Close countries panel

Select country

For solutions in a specific country please visit our local website

Nets is a part of the Nexi Group - The European PayTech. Visit our Group website at

Privacy notice – General Nets privacy notice




Below, you find information about how we process your personal data (the Privacy Notice) and our use of cookies on this website.

Last updated June 2024.

  1. What does this Privacy Notice cover?

The protection of personal data is important to the Nets Denmark A/S (including all branches), Nets Cards Processing A/S and Nets Sweden AB (hereinafter referred to as either Nets, us, our or we). That is why safeguarding personal data is essential to everything we do, and why we strive to provide the best possible protection of personal data. This also includes the visitors to our websites, physical premises and other parties that may be in contact with Nets.

Nets will process personal data about you when you choose to interact with us, including (i) when you visit our website and its subpages, (ii) when you visit Nets' offices, (iii) when we use social media when interacting with you (e.g. Facebook and LinkedIn) and (iv) when you perform your rights under the General Data Protection Regulation (the GDPR) and applicable local data protection regulations by making a data subject request and other relevant interactions.

Nets will act as the data controller of the processes listed under the table in Section 2 below.

In relation to the services that Nets offers to merchants, individuals and financial institutions, other privacy notices will exist and cover those products and services where needed. You can find the service/product related privacy notice on the specific Nets site dedicated hereto.

Nets acts as a data processor for some services, e.g., issuer services (cards issued to the consumer on behalf of banks). For these services, we kindly refer to the data controller's privacy notice for information about how personal data is processed. In most cases, this will be your bank.

  1. The type of personal data we process, our purposes and legal basis

  1. Where do your personal data come from?

The personal data what we process are mainly obtained from you, but it depends on the facts or the specific circumstances.

Generally, Nets will not use your personal data for other purposes, which are not compatible with the original purpose for which the personal information was collected, without your explicit consent. Compilation for statistical purposes is considered compatible with the original purpose.

  1. Who is engaged when Nets is processing your personal data?

Nets will keep your data confidential, but we may be disclosed it to the following recipient categories:

  • Other entities of Nexi S.p.A Group if the legislations require us to share such information. We might also share your data to provide you with better products and services.
  • External data processors acting on Nets' behalf to whom the personal data can be disclosed while utilising their services, e.g. IT operation(s) or operational support, cloud solution. This includes the following suppliers:
    • Microsoft Ireland Operations Limited
    • ServiceNow Denmark ApS
    • SAP Danmark A/S
    • Salesforce
  • Relevant supervisory authorities as required by law, court orders or a request from the police or other authorities.
  • External consultants/lawyers to establish, exercise or defend legal claims. Nets will ensure that the amount of personal data disclosed is limited to the extent necessary for the particular case.
In the event such recipients have access to personal data collected or processed by us, the recipient acts as data processor and acts in accordance with a written agreement and under the instructions from us.

  1. Transfers to countries outside EU/EEA

In some cases, we will transfer personal data to countries outside the EU/EEA. Such transfers will only take place subject to appropriate safeguards are in place for the transfer including:

  1. The country has been deemed by the Commission of the European Union to have an adequate level of protection of personal data. Personal data can without further measures be transferred to such third countries
  2. The country has not been deemed by the Commission of the European Union to have an adequate level of protection of personal data, but we provide appropriate safeguards for the transfer through the use of Standard Contractual Clauses, as published by the Commission of the European Union, EU-US Data Privacy Framework or any other contractual agreement approved by the competent authorities or any other legal basis, including the use of supplementary measures if deemed necessary.

Where no appropriate safeguards are provided, such as the above mentioned, transfer of personal data tounsafe third countries can take place based on specific legal basis for the transfer.

For instance, the transfer can take place based (i) if you have consented hereto, (ii) for the performance of a contract with a company established in such third country and (iii) if necessary in relation to legal claims. The specific legal bases are stated in Article 49(1) of the GDPR.

You can always obtain a copy of the relevant legal basis for the transfer, or information about where it can be accessed by contacting Nets' Data Protection Officer. You will find the contact details under Section 8.

  1. Security

Nets is dedicated to protecting your personal data.

As part of this dedication, we have adopted internal security policies and instructed our employees accordingly to comply with applicable legislation, e.g., the GDPR.

We have implemented appropriate procedures and security measures to protect your personal data from being destroyed, lost or altered, publicized unlawfully and against being disclosed to unauthorized persons or otherwise processed contrary to applicable data protection legislation.

  1. Your rights as a data subject

As a data subject you have several rights available to you, which you may exercise by contacting Nets. You can exercise your rights by submitting your request here:

Data Subject Request

According to the data protection regulations, you have the following rights:

  1. The right to request information about what personal data we process about you.
  2. The right to have rectified your personal data.
  3. The right to erase your personal data. Please note that exercising this right might be limited according to national law, i.e., we might not be able to delete and/or modify all personal data.
  4. The right to object to the processing of your personal data and have the processing of your personal data restricted.
  5. The right to object to the processing of your personal data and have the processing of your personal data restricted.
  6. An unconditional right to object to the processing of your personal data for direct marketing purposes.
  7. If processing of your personal information is based on your consent, you have the right to withdraw your consent at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent. You may withdraw your consent for a specific service by following the instructions for the specific service, please refer to the website for the specific service offered by Nets.
  8. The right to receive your personal information in a structured, commonly used and machine-readable format (known as data portability), subject to fulfilment of specific conditions set by data protection law.

Please note, Nets may decline disclosure to you if you are in possession of the information already or if disclosing them to you is impossible or would involve a disproportionate effort or would impair the achievement of the objectives of the processing.

If you have any concerns about the manner in which we process your personal data, you can lodge a complaint with the Danish Data Protection Agency (in Danish: Datatilsynet): (website in Danish and English).

You can also lodge a complaint with a data protection supervisory authority in the EU/EEA member state of your habitual residence, place of work or where the alleged infringement has taken place.

Please find links to the Nordic, German and Baltic authorities below:

  1. Contact us

You are welcome to contact Nets' Nordic Data Protection Officer if you have any questions, complaints or other concerns related to data protection and privacy on the following email address:

For questions of a more general character, you can write to us here.

Nets Denmark A/S (including all branches)
Company number: 20016175
Klausdalsbrovej 601
DK-2750 Ballerup

Nets Cards Processing A/S
Company number: 30504461
Klausdalsbrovej 601
DK-2750 Ballerup

Nets Sweden AB
Company number: 556761-4960
Hammarbybacken 27
SE-120 30 Stockholm

Read more about how Nets has applied the GDPR regulation: 
GDPR regulation in Nets