Who we are?

This web­site is hos­ted by the ID Cohorts research group at the Uni­ver­sity Clin­ic of Cologne. Our web­site address is:

What personal data we collect and why we collect it when accessing the website?

To ensure a secure trans­mis­sion, we are using the TLS encryp­tion stand­ard, this is indic­ated by the https:// in your address bar and the green lock icon. This pre­vents third parties from access­ing your data.

When you access our web­site our serv­er stores the fol­low­ing data:

  • IP-address (anonym­ized)
  • vis­ited page
  • time of access
  • amount of data sent
  • refer­ring site from which you came to this site
  • browser ver­sion, browser lan­guage and avail­able plugins
  • oper­at­ing system
  • screen res­ol­u­tion
  • type and brand of device

We store this data to improve our web­site. We reserve the right to store full IP-addresses if there are signs of mis­use. In oth­er cases we will store the shortened IP-address so that no con­nec­tion to your per­son is possible.

The leg­al basis for this stor­age is art. 6 para­graph 1 lit. f) GDPR.

Matomo Analytics

On this site we use Mat­omo. Mat­omo is an open-source ana­lyt­ics soft­ware that allows us to ana­lyze the usage of our web­site. To facil­it­ate this the soft­ware pro­cesses your IP-address, which sub­pages you vis­it, the web­site from which you came (refer­rer URL), the amount of time you spend on our page, as well as the num­ber of times of access.

Your IP-address will be shortened by two bytes, to pre­vent it from being trace­able to your inter­net connection.

The leg­al basis for this is art. 6 para­graph 1 lit. f) GDPR. It is our legit­im­ate interest to ana­lyze, debug and optim­ize our website.


When vis­it­ors leave com­ments on the site we col­lect the data shown in the com­ments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonym­ized string cre­ated from your email address (also called a hash) may be provided to the Gravatar ser­vice to see if you are using it. The Gravatar ser­vice pri­vacy policy is avail­able here: After approv­al of your com­ment, your pro­file pic­ture is vis­ible to the pub­lic in the con­text of your comment.


If you upload images to the web­site, you should avoid upload­ing images with embed­ded loc­a­tion data (EXIF GPS) included. Vis­it­ors to the web­site can down­load and extract any loc­a­tion data from images on the website.

Contact forms

In case you use any of the con­tact forms on our web­site an email to our team will be sent. No inform­a­tion will be stored on the web­site’s database.


If you leave a com­ment on our site you may opt-in to sav­ing your name, email address and web­site in cook­ies. These are for your con­veni­ence so that you do not have to fill in your details again when you leave anoth­er com­ment. These cook­ies will last for one year.

If you vis­it our login page, we will set a tem­por­ary cook­ie to determ­ine if your browser accepts cook­ies. This cook­ie con­tains no per­son­al data and is dis­carded when you close your browser.

When you log in, we will also set up sev­er­al cook­ies to save your login inform­a­tion and your screen dis­play choices. Login cook­ies last for two days, and screen options cook­ies last for a year. If you select “Remem­ber Me”, your login will per­sist for two weeks. If you log out of your account, the login cook­ies will be removed.

If you edit or pub­lish an art­icle, an addi­tion­al cook­ie will be saved in your browser. This cook­ie includes no per­son­al data and simply indic­ates the post ID of the art­icle you just edited. It expires after 1 day.

Embedded content from other websites

Art­icles on this site may include embed­ded con­tent (e.g. videos, images, art­icles, etc.). Embed­ded con­tent from oth­er web­sites behaves in the exact same way as if the vis­it­or has vis­ited the oth­er website.

These web­sites may col­lect data about you, use cook­ies, embed addi­tion­al third-party track­ing, and mon­it­or your inter­ac­tion with that embed­ded con­tent, includ­ing track­ing your inter­ac­tion with the embed­ded con­tent if you have an account and are logged in to that website.

Who we share your data with

The data is stored on the serv­ers of Digit­al Ocean in Ger­many. We have a con­tract that ensures GDPR conformity.

How long we retain your data

If you leave a com­ment, the com­ment and its metadata are retained indef­in­itely. This is so we can recog­nize and approve any fol­low-up com­ments auto­mat­ic­ally instead of hold­ing them in a mod­er­a­tion queue.

For users that register on our web­site (if any), we also store the per­son­al inform­a­tion they provide in their user pro­file. All users can see, edit, or delete their per­son­al inform­a­tion at any time (except they can­not change their user­name). Web­site admin­is­trat­ors can also see and edit that information.

What rights you have over your data

If you have an account on this site or have left com­ments, you can request to receive an expor­ted file of the per­son­al data we hold about you, includ­ing any data you have provided to us. You can also request that we erase any per­son­al data we hold about you. This does not include any data we are obliged to keep for admin­is­trat­ive, leg­al, or secur­ity purposes.

Where we send your data

Vis­it­or com­ments may be checked through an auto­mated spam detec­tion service.

Your contact information

Prof. Dr. med. Jörg-Janne Vehreschild

Her­der­straße 52–54
50931 Köln

Tele­fon: +49 221 47886973
Tele­fax: +49 221 4783611


Additional information

The regis­tra­tion pro­cess for the Lean European Open Sur­vey on SARS-CoV­‑2 Infec­ted Patients (LEOSS) has its own data secur­ity agreement.

How we protect your data

All employ­ees with access to the web­site’s data­base are trained in IT secur­ity meas­ures. We use strong pass­words >20 char­ac­ters as well as auto­mated updat­ing pro­ced­ures. Encryp­tion via SSL is sup­plied by Let’s Encrypt Certificates.

What data breach procedures we have in place

In the case of a data breach, we will inform every­one who had data stored on our sys­tem about the breach. We will invest­ig­ate the reas­ons for the data breach as soon as we are aware of it and will imple­ment addi­tion­al measures.

What third parties we receive data from


What automated decision making and/​or profiling we do with user data


Industry regulatory disclosure requirements


Scroll to top