names, insurance numbers or exact addresses, but only the medical content data such as diagnostic findings, laboratory diagnostic test results, medication data, demographic data (e.g. gender, age, region) and information on the specialist group of the treating doctors and the place of treatment. We do not have and cannot obtain directly identifying personal data.

In order to use the data for research or statistical analyses, we combine, anonymise or aggregate the data.

Honic distinguishes between the following data uses:

1. Statistical Purpose

We process the pseudonymised data for statistical purposes in order to create overviews of the available data. The creation of statistics is the methodical handling of empirical data and the result of the statistics is always aggregated data that summarises a minimum amount of patient information and therefore has no personal reference. The (anonymous) results of the statistical analysis are not used for measures or decisions regarding individual persons. Third parties do not have access to the original data in this data utilisation, but only to the results of the statistics.

2. Scientific Research 

We process the data for scientific research and grant third parties access to the data in anonymized form. If we use the data for a specific research project by third parties, we will always anonymize the original data before third parties access it. Researchers will then only have access to anonymous data in a secure analysis environment controlled by us. We do not transfer any personal data to researchers.

Our platform is hosted by Schwarz IT KG, Stiftsbergstraße 1, 74172 Neckarsulm, a German hosting provider whose servers are located exclusively within the European Union. Under no circumstances will we transfer the data to third countries outside the European Union, i.e. in particular not to the USA or China.

The legal basis for the processing operations is Art. 9 para. 2 lit. j) in conjunction with Art. 89 para. 1, Art. 6 para. 1 sentence 1 lit. f) GDPR i.V.m. Section 27 para. 1 in conjunction with Section 22 para. 2 sentence 2 BDSG, Art. 5 para. 1 lit. b) a.E. GDPR (processing of data for statistical purposes and for scientific research). In doing so, we are pursuing the interest of improving healthcare by enabling new findings through statistical evaluations and scientific research. The data will not be used by Health Data Technologies GmbH for purposes other than those mentioned here.

If you would like to exercise your data protection rights (e.g. right to erasure or objection) against us, please contact datenschutz@honic.eu. As the pseudonymization described above means that we cannot determine whether we have also received data concerning you from the service providers, we can only implement your data protection rights if you provide us with certain directly identifying data for this purpose. However, you can also exercise your rights against the service providers at any time. The service providers will arrange for the implementation of your exercise of rights on our research data platform and we will then no longer use your data.

Part 3 - Your rights regarding the processing of personal data

  • As a data subject, you have the following rights:
  • Right to information: You can request information about which of your personal data we store.
  • Right to rectification: If you believe that we are holding personal data about you that is incorrect, you may request that it be corrected.
  • Right to erasure and restriction of processing: Under certain conditions, you may request that we erase your personal data or restrict the processing.
  • Right to object: You have the right to object to the processing of your data pursuant to Art. 6 para. 1 sentence 1 lit. e) or f) GDPR and where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR on grounds relating to your particular situation. We will no longer process the data, unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims. To object, please contact datenschutz@honic.eu.
  • Right to data portability: You have the right to request that we transfer personal data that you have provided to us to another controller, or that we transfer such data to you in a commonly used, machine-readable format.
  • Right to lodge a compliant: You have the right to complain to a supervisory authority. The supervisory authority responsible for us is the State Commissioner for Data Protection and Freedom of Information Baden-Württemberg (Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg - https://www.baden-wuerttemberg.datenschutz.de/)

As of: 21st of November 2024