Legal
GDPR Notice
Information on the processing of personal data under the EU General Data Protection Regulation (Regulation (EU) 2016/679)
Last updated: July 7, 2026
Table of Contents
1. Data Controller
For the purposes of the GDPR, the data controller is Nemaries, operator of the nemaries.com website and related digital reputation protection services. You can contact us regarding any data protection matter at [email protected].
2. Personal Data We Process
We process the following categories of personal data in connection with our services:
| Category | Data Types |
|---|---|
| Identity Data | Name, display name (stage name) |
| Contact Data | Email address, country |
| Account Data | Username, encrypted password, account status |
| Security Data | IP address, session information, access logs |
| Service Data | Protected content URLs, takedown and delisting request records, scan results, signed DMCA authorization document |
3. Purposes of Processing
Your personal data is processed for the following purposes:
- Creating, verifying, and managing user accounts.
- Providing DMCA takedown, search engine delisting, and content monitoring services.
- Preparing and submitting legal notices to platforms and search engines on your behalf.
- Ensuring the security of the platform and preventing abuse.
- Complying with legal obligations and responding to lawful requests from authorities.
- Communicating service updates and responding to support requests.
4. Legal Bases
We rely on the following legal bases under Article 6 of the GDPR:
Contract performance — Art. 6(1)(b)
Processing necessary to deliver the services you subscribe to, including content scanning, takedown submissions, and delisting requests.
Legal obligation — Art. 6(1)(c)
Record-keeping obligations relating to copyright notices and other legal processes.
Legitimate interests — Art. 6(1)(f)
Platform security, fraud prevention, and service improvement, balanced against your rights and freedoms.
Consent — Art. 6(1)(a)
Optional processing activities where we ask for your consent. You may withdraw consent at any time without affecting prior processing.
5. Data Transfers
Your personal data may be shared with the following categories of recipients, strictly to the extent necessary:
- Platforms and search engines (Google, Bing, social media platforms, hosting providers) receiving takedown or delisting notices — notices are submitted in the name of Nemaries so your identity remains confidential.
- Our partner law firm, for the conduct of legal proceedings.
- Infrastructure and email service providers acting as processors under data processing agreements.
- Competent authorities, where required by law or court order.
Where data is transferred outside the European Economic Area, we rely on appropriate safeguards such as standard contractual clauses or adequacy decisions.
6. How Data Is Collected
Personal data is collected through electronic means: the forms you fill in on our website (registration, onboarding, support), automatic logging when you use the platform, and the content information you submit for protection.
7. Retention Periods
| Data Type | Retention Period |
|---|---|
| Account data | For as long as the account is active + 30 days after a deletion request |
| Access logs | 1 year |
| Takedown/delisting records | 10 years (for legal evidence purposes) |
| Communication records | 3 years |
8. Data Subject Rights
Under Articles 15–22 of the GDPR, you have the right to:
- Access your personal data and obtain a copy.
- Rectify inaccurate or incomplete data.
- Erase your data (“right to be forgotten”).
- Restrict processing in certain circumstances.
- Receive your data in a portable, machine-readable format.
- Object to processing based on legitimate interests.
- Not be subject to decisions based solely on automated processing that produce legal effects concerning you.
- Lodge a complaint with your local supervisory authority.
9. How to Submit a Request
You can exercise any of these rights by emailing [email protected] from the email address associated with your account. We respond to all requests within 30 days at the latest, free of charge, as required by the GDPR.
10. Changes
We may update this notice from time to time. Changes take effect when published on this page. See also our Privacy Policy for more information on how we handle your data.