Privacy notice for applicants (short version)

Controller (Verantwortlicher)

Universitätsklinikum Hamburg-Eppendorf

Martinistraße 52
20246 Hamburg

 

Data protection officer

Matthias Jaster

Martinistr. 52
20246 Hamburg
Tel. 040/7410 56890
E-Mail: m.jaster@uke.de

Purposes and legal basis of data processing

Carrying out the application procedure and, if applicable, inclusion in a talent pool pursuant to Art. 6 para. 1 lit. b) GDPR, § 26 BDSG [Federal Data Protection Act]; Art. 6 para. 1 lit. a), Art. 9 para. 2 lit. a) GDPR; Art. 6 para. 1 lit. c), Art. 9 para. 2 lit. c) GDPR.

Categories of data processed

Master data (e.g. name, age, contact details), qualifications, CV, other details from the application, documents from the application and the application process.

Salary and salary expectations, information on family circumstances, data concerning health, data additionally processed by directly supporting operational resources.

Obligation to provide the applicant data

You are not obliged to provide personal data and decide yourself on the scope of the data provided. However, if you do not provide us with any data or provide insufficient data, this may result in your application being rejected.

Source of data

Your application and statements in selection interviews.

Recipients or categories of recipients

The Software is hosted by milch & zucker Talent Acquisition & Talent Management Company AG and provided as a cloud service. The cloud service provider receives the data described in this Art. 13 GDPR as a processor.

Your application documents with personal data may be processed by various departments (Bereiche) and committees (Gremien) within UKE as part of the application process (e.g. the staff councils (Personalrat) as part of the statutory co-determination, etc.). UKE is always controller and therefore responsible for data protection.

Storage period /

Deletion periods

Upon recruitment:              Depending on the duration of the contract and the existing retention                                                                                         periods for personnel files (up to 5 years after termination of                                                                                                     employment).

Otherwise:                           Differentiated concept

Data subject rights (Betroffenenrechte)

You have the following rights under the respective legal requirements:

• Information about the data processed by the UKE, Art. 15 GDPR.
• Correction and completion of your data, Art. 16 GDPR.
• Deletion of your data, Art. 17 GDPR
• Blocking of your data, Art. 18 GDPR
• Data portability, Art. 20 GDPR
• Objection to processing, Art. 21 GDPR

Complaints / supervisory authority

You can complain to the competent data protection supervisory authority if you believe that the processing of your applicant data violates applicable data protection law. You can reach this authority as follows:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit

Ludwig-Erhard-Str 22, 20459 Hamburg, 040/42854-4040, mailbox@datenschutz-hamburg.de

Here you will find the long version of our data protection information.