The Data Protection Board
Practical advice and transparent decisions
As an international organization, the Arolsen Archives are subject to their own data protection regulations. In 2024, an independent Data Protection Board was set up to monitor compliance with these data processing rules.
Who are the Board members?
The members of the Data Protection Board are appointed by the International Commission (IC), the supervisory body of the Arolsen Archives. Each of the eleven member states of the IC can nominate someone to the board. At the moment the Board has seven members.
The Chair of the Board is Filip Strubbe from the National Archives of Belgium, and the Deputy Chair is Toby Simpson, Director of the Wiener Library in London.
The Board regularly meets every three months, but it may hold extraordinary meetings at any time to deal with inquiries from the Arolsen Archives or concerns raised by external parties. Board meetings are not open to the public.
Duties of the Data Protection Board
The most important task of the Data Protection Board is to ensure that data processing at the Arolsen Archives complies with the rules and regulations. Are individuals’ privacy rights properly protected? Is the organization handling personal data responsibly and securely? The Board works together with the Data Protection Officer and the data protection authorities.
In addition, the Board responds to inquiries and complaints from users and third parties. These may be related to the release of information or copies of documents, for example. In rare cases, individuals may ask for documents to be removed from the online archive – perhaps because they contain personal information about someone who is still alive, or because family members do not want individual documents about a deceased relative to be available online. In these cases, the Board will check whether the decisions taken by the Arolsen Archives are correct and transparent. The Board can also mandate specific measures.
Beyond this, the Board works on refining the data protection regulations and develops standardized procedures for handling common scenarios.
The Board presents an annual written report on its work to the IC.
The activities of the Board are governed by the Berlin Agreement on the International Tracing Service of December 9, 2011, the organization’s data protection regulations, and the Rules of Procedure of the Data Protection Board from June 2022.
FAQ
The Arolsen Archives operate within the legal framework established by the Berlin Agreement of December 9, 2011. This agreement granted access to the ITS archive for the purposes of research, remembrance, and commemoration. As an international organization, the Arolsen Archives have had their own data protection regulations since 2022.
No, they aren’t. The International Commission, the supervisory body of the Arolsen Archives, conducted a thorough review when the GDPR came into force in 2018. The Commission concluded that the Arolsen Archives are not subject to the GDPR because of their status as an international organization. The Arolsen Archives drew up their own data protection regulations instead. And they established an independent supervisory body, the Data Protection Board, to monitor compliance.
Please note that the online archive contains sensitive information about victims of Nazi persecution. The Arolsen Archives adhere strictly to the organization’s data protection regulations when providing access to documents in their online archive.
All users of the online archive are personally responsible for complying with applicable data protection laws and other relevant legislation. The Arolsen Archives cannot be held responsible for any publications resulting from the use of the online archive.
The holdings of the Arolsen Archives primarily consist of historical records that were created in the period leading up to 1945 and in the immediate post-war period. Only in exceptional cases does a closure period or any restriction on the use of this data still apply.
If you are related to a victim of Nazi persecution or have any other valid reason, please contact us if you do not consent to the publication of certain personal data.
We will give careful consideration to your request. If we come to the conclusion that there are valid reasons for the permanent removal of specific documents from the online archive, the documents concerned will be taken offline. The rules according to which we make this decision were developed in consultation with the Data Protection Board and can be viewed on our website.