Terms of service, copyright & data protection


The content and works on these pages created by the site operators are subject to German copyright law. The reproduction, processing, distribution and any kind of exploitation outside the limits of copyright require the written consent of the respective author or creator. Downloads and copies of this site are for private, non-commercial use only. As far as the contents on this side were not created by the operator, the copyrights of third parties are considered. Particular contents of third parties are marked as such. If you should still be aware of a copyright infringement, please inform us. Upon notification of violations, we will remove such content immediately.

Data protection

Data protection declaration and declaration of consent of the European Roma Institute for Arts and Culture eV

The European Roma Institute for Arts and Culture eV, Reinhardtstr. 41-43, 10117 Berlin (“ERIAC” or “We”) is the operator of the website  https://www.proudroma.org/  (“Website”) and is responsible for the personal data of the users (“you”) of the Website within the meaning of the EU General Data Protection Regulation (GDPR) and German data protection laws, in particular the Federal Data Protection Act (BDSG).

ERIAC is very committed to the data protection of its users. The purpose of this declaration is to ensure transparency with regard to the personal data that is collected, processed and used by ERIAC when you visit our website or use our services.

  1. Use of our website

It is possible to visit our website and use our website without providing any personal information.

On our behalf, third-party providers provide us with the services for hosting and displaying the website. These service providers are located within a country of the European Union or the European Economic Area. When you visit our website, access data is stored by the web server in “server log files”, which are communicated by the browser. They are required by the hosting company for technical reasons to enable our website to be displayed and to guarantee its stability and security. The following data is recorded and stored until it is automatically deleted:

  • IP address of the requesting computer;
  • Date / time of access;
  • Name / URL of the file accessed;
  • Access status (http status);
  • Amount of data transferred;
  • Identification data of the browser and operating system used;
  • Website from which access is made;
  • Name of your Internet access provider.

A storage of this data together with other personal data does not take place. The collection and processing of this data takes place exclusively to enable the use of the website, to maintain system security, for the technical administration of the network infrastructure and for the general optimization of the Internet offer. To do this, your IP address must be stored for the duration of your visit to our website. An evaluation of this data for marketing purposes does not take place.

  1. Data collection and use
  • Contact forms

We collect personal data if you provide it to us when you contact us (e.g. using the contact form or email newsletter). Which data is actually collected, which information is mandatory or voluntary, can be seen in the respective input forms.

  • Datadat OÜ

Datadat OÜ offers two data processing software solutions, Digitribe and Winwithme, from ERIAC to manage client data, register e-mails, and handle Facebook Messenger subscribers and social interaction data in ERIAC’s Business Manager. 

Datadat OÜ: Pärnu mnt 158 ​​/ 2-88, 11317 Tallinn Estonia. https://winwith.me/privacy-policy/


Datadat OÜ uses the Hetzner Cloud Service to access and save personal data of the data controller , which is made available by  Hetzner Online GmbH. Hetzner Online GmbH,  Industriestr. 25, 91710 Gunzenhausen, Germany . Data protection regulations can be found at  https://www.hetzner.com/rechtliches/datenschutz/  .


Datadat OÜ uses Cloud Functions for Firebase, Firebase Realtime Database and Cloud Storage for Firebase Services to store and access personal data. Data is offered by the data controller, Google Ireland Limited. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google operates their services and often stores data in the USA. Google is a certified provider of the Privacy Shield Agreement and offers protective measures according to the European data protection regulations:  https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active


Datadat OÜ uses Mailgun as an outgoing bulk email sender. Mailgun San Antonio HQ,  112 E Pecan St. # 1135, San Antonio, TX 78205  https://www.mailgun.com/gdpr/

  1. Web analysis

The ERIAC website uses Google (Universal) Analytics, a web analysis service from Google LLC, for website analysis. This serves to safeguard our legitimate interests, which predominate in the context of a weighing of interests, in an optimized presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit.

Google (Universal) Analytics enables us to analyze the use of the website by users. Such automatically collected information about your use of our website is usually transmitted to a Google server in the USA and stored there. By activating the IP anonymization on this website, the IP address is shortened before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be sent to a Google server in the USA and shortened there in exceptional cases. The anonymized IP address transmitted by your browser as part of Google Analytics is generally not merged with other Google data.

Any further data processing does not take place unless you have given Google your consent to link the web and app history of your browser with your personal Google account. In this way, data from your Google account can be used with websites that you visit for the purpose of personalizing (advertising) advertisements.

Any further collection of data will only take place if you have agreed with Google that your web and app browser history will be linked by Google to your Google account and that information from your Google account will be used together with the data from Google Analytics for cross-device remarketing by creating target groups, for example.

Google LLC is headquartered in Mountain View, California, USA and is certified under the EU-US Privacy Shield . The agreement between the USA and the EU Commission thereby establishes an appropriate level of data protection.

Here you can install a browser add-on to deactivate Google Analytics. In this way, you can prevent Google from collecting and processing your data relating to the use of our website (e.g. IP address).

  1. Social networks and video platforms
  • Social networks

Our website uses social buttons and widgets from social networks. To protect your data when you visit our website, however, these buttons and widgets are not unrestricted, but only integrated into the page via an HTML link. This ensures that calling up a page on our website that contains these buttons does not yet result in a connection to the provider’s servers. Only when you click on one of the buttons does the respective provider call up a window. For the purpose and scope of data collection in social networks, its further processing and use by the providers as well as your rights and setting options for the protection of your privacy, we refer to the data protection information of the providers:

Data protection notice Facebook

Privacy notice Twitter

Data protection notice Google

Data protection information Instagram

  • Video platforms

Our website includes content via video platforms such as Youtube.com and Vimeo.com . This is done to safeguard our predominant legitimate interests in the multimedia presentation of our offer and our activities in accordance with Art. 6 Para. 1 S. 1 lit.f GDPR. The YouTube videos are embedded using the “extended data protection mode”. In this way, data is only transmitted when the relevant video is clicked.

Youtube is operated by Google LLC, 1 based in Mountain View, California, USA and is certified under the EU-US Privacy Shield . The agreement between the USA and the EU Commission thereby establishes an appropriate level of data protection.

Vimeo is operated by Vimeo LLC, New York, New York, USA.

Pages on a website equipped with a Vimeo plug-in establish a connection to the Vimeo server when you visit and tell it which of our pages were visited. The IP address is communicated even if the visitors do not have a Vimeo account. If visitors are logged into their private Vimeo account, Vimeo automatically assigns their surfing behavior to the Vimeo profile. This can be prevented by logging out. Our (currently limited) use of Vimeo takes place in the sense of a uniform and appealing presentation of our online offers, which in turn represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. GDPR. At the present time, Vimeo does not have the option of integrating without passing on data.

The scope and purpose of the data collection, the further processing and use of data by the respective provider, as well as your rights and setting options to protect your privacy can be found in the data protection information of the provider.

Data protection information Youtube / Google
data protection information Vimeo

  1. Data security

Securing our website and systems through technical and organizational measures against loss, destruction, access, modification or dissemination of your data by unauthorized persons is a central concern of ours. For this reason we use SSL encryption.

  1. Your rights & contact options

As a data subject, you have the following rights:

  • 15 GDPR gives you the right to request information about your personal data that is processed by us to the extent specified there;
  • 16 GDPR the right gives you the right to immediately request a correction and / or completion of your personal data stored by us;
  • 17 GDPR gives you the right to request the deletion of your personal data stored by us;

unless the processing is necessary:

  • to exercise the right to freedom of expression and information;
  • to fulfill legal obligations;
  • for reasons of public interest;
  • to exercise, defend or assert legal claims.
  • 18 GDPR gives you the right to request that the processing of your personal data be restricted:
  • If you dispute the accuracy of your data;
  • If the processing of the data is unlawful, but you still refuse to delete it;
  • If we no longer need the data, but you need them to exercise, defend or assert legal claims;
  • If you have objected to the processing in accordance with Art. 21 GDPR;
  • Art. 20 GDPR grants you the right to receive the personal data you have provided in a structured, common, machine-readable format and to request the transfer of the data to a person responsible;
  • Art. 77 GDPR gives you the right to complain to a supervisory authority. Usually this is the supervisory authority of your usual place of residence, your place of work or the seat of our institution.
  1. Your rights & contact options

As long as and to the extent that we process personal data – to safeguard our legitimate interests and as explained above – you can object to the future processing of this data. In the case of direct marketing (which ERIAC does not currently use) you can exercise this right at any time. If the processing is carried out for other purposes, you only have the right to object for reasons that result from your particular situation. As soon as you have exercised your right of objection, we will no longer process your personal data. With the following exceptions:

  • We can demonstrate legitimate reasons for processing your personal data that outweigh your rights, freedoms and interests;
  • The processing of your personal data serves to exercise, defend or assert legal claims.

© ERIAC – European Roma Institute for Arts and Culture eV 2021