Privacy Statement on the protection of personal data

1. Introduction.

Parking Telecom Labs (“PT”) is committed to user privacy and compliance with all relevant requirements towards personal data protection.

Our privacy policy is designed to provide transparency into our privacy practices and principles, in a format easy to read and understand. We are dedicated to treating your personal information with care and respect.

This privacy policy describes the treatment of information provided or collected on the sites where this privacy policy is posted. It also explains the treatment of information provided or collected on applications we make available on third-party sites or platforms if disclosed to you in connection with use of the application.

2. Why do we collect, store and process your data?

PT collects your data for the following purposes:

  • to enter into a contract with you;
  • the personalization of your access to the PT platform, marketplace, website, application and PT Services;
  • to enable PT to answer your enquiries and give you information concerning the use of the platform, marketplace, application and PT Services;
  • to enable PT to provide you the PT Services;
  • to communicate with you about your account or transactions, or send you information about changes in our policies, features on our sites and applications information;
  • to send you information related to the parking services use;
  • to personalize content and experiences and to improve the PT Services;
  • to analyse errors of the system; to detect, investigate and prevent activities that may violate our policies or be illegal;
  • to verify your identity when you contact us with requests for information, correction or deletion of your personal data.

3. Who is responsible for the processing of your data (“Controller”)

Parking Telecom Labs EOOD (“PT”) is a limited liability company established under the laws of Bulgaria, with its registered office at 80, Hristofor Columb Blvd., office building Astral Business Center, fl.5, office 5.1., 1592 Sofia, Bulgaria, registered with the Bulgarian Registry Agency’s Trade Register under UIC 203737877, represented by its managing directors.

PT is the controller responsible for processing of your data.

Collected personal data are treated according to the relevant European and Bulgarian legislation, as PT is a Bulgarian company, but at the same time we strive to apply our privacy policy in accordance with local law in the places where we operate.

If you have any questions about the processing of your personal data, you can send an e-mail to: customerservice@parkingtelecom.com

4. What personal data do we collect?

We collect two basic types of information – personal information and anonymous information – and we may use personal and anonymous information to create third type of information, aggregate information.

We collect the following categories of information:

If you are a Parker:

  • Registration information you provide when you create an account, for personalization of access to the system (registration): e-mail address, password and date of birth;
  • Account information: first and last name;
  • Transaction information you provide when you request information or purchase a service through our application: type of required service, paid price;
  • Processing of payments to PO information: plate/registration number of vehicle; duration of parking usage (check-in / check-out time); parking location; PO providing a parking service to you; parking card number.

If you are a Parking Owner/Operator (PO):

  • Registration information you provide when you create an account, for personalization of access to the system and accepting you as a participant in the marketplace: email address, personal address, your names, ID number/ID document; date of birth; telephone;
  • Bank account information you provide with regard to receiving fees for parking services you provide to the parkers: account number, IBAN, bank code, bank name, branch details, account currency, proof that this is your bank account;
  • Verification information that may be required from you with regard to specific requirements of the marketplace’s payment service provider (e.g., for anti-money laundering or combating the terrorism purposes): photo ID, e.g. passport;
  • Your parking related information: address/coordinates of your registered parking, declaration that you own or otherwise have the right to offer the parking at the marketplace;
  • Transaction information: payments received for provision of parking services by you;
  • If the PO is a legal entity, we shall be collecting some data about the legal representative / directors; and also about the shareholders (ultimate beneficial owners) of the legal entity, during the registration of the PO legal entity as a participant in the marketplace. You hereby represent and warrant that the individuals whose personal data you will be providing to us have given their consent to such disclosure of their personal data and that you have been granted the right to transfer such personal data to us.

We collect also other, general information, irrespective of your capacity:

  • Information you provide in public forums on our sites and applications like review or comments; as well as information you provide to us when you use our applications on third-party sites or platforms such as social networking sites, or link your profile on a third-party site or platform with your registration account;
  • Information which you voluntarily provide to us when you ask us a question, or express your desire to receive news from us, or perform any other similar communication with us;
  • Information you voluntarily provide to another participant in the marketplace via our communication channel;
  • Location information when you visit our sites or use our applications, including location information either provided by a mobile device interacting with one of our sites or applications (including through beacon technologies), or associated with your IP address, where we are permitted by law to process this information;
  • Usage, viewing and technical data, including your device identifier or IP address, when you visit our sites, use our applications on third-party sites or platforms or open emails we send.

For some of the data you will be notified at the moment we ask for it whether it is mandatory or not. For example, when you create your account you will be notified that providing a valid email address is required in order to proceed.

For other data we collect or are able to collect automatically, we will notify you of your option to choose whether to provide the information or not; or whether to allow us to collect the information or not. For example, location information is data you may choose to allow us access or not entirely at your discretion.

If you have allowed us to collect certain data, you can at any time change your preferences and disallow us to collect such information.

As a general rule, you are not required to provide the personal information that we have requested, but, if you chose not to do so, in many cases we will not be able to provide you with our services or respond to any queries you may have.

You may provide the information by typing it in the required fields, or by uploading it, as prompted.

Cookies

In order to provide you the PT Services, your ability to access and use the PT Services you have requested, to administer the site, to analyze the effectiveness of our platform, marketplace, sites, application and the PT Services, to remember your personal preferences and in verifying the identity of users engaged in on-line transactions, we may use the so-called “cookies” or other devices as a legitimate tool to facilitate the provision of information society services.

The general term “cookies” shall be used for all types of devices and technologies such as pixel tags or web beacons, or small text files stored on your computer or mobile device (“terminal equipment”) when you visit a website. They allow the website to remember your actions or preferences for a definite period of time.

You will be made aware that cookies are about to be placed on the terminal equipment you are using and you will have the opportunity to refuse to have a cookie stored, if required by applicable legislation. Information and the right to refuse may be offered once for the use of different devices/technologies to be installed on your terminal equipment during the same connection and also covering any further use that may be made during subsequent connections. You will be entitled at any time to opt out and disable cookies through your terminal equipment preferences.

As is true of most internet services, we gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data. The categories of automatically collected data include:

  • user‑inputcookies (session-ID) such as first‑party cookies to keep track of your input when filling online forms for example, for the duration of the session or limited to a few hours in some cases,
  • authenticationcookies, to identify the user once you have logged in, for the duration of the session,
  • user‑centric securitycookies, used to detect authentication abuses, for a limited persistent duration,
  • multimedia content playercookies, used to store technical data to play back video or audio content, for the duration of the session,
  • load‑balancingcookies, for the duration of the session,
  • user‑interface customizationcookies such as language or font preferences, for the duration of the session (or slightly longer),
  • third‑party social plug‑in content‑sharingcookies, for logged‑in members of a social network.

Bear in mind that third parties may independently place their cookies on your terminal equipment if their services are used while using the PT Services, such as social media, maps, etc. and we shall not be responsible for the cookies they use. Any third party cookie usage is governed by the privacy policy of the third party placing the cookie.

Location data

Use of your location data (the indication of the geographical position of the terminal equipment you are using) for providing you with traffic information, navigation advice or other similar services, shall always depend on your consent. Even in case where you have given your consent, you will have the possibility to temporarily deny the processing of location data, free of charge.

We will use your location data to the extent and for the duration necessary to provide you with the service and will not store it or use it for other purposes. If, while on PT platform, you link to another provider of navigation or map services, you will be bound by such provider’s privacy rules. We shall bear no responsibility for the way other providers collect or use your personal data, including your location data.

No automated decision-making, including profiling

PT does not perform automated decision-making, including profiling.

5. To whom are your data disclosed?

Your collected data will be treated confidentially and used only by PT and its contractors responsible for the:

– provision of parking services – certain data such as parking address, booking information, check-in / check-out information; payment information; parking card information; car plate/registration number shall be disclosed to the PO/parker, as the case may be. We shall not disclose your email address or telephone to the other participant, unless you require us to do so. You will however, be able to connect with a PO (whose parking you, as a parker, have booked or pre-paid) or with a parker (who has booked or pre-paid for using your listed parking), as the case may be, in order to facilitate your direct communication, and if both parties are willing to have such a direct interaction. Such connection shall be effected via our communication channel (chat, push notifications or similar) and you will be able to share with the other participant information entirely upon your discretion.

– provision of payment services transactions – the amounts due and the PO to whom payment is due (in case you are a parker); – your bank account details, some of your personal details (for verification purposes and for performing the payment transactions, in case you are a PO);

– provision of other, related services;

– data processors.

PT may, as a controller, carry out data processing through contractors (data processors) who will process your data on behalf of PT. For example, such processors may provide help desk services; information processing; providing customer service or answering your enquiries.

The data processors shall have sufficient technical security measures and organizational measures governing the processing to be carried out, and shall ensure compliance with those measures.

The carrying out of processing by way of a data processor shall be governed by a contract binding the processor to the controller (PT) and stipulating in particular that:

– the processor shall act only on instructions from the controller (PT),

– the processor must implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and against all other unlawful forms of processing; and ensuring a level of security appropriate to the risks represented by the processing and the nature of the data to be protected.

Such external contractors shall be bound to comply with the applicable legislation on the protection of personal data and the processing thereof.

In any case we shall use standard contract clauses approved by the European Commission, adopt other means under European Union law for ensuring adequate safeguards, or obtain your consent.

PT will not share personal data with third parties for direct marketing or for other third parties’ marketing purposes.

Others

It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities for issues of public importance (for example, national security) within or outside your country of residence − for PT to disclose your personal information. Sharing your personal data shall be done only in strict compliance with the applicable legislation.

We may also disclose your personal data to third parties for the purpose described in this Policy:

– payment service providers to process the payments you facilitate with our application (banks, acquirers or financial institutions responsible for performing the payment, such as your bank (the bank issuer of your card), the PO bank, the payment processor);

– third parties, such as law firms or courts, in order to enforce or apply any contract with you;

– government authorities or enforcement bodies such as the police and regulatory authorities, upon their request and only as required by the applicable law or to protect our rights or the safety of our customers, staff and assets.

In all cases of transfer of your data we protect your personal information during transit using encryption.

Please remember that when you post on a forum, chat room, or social networking service, the personal information and content you share is visible to other users and can be read, collected, or used by them. You are responsible for the personal information you choose to share or submit in these instances. For example, if you list your name and email address in a forum posting, that information is public. Please take care when using these features.

Please keep in mind that when you provide information to us on a third-party site or platform (for example, via our applications), the information you provide may be separately collected by the third-party site or platform. The information we collect is covered by this privacy policy and the information the third-party site or platform collects is subject to the third-party site or platform’s privacy practices. Privacy choices you have made on the third-party site or platform will not apply to our use of the information we have collected directly through our applications.

Some information related to the parking services will be:

– visible by anyone – this applies to information you, as a PO, publish about your parking (address, coordinates, name of the parking, other information about the parking you want to share with the public) – please take care that such publicly available information does not contain any personal data about you that you wish to keep in privacy;

– visible by the parker or PO with whom you interact, incl. when they are third country nationals or residents (such as booking information, check-in / check-out information; payment information; parking card information; car plate/registration number);

and we shall be disclosing this information in performance of our contractual services to you.

6. How can you access your data, check their accuracy, and ask for their correction or deletion?

You are allowed to keep your personal information accurate, complete and up-to-date.

You have the right to request a copy of your personal details at any time, at reasonable intervals, to check the accuracy of the information held and/or to correct or update this information.

Upon request, we will provide you information whether we process your personal data, what categories of personal data we process, for what purposes, the categories of recipients to whom your data has been or will be disclosed, the envisaged duration of storage and other information under applicable legislation, i.e. we will provide you the right of access.

You may also ask your personal information to be deleted completely. In this case you will not be able to use the PT platform, marketplace, application or the PT Services.

In case you have a data portability request concerning data provided by you which is processed with automated means, we will review the request’s technical feasibility, and will address it, if technically feasible.

You have the right to deny use of your personal data for purposes of direct marketing at any time.

You can at any moment unsubscribe from mailings, by sending a notification to us by using the link in the mailings.

To protect your privacy and security, we will take reasonable steps to help us verify your identity before granting access or making corrections or deletions.

Please contact this email address for all enquiries regarding access to your data, their correction or deletion: customerservice@parkingtelecom.com

7. What do we do to avoid misuse or unauthorized access? How long is your data kept?

PT has put in place, and regularly reviews and updates, appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information collected for PT Services use.

The security, integrity and confidentiality of your information are extremely important to us. We have implemented technical, administrative and physical security measures that are designed to protect your information from unauthorized access, disclosure, use and modification. From time to time, we review our security procedures to consider appropriate new technology and methods. Please be aware though that, despite our best efforts, no security measures are perfect or impenetrable.

Our platform, marketplace, sites and applications may contain links to other sites not owned or controlled by us and we are not responsible for the privacy practices of those sites. We encourage you to be aware when you leave our platform, marketplace, sites or applications and to read the privacy policies of other sites that may collect your personal information.

Storage limitations

We will retain your personal information for the length of time needed to fulfil the purposes outlined in this privacy policy unless a longer retention period is required or permitted by law.

As storage is influenced by the principle to keep your data for the minimum period needed, different storage limitations apply to the different categories of data we process. Thus,

– data, related to your registration, is kept until the relationship between us is in force, because we should be aware at any moment who are the persons with whom we are in a contractual relationship (however, as we do not keep data for longer periods unless this is necessary, some data collected during registration is deleted immediately after the relevant check is done – for example, upon verification of the data submitted by a PO with the data in his ID document, the copy of the ID document is deleted;

– the data published by POs with regard to their parking facility, are kept until the parking facility is admitted on the market place, where the change and deletion of these data is entirely at the participant’s discretion; we are entitled solely to delete such data upon violation of the Terms of Use on behalf of the participant;

– the following specifics shall apply as to transactions related data:

the data, kept into your account, shall be stored therein, until the respective account is maintained, so that you have access and information about your transactions history;

PT does not alter or delete these data at its discretion, except in the case of termination of the relationship with you;

the data which is related to payments to POs, commission fees received from the POs, and other made with the facilitation of a payment service provider, shall be kept within terms, required under applicable legislation (related to obligations for booking and reporting) or under the terms and rules of the payment service provider, such obligations are usually in the range between 2 and 5 years, unless the applicable legislation establishes longer periods;

– automatically collected data shall be deleted immediately after its collection and use.

8. What are the contact points for questions or complaints?

If you wish to access, delete (in some cases) or correct your personal information please contact: customerservice@parkingtelecom.com

If you have a comment or question about this privacy policy, please contact: customerservice@parkingtelecom.com

If you have a complaint about the way we process your personal data, please contact us and we will do our best to resolve the issue.

In any case, under the applicable legislation, if you consider that the processing of personal data relating to you infringes the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to processing of personal data and on the free movement of such data) you have the right to lodge a complaint with the supervisory authority in the State of your habitual residence, place of work or place of the alleged infringement. The supervisory authority that is responsible for monitoring the application of the General Data Protection Regulation in Bulgaria (PT is established in Bulgaria), in order to protect the fundamental rights and freedoms of natural persons in relation to processing their personal data is the Commission for Personal Data Protection, with contact details as follows: address: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, web-site: www.cpdp.bg.

Legal basis for processing your data

The main legal basis for the processing of your personal data is for entering into a contract between you and us and for performance of this contract to which you are a party.

For some of the data (i.e., invoices we send to you) the legal basis, apart from performing under our contract, is a legal obligation we have (i.e. accounting, tax, reporting obligations).

For other pieces of data (i.e., cookies which require consent) the legal basis is your consent which you are entitled to withdraw at any moment. In case you withdraw your consent, please note that the lawfulness of any processing done before that shall not be affected.

9. Final remarks

All terms used shall have the same meaning as defined in the respective Terms of Use, inseparable part of which is the present Privacy Statement.

From time to time, we may change this privacy policy to accommodate new technologies, industry practices, regulatory requirements or for other purposes. We will provide notice to you if these changes are material and, where required by applicable law, we will obtain your consent.