The EU General Data Protection Regulation (the GDPR), which regulates the processing of personal data, has now come into effect.
What is the GDPR
The GDPR is a new EU regulation that ensures the protection of the rights and freedom of natural persons in relation to the processing of their personal data, which is a fundamental right in the EU. More specifically, the GDPR regulates the processing (i.e. collection, storing, transfer, deletion etc.) of personal data in all companies operating within the EU.
At Nets, we have ensured data protection for many years, and many of the measures and actions introduced by the GDPR have in fact been part of our processes for a long time. In addition, many of our business activities require a constant devotion to data protection, preparing us well for the similar requirements in the GDPR. This includes amongst other things that Nets as PCI DSS certified (Payment Card Industry Data Security Standard) already follows a set of controls for keeping cardholder data secure, supported by a regulatory framework that is a requirement for Nets to operate as a card payment processor.
Nets as processor or controller
Nets Group is in the clear majority acting as a Processor and upon instruction in written agreement with our customers (namely banks and merchants).
When Nets acts as a Processor, Nets is processing your personal data on behalf of our customer(s) and you need to contact your bank, merchant or other responsible Controller if you have questions about your rights in accordance with the GDPR.
When Nets acts as a Controller, Nets can provide information to you as a data subject about your rights in accordance with the GDPR.
Here you find an overview of services where Nets has the role as Controller:
|Betalingsservice app on the mobile|
|Finnish Trust Network|
|International payment cards acquiring|
|Remember Me - Save My Card|
|DIBS D2 eCom solution|
|DIBS DT eCom solution|
Financial and Network Services:
|Dankort acquiring |
|Dankort app on the mobile|
Nets will continuously publish relevant information regarding GDPR on
these web pages.