Privacy Policy

1. General

Helios Privatkliniken GmbH takes the protection of your data very seriously. Unless you have given us separate consent, personal data are only collected, processed and used on the pages of this website to the extent that this is technically necessary and required to provide individual services and offerings. If the use of individual offerings and services that you find on the website requires the entry of personal data (e.g. when processing enquiries via the contact forms), we will collect and use those data only for the purpose for which you provided them.  

2. Name and contact details of the controller and the company data protection officer

This privacy policy applies to data processing by:

Controller: Helios Privatkliniken GmbH, Else-Kröner-Strasse 1, 61352 Bad Homburg v.d.H., Germany | Tel.: +49 6172 608 4044 |  Fax: +49 6172 608 2869

E-mail: kathleen.hahne(at)

The company data protection officer can be contacted via the above address, for the attention of the data protection officer, or via joachim.lauerbach(at)

3. Collection and storage of personal data and the nature and purpose of their use

Personal data are erased as soon as knowledge of them is no longer required to fulfil the purpose for which they were stored, and as long as the erasure or destruction of pertinent documents does not conflict with any legal or statutory retention obligations. In detail, we process your data as follows:

a) During visits to our website

To ensure the security of our system, when you visit our website, our web servers, by default, temporarily store the connection data for the computer sending the request, the pages you visit on our site, the date and length of your visit, the identification data of the type of browser and operating system used and the website that referred you to our site (these are known as server log data). No further personal data such as your name, address, telephone number or e-mail address are collected in this process. Moreover, the server log data are not associated with personal data.

We process the data named above for the following purposes:

  • to ensure that the connection to the website is established smoothly,
  • to ensure that our website can be used properly,
  • to assess system security and stability, and
  • for other administrative purposes.

The legal basis for this data processing is Article 6, para. 1 (1f) of the GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case will we use the data collected for the purpose of identifying you.


Cookies are small files that are stored on your data carrier and used to save certain settings and data which are exchanged with our system via your browser. They serve to make the website generally more user-friendly and effective.

You can, at any time, delete the cookies via your browser security settings and configure your browser settings according to your wishes. As a rule, the “help” function found in your browser menu bar will show you how to reject new cookies and delete those you have already received. However, please note that if you do so, you may not be able to use all the functions of our website.

Some of the cookies we use are session cookies and are automatically deleted from your hard drive at the end of the browser session. In addition to this, we also use permanent cookies, which remain on your hard drive. If you visit again, we can thus automatically recognise that you have previously visited our website, and know what inputs and settings you use. These cookies are saved on your hard drive and expire automatically after a specified time. 

The cookies we use cannot be associated with any specific person. When the cookie is activated, it is allocated an identification number. Your identity cannot be and is not at any time associated with this identification number. Your name, or similar data which would allow the cookie to be associated with you, are not saved.  

The data processed by cookies are required for the purposes named above of safeguarding our legitimate interests and those of third parties, pursuant to Article 6, para. 1 (1f) of the GDPR.

b) During the use of our contact form

When you have questions of any kind, we offer you the chance to contact us via a form provided on the website. This requires a valid e-mail address to be provided, so that we know who the query came from and are able to answer it. Other information can be provided on a voluntary basis.

Data is processed for the purpose of contacting us in accordance with Article 6, para. 1 (1a) of the GDPR, on the basis of your freely given consent.

The personal data collected by us in order to use the contact form are automatically erased once the query you submitted has been dealt with.

4. Web tracking – tracking tools

The tracking measures which we use, as listed below, are carried out on the basis of Article 6, para. 1 (1f) of the GDPR. Our aim in using these tracking measures is to ensure that our website design is tailored to users’ needs and continuously optimised. We also employ these tracking measures to gather statistics on the use of our website and to analyse them in order to improve our offerings for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

The different processing purposes and data categories can be found in the descriptions of the respective tracking tools or, in detail, in each of the manufacturers’ privacy policies.

Google Analytics

In order to tailor our website design to users’ needs, and to continually optimise it, we use Google Analytics, a web analytics service provided by Google Inc. ( (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymised user profiles are created and cookies (see 3a) are used. The information generated by the cookie about your use of this website, such as

  • browser type / version,
  • operating system used,
  • referrer URL (page visited previously),
  • hostname of the computer making the request (IP address),
  • time of server query

is transmitted to a Google server in the USA and stored there. The information is used to evaluate the website’s use, to compile reports on website activity and to provide other services related to the use of this website and the Internet for the purposes of market research and to tailor this website’s design to users’ needs. This information is also sent to third parties where this is required by law, or where third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. The IP addresses are anonymised such that they cannot be associated with you (IP masking).

You may refuse the use of cookies by selecting the appropriate setting on your browser; however, please note that if you do this you may not be able to use the full functionality of this website.

Moreover, you may prevent Google from collecting the data (including your IP address) generated using the cookie and regarding your use of the website, and prevent Google from processing this data, by downloading and installing a browser add-on (

As an alternative to the browser add-on, especially in the case of browsers on mobile devices, you can also stop Google Analytics from collecting data by clicking on this link. An opt-out cookie is placed which prevents your data from being collected when you visit this website in future. The opt-out cookie is only valid in this browser and for our website, and is stored on your device. If you delete the cookies in this browser, you will have to place the opt-out cookie again.

For more information about data protection related to Google Analytics, see the Google Analytics Help Center ( .

5. Security

We implement all technical and organisational measures required to protect your personal data against loss and misuse. Your data are thus stored in a secure operating environment that is inaccessible to the public.

In certain cases, your personal data are encrypted during transmission using the Transport Layer Security (TLS) protocol. This means that your computer and our servers communicate using a well-established encryption method, if your browser supports TLS. 

6. Rights of the data subject

You have the right:

  • pursuant to Article 15 of the GDPR to demand access to the personal data concerning you which we process. Among other things, you can obtain access to the purposes of the processing, the category of personal data, the categories of recipient to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing, where the personal data are not collected by us, information as to their source, and the existence of automated decision-making, including profiling, and meaningful information about its details;
  • pursuant to Article 16 of GDPR to obtain the rectification of inaccurate personal data concerning you stored by us or to have incomplete personal data of this kind completed;
  • pursuant to Article 17 of the GDPR to obtain the erasure of personal data concerning you and stored by us, to the extent that such processing is not required to exercise our right to freedom of expression and information, for compliance with a legal obligation, on grounds of public interest or to establish, exercise or defend legal claims;
  • pursuant to Article 18 of the GDPR to obtain restriction of processing of your personal data, where the accuracy of the personal data is contested by you, the processing is unlawful but you oppose their erasure and we no longer need the data, but you require them for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Article 21 of the GDPR;
  • pursuant to Article 20 of the GDPR to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to transmit those data to another controller;
  • pursuant to Article 7, para. 3 of the GDPR at any time to withdraw your consent given to us. As a result, we will in future no longer be permitted to continue the data processing which was based on that consent, and
  • pursuant to Article 77 of the GDPR, to lodge a complaint with a supervisory authority.

7. Right to object

If your personal data are processed on the basis of legitimate interests pursuant to Article 6, para. 1 (1f) of the GDPR, you have the right pursuant to Article 21 of the GDPR to object to processing of personal data concerning you on grounds relating to your particular situation, or where you object to direct marketing. In the latter case, you have a general right to object which we must implement without any particular situation being specified.

If you would like to exercise your right to withdraw your consent or to object, all that is needed is to send an e-mail to joachim.lauerbach(at)

8. Updates and amendments to this privacy policy

This privacy policy is currently valid as of May 2018.

In the process of further developing our website and related offerings, or due to changes in legal or regulatory requirements, it may become necessary for this privacy policy to be amended. The current privacy policy can at any time be called up on our website at and printed out.


Please contact us, if you have further questions.
Helios via Deutsche Medizinische Union *For our Russian speaking patients +49 211 7817 444 0
Helios InternationalFor our international patients and partners +49 30 6832 3885