Privacy

Security and Privacy


The General Data Protection Regulation (GDPR) has been applicable since 25 May 2018. This means that the same privacy legislation applies throughout the European Union (EU). The Personal Data Protection Act (Wbp) no longer applies. The AVG is also known under the English name: General Data Protection Regulation (GDPR). The AVG has taken care of:
• strengthening and extending privacy rights;
• more responsibilities for organizations;
• the same robust powers for all European privacy regulators, such as the power to impose fines of up to € 20 million.

 

Of course we think it is very important that the personal data of our customers is handled with care, and also we want to comply with the GDPR.

 

To be able to take this seriously, on 10 September 2019, R.M.J Vos was employed by IP Parking BV as Data Protection Officer at the Dutch Data Protection Authority by CEO J.F.C Smulders.

 

The data protection officer shall have at least the following tasks:

a) to inform and advise the controller or the processor and the employees who carry out processing of their obligations pursuant to this Regulation and to other Union or Member State data protection provisions;
b) to monitor compliance with this Regulation, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;
c) to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;
d) to cooperate with the supervisory authority;
e) to act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter.

 

The Data Protection Officer can be contacted for questions, comments and complaints about privacy and GDPR at the following contact details:

 

Roxanne Vos Data Protection Officer
Telephone number 0031 (0)492-521133 \ +31 (0)6-14441787
Email Privacy@ipparking.com

 

What personal data is collected, what is the purpose and what is the retention period.

 

we make distinctions per user type.

- Short term parkers / passers-by
- Regular users / subscription holders
- Users of call parking providers
- Users of reservation systems

 

Short term parkers / passers-by
Description:
- Upon arrival, draw a parking ticket at the entrance.
- Offer this ticket at the payment machine after the parking promotion.
- Drive out after payment within the free exit time

 

What is registered
The number plate is registered upon entering. The registered license plate will be:
- Linked to a unique parking transaction in the parking transaction database
- Printed on the parking ticket

 

What is the purpose of the registration?
The purpose of the registration is:
a) To facilitate the exit. After the parker has paid for the parking ticket at the payment machine, the parking transaction is set to the "paid" status. The license plate is linked to a unique parking transaction. When the parker approaches the exit on departure, the license plate will be read. The software recognizes the unique parking transaction based on the license plate
If the unique parking transaction has the status "paid", the exit barrier will open automatically before the car has stopped at the barrier. The driver can exit without delay. This promotes the flow of traffic at the exit.
b) Creating a lost card. Parkers who have lost their parking card can create a lost card themselves. By entering the license plate, the unique parking transaction is searched in the database.
It is known at what time the parking transaction started. The software calculates the correct rate. By paying the indicated amount, the parking transaction is set to the "paid" status. The parker can leave the parking facility in the manner indicated above.

 

Can authorization for registration be demonstrated?
The system is not designed to request individual permission to use the license plate for the above purposes a and b. Also, it is not possible to organize the process in such a way that permission is requested from each individual parking user. In order to inform parkers that license plate registration is being used, you can choose to indicate that license plates are being registered at the entrance (as is often stated that there is camera surveillance).

 

At which physical location are the data held?
The data is stored on local servers in a closed room at the Controller

 

Who has acces to the data.
The data can be accessed (via a login name and password) for authorized employees of the Controller and for employees of the Processor.

 

How long is the data stored?
The software can be used to set how long the data must be stored. You can choose from "not / never" to an adjustable number of days. Processor advises to opt for automatic cleaning. The Controller must determine the number of days.

 

Does the data disappear completely after the deletion?
The parking transactions are retained, but the corresponding license plates are made illegible after the set storage time. Preservation of parking transactions is necessary for statistical purposes, for audit purposes, for the accountant and as source material for tax declaration. Once the data has been deleted, it cannot be retrieved by the Processor.

 

Paying of parking fees
The parking fee due can be paid in two ways.
- By payment with currency (banknotes and coins)
- By payment with cashless money (debit and credit cards)

 

The cash payment is completely anonymous. There are no privacy issues.

The cashless transactions are made anonymous so that only the bank can trace the transaction to an account holder. There are therefore no privacy aspects associated with payment transactions

 

Regular users / subscription holders
Discription:
- Are recognized on arrival, based on a pre-registered identification.
- Are recognized on leaving, based on a pre-registered identification.
- Payment of the subscription usually takes place outside the processor's system.

 

What is registered?
Regular users with a subscription are entered into the Processor's system by the Controller.
The controller can decide which data is registered based on the available input fields. It is not necessary for privacy-sensitive information to be registered for the system to function properly. When registering the license plate, the user can drive in and out automatically based on license plate recognition.

 

What is the purpose of the registration?
The purpose of the registration is to record the data in order to be able to provide a parking subscription, to be able to invoice this subscription and to enable the use of the parking garage.

 

Can authorization for registration be demonstrated?
The Controller must organize this themselves. For example by having the Processors general terms and conditions signed.

 

At which physical location are the data held?
The data is stored on local servers in a closed room of the Controller.

 

Who has acces to the data.
The data is managed by authorized employees of the Controller. This data is (for maintenance sessions) also visible to employees of Processor.

 

How long is the data stored?
The data that the Controller has registered in the Processor's system will remain in the system.
These are not cleaned automatically. The Controller must take care of any deletion of this data after the termination of a subscription. Processor will examine (2018Q2) whether it is desirable and technically possible to automate this process.

 

Does the data disappear completely after the deletion?
When the Controller has deleted or anonymised the data, this data is also no longer available to the processor. The parking transactions are retained. Preservation of parking transactions is necessary for statistical purposes, for audit purposes for the accountant and as source material for tax declaration. the data has been deleted, it cannot be retrieved by the Processor.

 

Paying parking fees
Payment of the subscription usually takes place outside the processor's system.

 

Users of Call Parking Providers
Description:
- Are recognized on arrival based on license plate or token.
- Are recognized when leaving based on license plate or token.
- Payment of the subscription is made through the call parking provider.

 

What is registered?
At the entry / exit the license plate is registered, the location and the entry and exit times.

 

What is the purpose of the registration?
The purpose of the registration is:
a) Authorization by the call parking provider whether or not the user is a customer.
b) To facilitate the exit of the garage. If the user approaches the exit on departure, the license plate will be read. The software recognizes the unique parking transaction based on the license plate. If the unique parking transaction has the status of "call parking provider", the barrier of the exit will open automatically before the car has stopped at the barrier. The driver can exit without delay. This promotes the flow of traffic at the exit.
c) Enabling the calculation of the rates, based on the registered entry and exit times.

 

Can authorization for registration be demonstrated?
Yes, but this permission for registration has been given to the Call Parking Provider.
The user must provide the Call Parking Provider with the registration number to gain access to the parking facility.

 

At which physical location are the data held?
The data is stored on local servers in a closed room of the Controller. The Call Parking Provider also has the name and address details of the user. In addition, the Controller may use overarching systems such as the National Park Register (NPR) or Lynxx that act as a layer between the system of the Processor and the Call Parking Provider.

 

Who has acces to the data?
The data can be accessed (via a login name and password) for authorized employees of the Controller and for employees of the Processor.

 

How long is the data stored?
In the Processor system it is possible to determine how long the data must be stored. You can choose between "not / never" or an adjustable number of days. Processor advises to opt for automatic cleaning. The Controller must determine the number of days.

 

Does the data disappear completely after the deletion?
The parking transactions are retained, but the corresponding license plates are made illegible after the set storage time. Preservation of parking transactions is necessary for statistical purposes, for audit purposes, for the accountant and as source material for tax returns. Once the data has been deleted, it cannot be retrieved by the Processor.

 

Paying parking fees

Payments are made by the Call Parking Provider. The Controller must sign a separate agreement for this with the Call Parking Provider or with an umbrella system such as the NPR.

 

Reservers
Description:
- Have been registered in advance in the Processor's system.
- Are recognized on arrival based on license plate, barcode or access code.
- Are recognized on leaving based on license plate, barcode or access code
- Payment of the reservation is made through the relevant reservation system.

 

What is registered?
Different data can be registered depending on the connected reservation system. It is not necessary for personal data to be processed in order for the system to function properly. The license plate is registered when entering.

 

What is the purpose of the registration?
The purpose of the registration is:
a) The license plate is used to check whether a reservation has been registered in the system.
To facilitate the exit of the garage. If the user approaches the exit on departure, the license plate will be read. The software recognizes the unique parking transaction based on the license plate. If the unique parking transaction has the status "reservator", the exit barrier will open automatically before the car has stopped at the barrier
b) The driver can exit without delay. This promotes the flow of traffic at the exit.
c) Enabling additional payment at a payment terminal in the event that the user is parking longer than the prepaid parking duration.

 

Can authorization for registration be demonstrated?
Yes, but this permission for registration has been given to the supplier of the reservation system.

 

At which physical location are the data held?
The data is stored on local servers in a closed room of the Controller. The supplier of the reservation system may also have more information about the user.

 

Who has acces to the data?
The data can be accessed (via a login name and password) for authorized employees of the Controller and for employees of the Processor.

 

How long is the data stored?
In the Processor system you can set how long the data must be stored. You can choose between "not / never" or an adjustable number of days. Processor advises to opt for automatic cleaning. The Controller must determine the number of days.

 

Does the data disappear completely after the deletion?
The parking transactions are retained, but the corresponding license plates are made illegible after the set storage time. Preservation of parking transactions is necessary for statistical purposes, for audit purposes for the accountant and as source material for tax returns. Once the data has been deleted, it cannot be retrieved by the Processor.

 

Paying parking fees
Payments are handled by the reservation system, often through online payments.

 

Website


Cookies and collection of log files
Our website uses cookies, a number of cookies remain on your PC, making it possible to recognize your browser on a next visit. You can delete cookies on your PC and it is also possible not to accept cookies. This can affect the operation of the website. The purpose of the processing of cookies by IP Parking is to improve our website. Information is also collected such as IP address, browser type, etc. This information is collected with the aim of managing our website and, in the event of misuse of the website, being able to find out who is responsible for it.

 

Contact
It is possible to contact IP Parking via e-mail and contact form on the website. Here we request a number of personal details such as company name, contact person, e-mail address and telephone number. The purpose of processing this data is so that we can contact you and answer your questions.

 

Job openings
You can also respond to job openings through our website. We will then ask you for the following personal details, position, name, e-mail, telephone number and CV. We request this information so that we can recruit potential candidates and contact them. Data will not be kept longer than necessary.

 

Surveys
We also conduct surveys to assess our customer satisfaction. These are sent by e-mail to selected customers. The survey is filled out anonymously. No personal data is processed by IP Parking.

 

General


Other recipients of the personal data
Commissioned by IP Parking, third parties can be directed to deliver parts and process personal data. Of course, these parties must also handle the personal data with care and confidentiality, this is fixed in a sub-processor agreement.
Personal data is not shared, rented or sold by us to third parties, unless permission has been given for this in the processing agreement
IP Parking provides personal data to enforcement authorities or anti-fraud organizations when necessary to comply with a legal obligation.

 

The rights of the visitor / customer
Of course the customer is in charge of his own data. If inspection is required, or data needs to be deleted or changed, then this is possible on request. Customers (business) can do this through our service and support department. If the parker wants to inspect, make changes or remove data, we ask you to do this with the controller (this is the owner or manager of the parking lot, or parking garage). In most cases this is, for example, a municipality, institution or manager of the parking garage.

 

Questions or complaints
For questions or complaints about personal data and the protection of privacy, contact can be made with the data protection officer.
Mail: Privacy@ipparking.com

 

Who is responsible for the data?
In most cases, IP parking BV is the Data Processor and not the controller. The process controllers are generally the owners of parking garages, municipalities and institutions. We have a processor agreement with these institutions, which includes our contractual responsibilities with regard to AVG and privacy.

 

Company details
IP Parking BV
Industrieweg 19
5753 PB Deurne
Mail: info@ipparking.nl
Tel: 0031 (0)492-521133

KvK nummer: 17180180
BTW nummer: NL815432811B01