Data Protection Regulations

The protection of your privacy is of utmost importance to us. Therefore, we inform you in this privacy policy about the collection and use of your data.

The person responsible for the collection, processing and use of your personal data within the meaning of Art. 4 No. 7 GDPR is Nero AG, Rueppurrer Strasse, 76137 Karlsruhe (Germany) (hereinafter referred to as "we", "Nero" or "person responsible").

Your personal data is collected and processed in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR). These regulations describe how and for what purpose your data is collected and used, what options you have in connection with personal data and our obligation to protect this data.

If you wish to object to the collection, processing or use of your data by us in accordance with these data protection regulations as a whole or for individual measures, you can address your objection to the person responsible.

If you have any questions regarding this privacy policy or requests for information, please contact prvcynrcm.

I. Software, products und services

II. Our websites

III. Data security

IV. Your rights

V. Subject to change with regard to the updating of the data protection regulations.


I. Software, products and services


1. Scope of application

The following discloses the extent to which data is collected, used, and disclosed in the following Nero AG ("Nero") products, software programs, and services:

  • Nero 8 and later versions of the Nero Suite
  • NeroKwik Online Services
  • NeroKwik applications for Android, iOS and Windows platforms
  • Nero MoveIt
  • Nero KwikMedia
  • Nero BackItUp
  • SyncUp
  • Nero MobileSync

2. Information collection

a. Consent reservation/legal basis of processing: In principle, any collection, use and transmission of information that personally identifies you or allows us to contact you ("Personal Information") through our products is subject to your prior, express consent.

Art. 6 para. 1 s. 1 a) GDPR serves our company as the legal basis for processing transactions in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations necessary for the delivery of goods or the provision of other services or consideration, the processing is based on Art. 6 para. 1 sentence 1 b) GDPR. The same applies to such processing processes that are necessary to carry out pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, for example to fulfil tax obligations, the processing is based on Art. 6 Para. 1 S. 1 c) GDPR. Ultimately, processing operations could be based on Art. 6 para. 1 p. 1 f) GDPR. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail.

b. Necessity of recording: Typically, this information is required when you use our services, make a purchase, register your product online or provide us with your personal information so that we can contact you. To this end, we may ask you to provide information, including your name, e-mail address, country, language and payment information, during registration or registration of your software. Your personal serial number for the Nero product and the internal version number of media and software may also be transferred on some registrations. Certain services require the transfer of information about already installed Nero products to recommend suitable upgrades or program modules, for example. This data is processed anonymously.

c. Anonymous usage: Even if you do not wish to register or transfer personal data, you can still use most of the features of our software. However, the use of certain services or functions may require registration and/or transmission of information such as your personal serial number.

d. Disclosure by user: With some Nero products, including NeroKwik online services and applications, users can share and share their content with others. By using these options, we may receive information from these users that is necessary to provide these features, such as your email address.

e. Your content: With some Nero products, including NeroKwik online services and applications, users can store, access, manage, edit, share, and synchronize (e.g., image, video, and audio data) files ("content") stored on their PCs and mobile devices or made available through third-party services on and through Nero Servers. To use these products and features, Nero must collect and store the content, including associated metadata such as file name, bit rate, geoinformation, change dates, descriptions, tags, and any other information contained in the files, in order to provide the services.

f. Device and log file data: Some Nero products, including the NeroKwik online services and applications, are made available to users on various devices. Depending on the device used, the following information may be collected solely for the purpose of enabling Nero to provide the services: Device ID, device name, and partition information of the device.

g. Product improvement program: Certain Nero products allow users to participate in a product improvement program. By participating in these programs, you agree that Nero may collect and transfer information from your system about your use of Nero software. Some applications use Google Analytics, an analysis service of Google Inc. "("Google") to enable the analysis of the use of the application. The information generated by Google Analytics about your use is usually transferred to a Google server in the USA and stored there. Google may also transfer this information to third parties if required to do so by law or if third parties process the information on Google's behalf. This information is not personal in nature and is anonymously sent to a security server where it is analyzed and used to improve Nero software products. No data about the contents of the user is collected.

Google has signed and certified itself under the Privacy Shield Agreement between the European Union and the USA. By doing so, Google undertakes to comply with the standards and regulations of European data protection law. Further information can be found in the following linked entry: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active . The following information is collected: Product name, installed applications, version, time and date of installation, country (according to the operating system settings), version of the operating system and number of program and function calls, device properties, user's region information and language. The user may opt out of the product improvement program at any time by deactivating the service in the software settings.

h. Patent activation: Some Nero products and applications only work with third-party technology. Some of these technologies are integrated into this version as versions with limited functionality (demo versions) or without functionality. Online activations give users unrestricted access to these technologies so that they can take full advantage of the software's functionality and prevent misuse. An Internet connection or a fax machine is required for activation. Nero only transfers and processes data needed to activate these third-party technologies. The software only transfers this data if you have given your consent. Apart from your IP address, no personal information is transmitted to Nero. You do not need to provide your name or other personal information during activation.

i. Accuracy of the data: You can change and correct your data at any time via our registration systems. If our automatic systems do not accept or accept your changes, you can always send an e-mail to prvcynrcm asking for changes.


3. Integration of third-party services

Some Nero products give users access to features and information from third parties, including without limitation Facebook, Dropbox, Myspace, and Youtube ("Third Party Services"). Please note that Nero is not responsible for the privacy practices or the content of such services or the way they collect information. Access to third-party services and features requires an account and verification. Access to third-party services is governed by the privacy policies of those third parties.

a. Facebook:

Our products include features of the social network Facebook.com.

A social network is an Internet-based social meeting place, an online community that usually enables users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the Internet community to provide personal or company-related information. Facebook enables social network users to create private profiles, upload photos and network via friendship requests, among other things.

Facebook is operated by Facebook, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. The entity responsible for the processing of personal data if a data subject lives outside the USA or Canada is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time a function on which a Facebook component (Facebook plug-in) is integrated, the Internet browser on the person's information technology system is automatically prompted by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. An overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=en_DE. As part of this technical process, Facebook is informed about which function is used by the person concerned.

This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the person concerned. If the person concerned clicks one of the Facebook buttons integrated on our website, for example the "Like" button, or the person concerned makes a comment, Facebook assigns this information to the personal Facebook user account of the person concerned and stores this personal data.

If the person concerned does not want this information to be transmitted to Facebook, they can prevent it from being transmitted by logging out of their Facebook account before calling up our website. The data policy published by Facebook, which is available at https://de-de.facebook.com/about/privacy/ , provides information about the collection, processing and use of personal data by Facebook. It also explains what setting options Facebook offers to protect the privacy of the person concerned. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the person concerned to suppress data transmission to Facebook.

b. Dropbox: Dropbox features available in our products are provided by Dropbox Inc, 185 Berry Street, Suite 400, San Francisco, CA 94107, USA ("Dropbox"). When you access these functions, a connection is established with the dropbox servers.

For more information about Dropbox's collection and use of information, your rights in this regard, and other options to protect your privacy in connection with Dropbox services, please see the privacy information at Dropbox.com. https://www.dropbox.com/terms#privacy .

c. Youtube: Nero has integrated YouTube components into its products. YouTube is an Internet video portal that allows video publishers to post video clips and other users to view, rate and comment on them free of charge. YouTube allows the publication of all types of videos, which is why complete film and television programmes, music videos, trailers or videos produced by users themselves can be called up via the Internet portal.

YouTube is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time a YouTube component (YouTube video) is integrated into a function, the YouTube component causes the product to download a representation of the corresponding YouTube component from YouTube. More information about YouTube can be found at https://www.youtube.com/yt/about/de/ .

If the person concerned is logged on to YouTube at the same time, YouTube recognizes which specific function of our product the person concerned is visiting with the call. This information is collected by YouTube and Google and assigned to the respective YouTube account of the person concerned.

If such a transmission of this information to YouTube and Google is not desired by the person concerned, this can prevent the transmission by logging out of their YouTube account before calling up our website.

The data protection regulations published by YouTube, which can be accessed at https://www.google.de/intl/de/policies/privacy , provide information about the collection, processing and use of personal data by YouTube and Google.

d. Myspace: Nero has integrated Myspace LLC components into its products. Myspace is a so-called social network. A social network is an Internet-based social meeting place, an online community that usually enables users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the Internet community to provide personal or company-related information. Myspace allows social network users to set up free user profiles containing photos and videos, blogs or groups, among other things.

Myspace is operated by Myspace LLC, 8391 Beverly Blvd. #349, Los Angeles, California 90048, USA.

Each time a function is called in which a myspace component (myspace plug-in) is integrated, the product is automatically prompted by the respective myspace component to download a representation of the corresponding myspace component from myspace. More information about Myspace can be found at https://myspace.com . In the context of this technical procedure, Myspace is informed about which specific function is used by the person concerned.

If the affected person is logged on to Myspace at the same time, Myspace recognizes which concrete function of our products the affected person uses with each call of the function by the affected person. This information is collected by the Myspace component and assigned by Myspace to the respective Myspace account of the person concerned.

If such a transmission of this information to Myspace is not wanted by the person concerned, he can prevent the transmission by logging out of his Myspace account before calling our website.

The privacy policy published by Myspace, which can be accessed at https://myspace.com/pages/privacy , provides information about the collection, processing and use of personal data by Myspace.


4. Usage and transmission of information

a. Purpose of use: Nero uses the information collected to establish, execute and process contractual relationships and to process the related payments. Some information may also be used to improve our services and products, provided your prior express consent has been obtained.

b. Transmission to third parties: In principle, we only use your personal data within our company.

In the event that we outsource certain parts of data processing ("order processing"), we contractually oblige contractors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.

Nero reserves the right to provide customer information to affiliates, partners, or other third parties.
However, these contractually bound partners or third parties may use the customer information only to perform or complete necessary transactions or functions related to Nero contracts or products.
Any transactions and the performance of such functions by third parties must comply with the guidelines of these data protection provisions and the applicable law, in particular the GDPR.
Whenever information is transferred from Nero, the party receiving the information must ensure adequate data protection in accordance with Directive 95/46/EC.

c. Prosecution: In individual cases, Nero may make data collected available to the relevant investigative authorities for the purposes of criminal prosecution, security, the fulfilment of the legal tasks of the Office for the Protection of the Constitution, and the enforcement of intellectual property rights.

d. Subject to approval; no sale of data: Nero will not disclose any personal information to any third parties other than those listed above without Nero's prior consent. In particular, Nero does not sell data from customers or users of its websites.


5. Newsletter („Opt In“)

a. Registration: By registering within our products or otherwise using our offers, customers can decide whether they want to receive the Nero newsletter in the future. In this newsletter customers receive information about special offers, updates, programs, new products and/or services.

In order to be able to send you our newsletter, we use the so-called double opt-in procedure. Only if you have expressly confirmed to us beforehand that you wish to receive the newsletter will we send you an activation e-mail and ask you to confirm that you wish to receive our newsletter by clicking on a link contained in this e-mail.

If you register for our newsletter (e.g. via contact form or e-mail), we store your e-mail address and the data provided for sending future newsletters.

This is also our legitimate interest pursuant to Art 6 para. 1 sentence 1 f) GDPR.

b. Product recommendation: We will regularly send you product recommendations by e-mail as part of our newsletters. In this way, we can provide you with information about products from our range that you may be interested in based on your recent purchases from us. In doing so, we strictly comply with legal requirements. You can object to this at any time.

c. Tracking pixel: Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in e-mails sent in HTML format to enable log file recording and analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns to be carried out. On the basis of the embedded pixel-code we can recognize whether and when an e-mail was opened by an affected person and which links in the e-mail were called by the affected person.

d. Revocation possibility: Consent to receive the newsletter can be revoked at any time via the functions provided in the newsletter itself or by contacting us at prvcynrcm


II. Our Websites


1. Scope of application

The following discloses the extent to which data is collected, used, and shared on the following Nero AG ("Nero") Web sites:

  • nero.com
  • ahead.de
  • nerodigital.com
  • my.nero.com
  • forum.my.nero.com
  • kwikmedia.nero.com
  • nerokwikmedia.com
  • nerokwik.com
  • portal.dellsyncup.nero.com


2. Information collection

a. Reservation of consent:In principle, any collection, use and transmission of information that personally identifies you or allows us to contact you ("Personal Information") is subject to your prior express consent.

We only store and use further personal data if you give your consent or if this is legally permissible without special consent.

b. Necessity of recording: Usually this information is required if you wish to register for one of the online services offered or to provide us with your personal data so that we can contact you.
For this purpose, we request information such as name, e-mail address, delivery address and serial numbers of purchased Nero products.
When entering a contest or other promotion, we may need information such as your name, address, phone number and email address to administer the contest and notify winners. This also includes our legitimate interests in accordance with Art. 6 para. 1 sentence 1 f) GDPR in conjunction with Art. 28 GDPR.

c. Anonymous usage: Even if you do not wish to register or do not provide any personal information, you can visit most areas of our websites. However, registration may be required for the use of individual offers and pages.

d. Technically necessary information This does not apply to information that your Internet browser automatically transmits when you access our websites for reasons of technical necessity for automatic display of the page content. These include the URL of a referring website, your IP address and the date and time of your access to our websites, browser type, browser language and variables, operating system, requesting provider and websites that are accessed by the user's system via our website.
We may use your IP address to diagnose problems with our server and to administer our website.
The IP address enables us to determine which pages of our websites have been accessed and how much time has been spent on them. Your IP address is also used to collect general demographic information.
However, we do not link the IP addresses collected in this way to personal data, and in these cases it is not possible for us to assign them to a specific person. The user sessions are logged, but the user remains anonymous.
We use this log data for the purpose of operation, security and optimisation of our online offer, but also for anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for billing purposes in order to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content, analyze traffic, troubleshoot and correct errors, and improve our services. This is also our legitimate interest pursuant to Art 6 para. 1 sentence 1 f) GDPR. This information is not used by us for any other purposes.

e. Security: We store the collected data on a secure server in a private network. This increases the security of your data and limits the possibility of malicious use of your data by third parties.

f. Accuracy of the data: Once you have registered, you can change and correct your data at any time via our registration system.
Should our automated system not accept or implement your changes, you can send an e-mail at any time to prvcynrcm, asking us to amend your data.


3. Usage of personal data

a. Purpose of usage: Nero uses the information collected to establish, execute and process contractual relationships and to process the related payments.
The data can also be used to adapt and improve our offers, products and, if necessary, advertising measures.

b. Transmission to third parties: In principle, we only use your personal data within our company.

In the event that we outsource certain parts of data processing ("order processing"), we contractually oblige contractors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.

Nero reserves the right to provide customer information to affiliates, partners, or other third parties.
However, these contractually bound partners or third parties may use the customer information only to perform or complete necessary transactions or functions related to Nero contracts or products. Any transactions and the performance of such functions by third parties must comply with the guidelines of these data protection provisions and the applicable law, in particular the GDPR.
Whenever information is transferred from Nero, the party receiving the information must ensure adequate data protection in accordance with Directive 95/46/EC.

c. Prosecution: In individual cases, Nero may make data collected available to the relevant investigative authorities for the purposes of criminal prosecution, security, the fulfilment of the legal tasks of the Office for the Protection of the Constitution, and the enforcement of intellectual property rights.

d. Subject to approval; no sale of data: Nero will not disclose any personal information to any third parties other than those listed above without Nero's prior consent.
In particular, Nero does not sell data from customers or users of its websites.


4. Newsletter

a. Registration:By registering on our websites or otherwise using our services, customers can choose whether to receive the Nero newsletter in the future. In this newsletter customers receive information about special offers, updates, programs, new products and/or services.

In order to be able to send you our newsletter, we use the so-called double opt-in procedure. Only if you have expressly confirmed to us beforehand that you wish to receive the newsletter we will send you an activation e-mail and ask you to confirm that you wish to receive our newsletter by clicking on a link contained in this e-mail.

If you register for our newsletter (e.g. via contact form or e-mail), we store your e-mail address and the data provided for sending future newsletters. This is also our legitimate interest pursuant to Art. 6 para. 1 s. 1 f) GDPR.

b. Product recommendation: We will regularly send you product recommendations via e-mail as part of our newsletters. In this way, we can provide you with information about products from our product range that you may be interested in based on your recent purchases from us. In doing so, we strictly comply with legal requirements. You can object to this at any time.

c. Tracking pixels: Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in e-mails sent in HTML format to enable log file recording and analysis. This allows for statistical evaluations of the success or failure of online marketing campaigns to be carried out. On the basis of the embedded pixel-code we can recognize whether and when an e-mail was opened by an affected person and which links in the e-mail were called by the affected person.

d. Withdrawal: Your consent to receive the newsletter can be revoked at any time via the functions provided in the newsletter itself or by contacting us at prvcynrcm.


5. Links to other sites

This website contains links to other websites. Please note that Nero is not responsible for the privacy practices or the content of those websites or for the possible collection of any information therein.

Please read the privacy policy of each website you visit carefully, as it may differ from our privacy policy. In this respect, our data protection declaration applies exclusively to the websites listed above.


6. Integration of functions of third party providers

a. Facebook: Our websites include plug-ins from the social network Facebook.com.

A social network is an Internet-based social meeting place, an online community that usually enables users to communicate with each other and interact in a virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enable the Internet community to provide personal or company-related information. Facebook enables social network users to create private profiles, upload photos and network via friend requests, among other things.

Facebook is operated by Facebook, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. The legal entity responsible for the processing of personal data if a data subject lives outside the USA or Canada is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time one of the individual pages of this website is accessed, which is operated by the controller and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the person's information technology system is automatically prompted by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. An overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=en_DE . As part of this technical process, Facebook is informed about which specific subpage of our website is visited by the person concerned.

If the person concerned is logged on to Facebook at the same time, Facebook recognizes which specific subpage of our website the person concerned visits with every visit to our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned to the respective Facebook account of the person concerned. If the person concerned clicks one of the Facebook buttons integrated on our website, for example the "Like" button, or the person concerned makes a comment, Facebook assigns this information to the personal Facebook user account of the person concerned and stores this personal data.

Facebook receives information via the Facebook component that the person concerned has visited our website whenever the person concerned is logged on to Facebook at the same time as accessing our website; this happens regardless of whether the person concerned clicks on the Facebook component or not. If the person concerned does not want this information to be transmitted to Facebook, they can prevent it from being transmitted by logging out of their Facebook account before calling up our website.

The data policy published by Facebook, which is available at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains what setting options Facebook offers to protect the privacy of the person concerned. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the person concerned to suppress data transmission to Facebook.

b. SocialTwist: We offer functions of various social media platforms on our websites. This is made possible through the use of SocialTwist.

This is also our legitimate interest pursuant to Art. 6 para. 1 s. 1 f) GDPR.

For more information about SocialTwist's collection and use of information, your rights in this regard and other ways to protect your privacy in connection with the services of SocialTwist, please see the privacy policy at http://tellafriend.socialtwist.com/privacy-policy.

c. Tracking pixels: Our website uses so-called tracking pixels to track commercial data. These are used to understand the effectiveness of advertising-related communication.

This is also our legitimate interest pursuant to Art. 6 para. 1 s. 1 f) GDPR.

d. Google Analytics: We use Google Analytics, a web analysis service of Google Inc. ("Google"). Google has signed and certified itself under the Privacy Shield Agreement between the European Union and the USA. By doing so, Google undertakes to comply with the standards and regulations of European data protection law. Further information can be found in the following linked entry:

https://www.privacyshield.gov/participant?id=a2zt00000000001L5AAI&status=Active . Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by page visitors is usually transferred to a Google server in the USA and stored there.

This is also our legitimate interest pursuant to Art. 6 para. 1 s. 1 f) GDPR.

However, if IP anonymisation is activated on this website, Google will reduce your IP address from within Member States of the European Union or from within other states party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server located in the USA and shortened there. IP anonymization is active on this website. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website and Internet use.

The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the transmission to Google of data generated by the cookie and relating to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en .

As an alternative to the browser plug-in or within browsers on mobile devices, you can click the following link to set an opt-out cookie to prevent future collection by Google Analytics within this website (this opt-out cookie only works in this browser and only for this domain. If you delete the cookies in your browser, you must click this link again): Disable Google Analytics


e. Adobe Analytics / Omniture Nero AG has integrated Adobe components on this website. Adobe Analytics (Omniture) or the Adobe Marketing Cloud (hereinafter referred to as "Omniture") is a tool that enables more efficient online marketing and web analysis. Omniture is part of the Adobe Marketing Cloud. The Adobe Marketing Cloud enables real-time analysis of visitor flows on websites. The real-time analyses include project reports and allow an ad-hoc analysis of website visitors. Customer interactions are presented in a way that provides the controller with a better overview of the online activities of the users of this website by displaying the data in simple and interactive dashboards and converting them into reports. This enables the processor to receive information in real time and identify problems more quickly.

The operator of these services is Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland.

Omniture places a cookie on the information technology system of the person concerned (cookies have already been explained in advance; this can be read above). Server settings ensure that tracking records sent to Adobe's data center are anonymized prior to geolocalization. Anonymization is implemented by replacing the last part of the IP address. Nero AG has made server-side settings on the basis of which the IP address of the person concerned is anonymized independently of one another for geolocalization and range measurement prior to processing. Adobe will use the data and information collected via our website to evaluate the user behaviour of the data subject on behalf of the data controller. Adobe will also use the information to generate reports on user activity on our behalf and to provide other services to our company in connection with the use of our website. Adobe does not combine the IP address of the person concerned with other personal data.

The person concerned can prevent the setting of cookies by our website at any time, as already described above, by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Omniture from placing a cookie on the person's information technology system. In addition, the cookies already set by Omniture can be deleted at any time via an Internet browser or other software programs.

Furthermore, the data subject has the possibility to object to and prevent the collection of data generated by the Adobe cookie and related to the use of this website as well as the processing of this data by Adobe. To do this, the person concerned must press the unsubscribe button under the link http://www.adobe.com/de/privacy/opt-out.html, which sets an opt-out cookie. The opt-out cookie set with the objection is stored on the information technology system used by the person concerned. If the cookies are deleted on the system of the person concerned after an objection, the person concerned must call up the link again and set a new opt-out cookie.

By enabling the opt-out cookie, however, it is possible that the Internet pages of the data controller may no longer be fully usable by the data subject.

Adobe's current privacy policy can be found at http://www.adobe.com/de/privacy.html. . http://www.adobe.com/de/privacy.html.

7. The usage of „cookies“

a. Use of cookies: We use so-called session cookies to optimize our online offer. A session cookie is a small text file that is sent by the respective servers when you visit a website and stored temporarily on your hard drive. This file as such contains a so-called session ID, with which you can assign various requests of your browser to the common session. This will allow your computer to be recognized when you return to our website. These cookies are deleted after you close your browser. They are used, for example, to enable you to use the shopping basket function across several pages.

We also use persistent cookies (also small text files that are stored on your terminal device) to a small extent, which remain on your device and enable us to recognize your browser the next time you visit. These cookies are stored on your hard drive and are deleted automatically after a specified time. Their life span is 1 month to 10 years. This enables us to present our services to you in a more user-friendly, effective and secure manner and, for example, to display information on the website that is specifically tailored to your interests.

Our legitimate interest in the use of cookies pursuant to Art. 6 para. 1 sentence 1 f) GDPR is to make our website more user-friendly, effective and secure.

The following data and information are stored in the cookies:

- login information

- language settings

- entered search terms

- information on the number of visits to our website and use of individual functions of our website.

When the cookie is activated, it is assigned an identification number and your personal data is not assigned to this identification number. Your name, IP address or similar data that would enable the cookie to be assigned to you will not be inserted in the cookie. Based on the cookie technology, we only receive pseudonymous information, for example about which pages of our shop have been visited, which products have been viewed, etc. We do not collect any personal data from you.

In addition, we use this information to automatically enter your data in forms so that you do not have to re-enter it yourself. The use of cookies is widespread and offers many advantages. Cookies are used on most large websites. The information contained in cookies about how and when visitors use a website helps us determine which areas are popular and which are not. Numerous improvements and updates are based on information collected with cookies. In addition, cookies help us to offer customized web content and to satisfy the needs of our visitors. So-called session cookies, which are automatically deleted after closing the browser, are required, among other things, to carry out online purchasing processes.

b. Sensitive data: Our websites do not use cookies to collect personal information on your computer that was not sent as a cookie the first time you visited the website.

c. Blocking cookies: You can manage the use of cookies yourself or block them completely by configuring your browser accordingly. For example, you can set your browser so that you are informed in advance about the setting of cookies and can decide in individual cases whether you want to exclude the acceptance of cookies for certain cases or in general, or whether cookies are completely prevented. The steps for changing these settings may vary depending on your operating system and browser. If you are using Microsoft Internet Explorer, follow these steps: Under "Tools", select "Internet Options", click on the "Privacy" tab and click on "Advanced". Here you can completely block the use of cookies, which can however limit the functions of the website or web-based programs.


8. Applications and application process

We collect and process the personal data of applicants for the purpose of handling the application procedure. Processing may also be carried out electronically. This is particularly the case if an applicant sends corresponding application documents to the controller by electronic means, for example by e-mail or via a web form on the website. If Nero concludes an employment contract with an applicant based on the application, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If Nero does not conclude an employment contract with the applicant, the application documents will be automatically deleted after notification of the rejection decision, provided that there are no other legitimate interests of the data controller preventing such deletion. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).


III. Data security, storage time

1. Data Security

We make every effort to ensure the security of your data in accordance with the applicable data protection laws and our technical possibilities.

Your personal data will be transmitted encrypted. This applies to your orders and also to the customer login. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

To secure your data, we maintain technical and organisational security measures in accordance with Art. 32 GDPR, which we constantly improve to the state of the art.

Furthermore, we do not guarantee that our offer will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use are regularly and carefully secured.

2. Storage time

We process and store personal data of the data subject only for the period necessary to achieve the storage purpose or insofar as this has been provided for by the European Directive and Ordinance Giver or another legislator in laws or regulations to which we are subject.

If the storage purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Giver or another competent legislator expires, the personal data is routinely blocked or deleted in accordance with the statutory provisions.


IV. Your rights

According to the applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please send your request by e-mail or by post to the above address, clearly identifying yourself. Below you will find an overview of your rights.

1. Right to confirmation and information

You have the right to receive confirmation from us at any time as to whether personal data relating to you is being processed. If this is the case, you have the right to request from us free of charge information about the personal data stored about you together with a copy of this data. Furthermore, there is a right to the following information: a. the processing purposes;

b. the categories of personal data to be processed;

c. the recipients or categories of recipients to whom the personal data have been or are still being disclosed, in particular recipients in third countries or international organisations;

d. if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;

e. the existence of a right to have your personal data concerning you rectified or deleted or to have the data controller restrict or object to such processing;

f. the existence of a right of appeal to a supervisory authority;

g. if the personal data is not collected from you, all available information about the origin of the data;

h. the existence of automated decision-making, including profiling in accordance with Article 22(1) and (4) GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended effects of such processing for you.

If personal data are transferred to a third country or an international organisation, you have the right to be informed of the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transfer.

2. Right to correction

You have the right to request us to correct any inaccurate personal data concerning you without delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, also by means of a supplementary declaration.

3. Right to deletion

Pursuant to Art. 17 para. 1 GDPR, you have the right to demand that we delete personal data relating to you without delay and we are obliged to delete personal data without delay if one of the following reasons applies:

a. The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.

b. You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 sentence 1 a) GDPR or Art. 9 para. 2 a) GDPR and there is no other legal basis for processing.

c. You file an objection to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for processing, or you file an objection to the processing pursuant to Art. 21 para. 2 GDPR.

d. The personal data have been processed unlawfully.

e. The deletion of personal data is necessary to fulfil a legal obligation under European Union law or the law of the Member States to which we are subject.

f. The personal data was collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.

g. If we have made the personal data public and we are obliged to delete them in accordance with Art. 17 para. 1 GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that you have requested the deletion of all links to this personal data or of copies or replications of this personal data.

4. Right to limitation of processing

You have the right to request us to restrict processing if one of the following conditions applies:

a. the accuracy of the personal data is disputed by you for a period that enables us to verify the accuracy of the personal data;

b. the processing is unlawful and you have refused the deletion of the personal data and have instead requested a restriction on the use of the personal data;

c. we no longer need the personal data for the purposes of processing, but you do need the data to assert, exercise or defend legal claims; or

d. you have filed an objection to the processing pursuant to Art. 21 para. 1 GDPR, as long as it is not yet clear whether the justified reasons of our company outweigh yours.

5. Right to data transferability

You have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transmit this data to another person in charge without our interference, provided that

a. processing is based on consent pursuant to Art. 6 para. 1 sentence 1 a) GDPR or Art. 9 para. 2 a) GDPR or on a contract pursuant to Art. 6 para. 1 sentence 1 b) GDPR and

b. processing is carried out using automated methods.

When exercising your right to data transferability under paragraph 1, you have the right to request that the personal data be transferred directly to another data controller by us, insofar as this is technically feasible.

6. Right to object

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you on the basis of Art. 6 para. 1 sentence 1 e) or f) GDPR; this also applies to profiling based on these terms. We no longer process personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing purposes.

You have the right to object for reasons arising from your particular situation to the processing of personal data concerning you, which is carried out for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 GDPR, unless the processing is necessary for the fulfilment of a task in the public interest.

7. Right of revocation

You have the right to revoke your consent to the processing of personal data at any time.

8. Right of appeal to a supervisory authority

You have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or suspected of having infringed the law, if you believe that the processing of personal data concerning you is unlawful.


IV. Changes to this Privacy Policy

Nero reserves the right to change, update, or modify this Privacy Policy at any time without notice by posting such changes, updates, or modifications on the website. Nero may also, in its sole discretion, distribute such notices through its products and services. Any such change, update or modification shall be effective immediately upon posting it on the website. Nero recommends that you read this Statement periodically to keep up to date with the measures taken to protect your personal information.

4. Newsletter

a. Registration: By registering on our websites or otherwise using our services, customers can choose whether to receive the Nero newsletter in the future. In this newsletter customers receive information about special offers, updates, programs, new products and/or services.

In order to be able to send you our newsletter, we use the so-called double opt-in procedure. Only if you have expressly confirmed to us beforehand that you wish to receive the newsletter we will send you an activation e-mail and ask you to confirm that you wish to receive our newsletter by clicking on a link contained in this e-mail.

If you register for our newsletter (e.g. via contact form or e-mail), we store your e-mail address and the data provided for sending future newsletters.

This is also our legitimate interest pursuant to Art. 6 para. 1 s. 1 f) GDPR.

b. Product recommendation: We will regularly send you product recommendations via e-mail as part of our newsletters. In this way, we can provide you with information about products from our product range that you may be interested in based on your recent purchases from us. In doing so, we strictly comply with legal requirements. You can object to this at any time.

c. Tracking pixels: Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in e-mails sent in HTML format to enable log file recording and analysis. This allows for statistical evaluations of the success or failure of online marketing campaigns to be carried out. On the basis of the embedded pixel-code we can recognize whether and when an e-mail was opened by an affected person and which links in the e-mail were called by the affected person.

d. Withdrawal: Your consent to receive the newsletter can be revoked at any time via the functions provided in the newsletter itself or by contacting us at prvcynrcm.

5. Links to other Websites

This website contains links to other websites. Please note that Nero is not responsible for the privacy practices or the content of those websites or for the possible collection of any information therein.

Please read the privacy policy of each website you visit carefully, as it may differ from our privacy policy. In this respect, our data protection declaration applies exclusively to the websites listed above.

6. Integration of functions of third party providers

a. Facebook: Our websites include plug-ins from the social network Facebook.com.

A social network is an Internet-based social meeting place, an online community that usually enables users to communicate with each other and interact in a virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enable the Internet community to provide personal or company-related information. Facebook enables social network users to create private profiles, upload photos and network via friend requests, among other things.

Facebook is operated by Facebook, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. The legal entity responsible for the processing of personal data if a data subject lives outside the USA or Canada is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time one of the individual pages of this website is accessed, which is operated by the controller and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the person's information technology system is automatically prompted by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. An overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=en_DE . As part of this technical process, Facebook is informed about which specific subpage of our website is visited by the person concerned.

If the person concerned is logged on to Facebook at the same time, Facebook recognizes which specific subpage of our website the person concerned visits with every visit to our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned to the respective Facebook account of the person concerned. If the person concerned clicks one of the Facebook buttons integrated on our website, for example the "Like" button, or the person concerned makes a comment, Facebook assigns this information to the personal Facebook user account of the person concerned and stores this personal data.

Facebook receives information via the Facebook component that the person concerned has visited our website whenever the person concerned is logged on to Facebook at the same time as accessing our website; this happens regardless of whether the person concerned clicks on the Facebook component or not. If the person concerned does not want this information to be transmitted to Facebook, they can prevent it from being transmitted by logging out of their Facebook account before calling up our website.

The data policy published by Facebook, which is available at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains what setting options Facebook offers to protect the privacy of the person concerned. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the person concerned to suppress data transmission to Facebook.

b. SocialTwist: We offer functions of various social media platforms on our websites. This is made possible through the use of SocialTwist.

This is also our legitimate interest pursuant to Art. 6 para. 1 s. 1 f) GDPR.

For more information about SocialTwist's collection and use of information, your rights in this regard and other ways to protect your privacy in connection with the services of SocialTwist, please see the privacy policy at http://tellafriend.socialtwist.com/privacy-policy.

c. Tracking pixels: Our website uses so-called tracking pixels to track commercial data. These are used to understand the effectiveness of advertising-related communication.
This is also our legitimate interest pursuant to Art. 6 para. 1 s. 1 f) GDPR.



d. Google Analytics: We use Google Analytics, a web analysis service of Google Inc. ("Google"). Google has signed and certified itself under the Privacy Shield Agreement between the European Union and the USA. By doing so, Google undertakes to comply with the standards and regulations of European data protection law. Further information can be found in the following linked entry: https://www.privacyshield.gov/participant?id=a2zt00000000001L5AAI&status=Active. .



Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by page visitors is usually transferred to a Google server in the USA and stored there.

This is also our legitimate interest pursuant to Art. 6 para. 1 s. 1 f) GDPR.

However, if IP anonymisation is activated on this website, Google will reduce your IP address from within Member States of the European Union or from within other states party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server located in the USA and shortened there. IP anonymization is active on this website. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website and Internet use.

The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the transmission to Google of data generated by the cookie and relating to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en. .

As an alternative to the browser plug-in or within browsers on mobile devices, you can click the following link to set an opt-out cookie to prevent future collection by Google Analytics within this website (this opt-out cookie only works in this browser and only for this domain. If you delete the cookies in your browser, you must click this link again): Disable Google Analytics

e. Adobe Analytics / Omniture Nero AG has integrated Adobe components on this website. Adobe Analytics (Omniture) or the Adobe Marketing Cloud (hereinafter referred to as "Omniture") is a tool that enables more efficient online marketing and web analysis. Omniture is part of the Adobe Marketing Cloud. The Adobe Marketing Cloud enables real-time analysis of visitor flows on websites. The real-time analyses include project reports and allow an ad-hoc analysis of website visitors. Customer interactions are presented in a way that provides the controller with a better overview of the online activities of the users of this website by displaying the data in simple and interactive dashboards and converting them into reports. This enables the processor to receive information in real time and identify problems more quickly.

The operator of these services is Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland.

Omniture places a cookie on the information technology system of the person concerned (cookies have already been explained in advance; this can be read above). Server settings ensure that tracking records sent to Adobe's data center are anonymized prior to geolocalization. Anonymization is implemented by replacing the last part of the IP address. Nero AG has made server-side settings on the basis of which the IP address of the person concerned is anonymized independently of one another for geolocalization and range measurement prior to processing. Adobe will use the data and information collected via our website to evaluate the user behaviour of the data subject on behalf of the data controller. Adobe will also use the information to generate reports on user activity on our behalf and to provide other services to our company in connection with the use of our website. Adobe does not combine the IP address of the person concerned with other personal data.

The person concerned can prevent the setting of cookies by our website at any time, as already described above, by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Omniture from placing a cookie on the person's information technology system. In addition, the cookies already set by Omniture can be deleted at any time via an Internet browser or other software programs.

Furthermore, the data subject has the possibility to object to and prevent the collection of data generated by the Adobe cookie and related to the use of this website as well as the processing of this data by Adobe. To do this, the person concerned must press the unsubscribe button under the link http://www.adobe.com/de/privacy/opt-out.html, which sets an opt-out cookie. The opt-out cookie set with the objection is stored on the information technology system used by the person concerned. If the cookies are deleted on the system of the person concerned after an objection, the person concerned must call up the link again and set a new opt-out cookie.

By enabling the opt-out cookie, however, it is possible that the Internet pages of the data controller may no longer be fully usable by the data subject.

Adobe's current privacy policy can be found at
http://www.adobe.com/de/privacy.html.

7. The usage of „cookies“

a. Use of cookies: We use so-called session cookies to optimize our online offer. A session cookie is a small text file that is sent by the respective servers when you visit a website and stored temporarily on your hard drive. This file as such contains a so-called session ID, with which you can assign various requests of your browser to the common session. This will allow your computer to be recognized when you return to our website. These cookies are deleted after you close your browser. They are used, for example, to enable you to use the shopping basket function across several pages.

We also use persistent cookies (also small text files that are stored on your terminal device) to a small extent, which remain on your device and enable us to recognize your browser the next time you visit. These cookies are stored on your hard drive and are deleted automatically after a specified time. Their life span is 1 month to 10 years. This enables us to present our services to you in a more user-friendly, effective and secure manner and, for example, to display information on the website that is specifically tailored to your interests.

Our legitimate interest in the use of cookies pursuant to Art. 6 para. 1 sentence 1 f) GDPR is to make our website more user-friendly, effective and secure.

The following data and information are stored in the cookies:

- login information

- language settings

- entered search terms

- information on the number of visits to our website and use of individual functions of our website.

When the cookie is activated, it is assigned an identification number and your personal data is not assigned to this identification number. Your name, IP address or similar data that would enable the cookie to be assigned to you will not be inserted in the cookie. Based on the cookie technology, we only receive pseudonymous information, for example about which pages of our shop have been visited, which products have been viewed, etc. We do not collect any personal data from you.

In addition, we use this information to automatically enter your data in forms so that you do not have to re-enter it yourself. The use of cookies is widespread and offers many advantages. Cookies are used on most large websites. The information contained in cookies about how and when visitors use a website helps us determine which areas are popular and which are not. Numerous improvements and updates are based on information collected with cookies. In addition, cookies help us to offer customized web content and to satisfy the needs of our visitors. So-called session cookies, which are automatically deleted after closing the browser, are required, among other things, to carry out online purchasing processes.

8. Applications and application process

We collect and process the personal data of applicants for the purpose of handling the application procedure. Processing may also be carried out electronically. This is particularly the case if an applicant sends corresponding application documents to the controller by electronic means, for example by e-mail or via a web form on the website. If Nero concludes an employment contract with an applicant based on the application, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If Nero does not conclude an employment contract with the applicant, the application documents will be automatically deleted after notification of the rejection decision, provided that there are no other legitimate interests of the data controller preventing such deletion. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).


III. Data security, storage time

1. Data Security

We make every effort to ensure the security of your data in accordance with the applicable data protection laws and our technical possibilities.

Your personal data will be transmitted encrypted. This applies to your orders and also to the customer login. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

To secure your data, we maintain technical and organisational security measures in accordance with Art. 32 GDPR, which we constantly improve to the state of the art.

Furthermore, we do not guarantee that our offer will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use are regularly and carefully secured.

2. Storage time

We process and store personal data of the data subject only for the period necessary to achieve the storage purpose or insofar as this has been provided for by the European Directive and Ordinance Giver or another legislator in laws or regulations to which we are subject.

If the storage purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Giver or another competent legislator expires, the personal data is routinely blocked or deleted in accordance with the statutory provisions.


III. Data security, storage time

According to the applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please send your request by e-mail or by post to the above address, clearly identifying yourself. Below you will find an overview of your rights.

1. Right to confirmation and information

You have the right to receive confirmation from us at any time as to whether personal data relating to you is being processed. If this is the case, you have the right to request from us free of charge information about the personal data stored about you together with a copy of this data. Furthermore, there is a right to the following information:

a. the processing purposes;

b. the categories of personal data to be processed;

c. the recipients or categories of recipients to whom the personal data have been or are still being disclosed, in particular recipients in third countries or international organisations;

d. if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;

e. the existence of a right to have your personal data concerning you rectified or deleted or to have the data controller restrict or object to such processing;

f. the existence of a right of appeal to a supervisory authority;

g. if the personal data is not collected from you, all available information about the origin of the data;

h. the existence of automated decision-making, including profiling in accordance with Article 22(1) and (4) GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended effects of such processing for you.

If personal data are transferred to a third country or an international organisation, you have the right to be informed of the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transfer.

2. Right to correction

You have the right to request us to correct any inaccurate personal data concerning you without delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, also by means of a supplementary declaration.

3. Right to deletion

Pursuant to Art. 17 para. 1 GDPR, you have the right to demand that we delete personal data relating to you without delay and we are obliged to delete personal data without delay if one of the following reasons applies:

a. The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.

b. You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 sentence 1 a) GDPR or Art. 9 para. 2 a) GDPR and there is no other legal basis for processing.

c. You file an objection to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for processing, or you file an objection to the processing pursuant to Art. 21 para. 2 GDPR.

d. The personal data have been processed unlawfully.

e. The deletion of personal data is necessary to fulfil a legal obligation under European Union law or the law of the Member States to which we are subject.

f. The personal data was collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.

g. If we have made the personal data public and we are obliged to delete them in accordance with Art. 17 para. 1 GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that you have requested the deletion of all links to this personal data or of copies or replications of this personal data.

4. Right to limitation of processing

You have the right to request us to restrict processing if one of the following conditions applies:

a. the accuracy of the personal data is disputed by you for a period that enables us to verify the accuracy of the personal data;

b. the processing is unlawful and you have refused the deletion of the personal data and have instead requested a restriction on the use of the personal data;

c. we no longer need the personal data for the purposes of processing, but you do need the data to assert, exercise or defend legal claims; or

d. you have filed an objection to the processing pursuant to Art. 21 para. 1 GDPR, as long as it is not yet clear whether the justified reasons of our company outweigh yours.

5. Right to data transferability

You have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transmit this data to another person in charge without our interference, provided that

a. processing is based on consent pursuant to Art. 6 para. 1 sentence 1 a) GDPR or Art. 9 para. 2 a) GDPR or on a contract pursuant to Art. 6 para. 1 sentence 1 b) GDPR and

b. processing is carried out using automated methods.

When exercising your right to data transferability under paragraph 1, you have the right to request that the personal data be transferred directly to another data controller by us, insofar as this is technically feasible.

6. Right to object

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you on the basis of Art. 6 para. 1 sentence 1 e) or f) GDPR; this also applies to profiling based on these terms. We no longer process personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing purposes.

You have the right to object for reasons arising from your particular situation to the processing of personal data concerning you, which is carried out for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 GDPR, unless the processing is necessary for the fulfilment of a task in the public interest.

7. Right of revocation

You have the right to revoke your consent to the processing of personal data at any time.

8. Right of appeal to a supervisory authority

You have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or suspected of having infringed the law, if you believe that the processing of personal data concerning you is unlawful.


IV. Changes to this Privacy Policy

Nero reserves the right to change, update, or modify this Privacy Policy at any time without notice by posting such changes, updates, or modifications on the website. Nero may also, in its sole discretion, distribute such notices through its products and services. Any such change, update or modification shall be effective immediately upon posting it on the website. Nero recommends that you read this Statement periodically to keep up to date with the measures taken to protect your personal information.