Privacy
Introduction
1. What is the scope of this general privacy notice?
A. What does “personal data” and “processing” mean, who is the “Data Controller”, and who is the “Data Protection Officer” (DPO)?
B. Who is affected?
C. What data are covered by this notice?
2. When is your personal data collected?
3. On what bases and for what purposes are your data processed?
4. How do we protect your data?
5. Who has access to your data and who are they shared with?
A. Recipients likely to receive your personal data
B. Data Processors on behalf of Interparking
a) General information
b) Types of Data Processors
6. Are your data processed outside the European Union?
7. What are your rights and how can you exercise them?
A. Right of access
B. Right of rectification
C. Right of erasure (“right to oblivion”)
D. Right of restricting processing
E. Right of portability
F. Right of opposition
a) In general
b) As part of direct marketing
G. Withdrawal of consent
H. Who to contact?
8. For how long do we store your data?
9. Your use of our websites and mobile apps
10. How to keep up to date with changes to this general privacy notice?
Introduction
Interparking SA, companies part of the Interparking Group and its affiliates (hereinafter collectively referred to as “Interparking“) make every effort to protect your privacy. We strive to protect and process your personal data in full compliance with legislation regarding the protection of personal data, in complete transparency.
The goal of this general privacy notice is to provide comprehensive information about the topic. It explains how we collect, use and store your personal data. We use it to inform you about the emphasis we place on the security of your data and to specify how you can contact us about our personal data protection measures. Please take the time to read this general privacy notice and familiarise yourself with our practices in this regard.
Our confidentiality measures may differ from one country to another to reflect local practices and requirements. This notice relates to data processing performed by the French company Interparking.
1. What is the scope of this general privacy notice?
A. What does “personal data” and “processing” mean, who is the “Data Controller”, and who is the “Data Protection Officer” (DPO)?
Personal data means any information about an identified or identifiable natural person. For example, it could be the name of a person, a photograph, a telephone number, a code or an email address.
Processing involves any operation performed on personal data. Among others, processing covers all aspects linked to the collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of this data.
Interparking, with its head office at 30 rue de Gramont, 75 002 Paris, is the Data Controller of your personal data in its possession. This means that we set the aims and methods of processing personal data and that we are the point of contact for both you and the supervisory authorities if any questions arise relating to the use of these data.
We have appointed a Data Protection Officer (DPO) who is a unique point of contact within our company and whose contact details are the following:
Interparking France
Data Protection Officer
30 rue de Gramont
75 002 Paris
[email protected]
B. Who is affected?
Onze algemene privacyverklaring betreft alle personen van wie de gegevens worden verwerkt door Interparking in het kader van de diensten dieOur general privacy notice applies to all natural persons whose data are processed by Interparking as part of the services it provides. As such, the “data subjects” are the customers and users of Interparking’s services and/or website.
C. What data are covered by this notice?
Data in this category are your personal data, i.e. data that makes it possible to identify you, either directly (data such as your last and first names, which makes it possible to identify you immediately) or indirectly (data such as your car’s licence plate number or the number of a card that belongs to you, which helps identify you indirectly).
During our interactions with you, we may collect different personal data depending on the products or services in question:
- (name, postal address or email, telephone number, licence plate, etc.) are collected to manage our subscriptions, car park access, online car park bookings and customer accounts, and for the purposes of organising marketing events such as competitions, etc.
- (personal status that gives right to a preferential rate, position of employee at a company, etc.) are requested, for example, when creating a customer account or managing subscriptions purchased by representatives of companies that conclude agreements with us.
- are recordedusing surveillance cameras and licence plate recognition cameras placed in our facilities,particularly to increase security when you use our car parks.
- (information on payments and bank account details) are requested for the purpose of managing payments for our products and services.
- (IP address, etc.) to our website are processed; to find out more, please read our Cookie Notice.
In some cases, data are sent to us by an external source. This is the case when employers subscribe to products or services that they offer their staff.
2. When is your personal data collected?
Some of your data may be collected by Interparking in the following situations, among others:
- when you become a customer by sending us the subscription form or opening an account;
- when you subscribe to our products or services online or using our mobile app;
- when you fill in the forms and agreements that we send you;
- when you use our services and products;
- when you sign up to our newsletters or provide data as part of participating in a marketing event;
- when you contact us through the various channels made available to you;
- when your data is published or sent by authorised third parties (persons you have authorised, the Companies and Trade Register, etc.); or
- when you are filmed by one of our surveillance cameras or when your car is filmed by one of our licence plate recognition cameras installed in our car parks.
3. On what bases and for what purposes are your data processed?
We process your personal data for various purposes. In the case of all processing, only data relevant for the purpose in question are processed.
- when you have given your specific consent;
- to send you marketing communications regarding the companies in our Group or partner companies.
- as part of executing an agreement
- conclusion, management and execution of agreements that are part of the range of Interparking’s products and services;
- to comply with all legal and regulatory requirements we are subject to, including:
- tax or accounting requirements;
- for reasons in our legitimate interest, in which case we make every effort to maintain a proportionate balance between our legitimate interest and respecting your privacy:
- market research and promotion of our products and services;
- prevention of abuse and fraud;
- protection of the company’s assets;
- monitoring of the regularity of operations;
- surveillance and monitoring of our buildings and car parks;
- acknowledgement, exercise, defence and preservation of our rights or those of individuals we may represent, for example during disputes;
- search for evidence that will help manage complaints (e.g. location of a missing vehicle);
4. How do we protect your data?
Only individuals who require it to perform their tasks are authorised access to your personal data. They are bound by strict professional discretion and must comply with all the technical and organisational requirements in place to ensure the confidentiality of personal data.
We have introduced technical measures and specialised teams who are responsible for protecting your personal data with highest priority. By doing so, we want to prevent unauthorised individuals from accessing, processing, modifying or destroying them.
Our websites may contain links to third-party websites (social media, organisers of events that we sponsor, etc.) for which the conditions of use fall outside the scope of this general privacy notice. As such, we recommend that you read their personal data protection notice carefully so that you are aware of how they respect your privacy.
5. Who has access to your data and who are they shared with?
A. Recipients likely to receive your personal data
Where required, your data may be shared with other companies involved in service provision, their representatives in Belgium, their employees abroad, your intermediary (employer, representative, etc.) or a Data Processor. We share your data with service providers only when doing so is necessary to provide services on our behalf or comply with legal requirements. We contractually require that these service providers protect the confidentiality and security of the personal information they process on your behalf (see also point B below).
We may share some personal information that we collect with companies part of the Interparking group or our affiliates in Europe in order to process transactions and other services you have used, in accordance with the terms and conditions of this privacy notice or in the manner specified at the time of data collection.
We do not sell the personal information that we collect about you and we only disclose it in cases described in this notice or in any other document that we send you when we collect the data. We share your data with third parties for marketing purposes only and with your prior express consent, which can be withdrawn at any moment.
We may also share your data with others if we are required to do contractually or by law, or if a legitimate interest justifies it (e.g. to defend our interests).
B. Data Processors on behalf of Interparking
a) General information
In the case of certain services, we work with specialised partners in France or abroad who act as Data Processors and are bound to us contractually.
Interparking ensures that these “Data Processors”:
- have access only to data that are necessary for the performance of their tasks and,
- undertake to process these data in a secure and confidential manner on the one hand, and to only use them for the performance of their tasks on the other hand.
b) Types of Data Processors
We call on certain specialised Data Processors, such as:
- intermediaries or partners we work with;
- providers of IT and other technical services;
- marketing agencies.
6. Are your data processed outside the European Union? verwerkt?
Our computer infrastructure is located in Europe.
We share personal data outside the EU territory only with one of our service providers located in the United States for our email services and we have put contractual guarantees in place to ensure that the latter adequately protects the data entrusted to it.
Moreover, please note that the use of email as a means of communication makes it impossible to rule out that data is transferred outside Europe (some addresses used are provided by companies located and operating outside this territory, mainly in the United States). We are unable to verify or guarantee that these companies comply with the principles of data protection. However, such communications are limited to what is necessary for executing agreements concluded with our customers. In the case of our points of contact who act on behalf of a legal entity, we consider that when they provide us with such an email address for contacting them, they automatically agree to this transfer when it is inherent to its use.
7. What are your rights and how can you exercise them?
A. Right of access
You have the right to access your data. You can ask:
- whether we process your personal data or not;
- for what purposes we process your personal data;
- what categories of data are processed;
- what category of recipients personal data are shared with;
- how long personal data are stored;
- information on the rights you can exercise (rectification, erasure, etc.) or the possibility to file a complaint with the Data Protection Authority;
- the origin of the data processed.
B. Right of rectification
If you realise that your data are inaccurate or incomplete, you can request that they be rectified.
C. Right of erasure (“right to oblivion”)
In certain clearly defined cases, legislation allows you to have your personal data erased.
Among others, this is the case if:
- the data are no longer necessary for the purposes for which they were collected;
- the processing of your data is based exclusively on your consent and you decide to withdraw it;
- you have opposed the processing of your data and none of our legitimate interests override yours.
However, your right to oblivion is not absolute. We have the right to continue to store your data when it is necessary to do so, among others:
- to comply with a legal requirement;
- if it is necessary for the establishment, exercise or defence of legal claims.
D. Right of restricting processing
In certain clearly defined cases, you can request that the processing of your personal data be restricted.
Among others, this is the case if:
- you contest the accuracy of a piece of personal data until we are able to verify this;
- although your data may no longer be necessary for the purposes of the processing, you need your personal data for the establishment, exercise or defence of legal claims.
Restricting of processing will end in the following circumstances:
- you give your consent to it;
- processing your data is necessary for the establishment, exercise or defence of legal claims;
- processing is necessary to protect the rights of another natural or legal person;
- processing is necessary for reasons of public interest.
E. Right of portability
In certain cases provided for by regulations, you have the right to request that the personal data you provided:
- are sent to you in a structured format that is commonly used and machine-readable;
- or are sent directly by Interparking to a different Data Controller, provided that this is technically possible.
In light of the processing carried out by Interparking, this is only possible in the case of processing for which Interparking sought your consent or based on the execution of an agreement concluded with you.
F. Right of opposition
a) In general
When the processing of your personal data is based on a legitimate or general interest on our part, you have the right to oppose it at any moment for reasons relating to your particular situation.
However, your request will not be granted if we deem that our legitimate interests override yours or if the processing of your data is necessary for the establishment, exercise or defence of legal claims.
b) As part of direct marketingirect marketing
Interparking believes that is has a legitimate interest to promote its goods and services and, as such, it offers the option of receiving marketing communications (such as promotional offers).
When you conclude agreements with Interparking, you can oppose receiving such communications from Interparking by ticking the relevant box (opt-out).
If you no longer with to receive marketing communications designed to promote our activities, you can, at any time, unsubscribe or oppose the treatment of your personal data by or at the request of Interparking and no exceptions can be made by Interparking.
G. Withdrawal of consent
When data processing by Interparking is based on your consent, you may withdraw it at any time. This withdrawal will not question the legality of the processing of your personal data carried out before you withdrew your consent.
This is the case when you have explicitly agreed, by ticking the relevant box (opt-in), to receive offers or communications by email about a range of products or services offered by companies that are part of the Interparking group as well as intermediaries or partners you have contacted.
In such cases, Interparking may be unable to carry out the purpose of the processing and/or respond to your request for intervention.
H. Who to contact?
You can contact our Data Protection Officer at the address below by sending a dated and signed request together with a copy of an identity document so that the DPO can verify your identity. Please note, however, that using email guarantees that your request will be processed as soon as possible.
Interparking
Data
Protection Officer
30 rue de Gramont
75 002 Paris
[email protected]
If you believe that the processing of your personal data violates data protection legislation, you can also file a complaint with the Data Protection Authority.
8. For how long do we store your data?
Data processed are stored for the entire duration of the agreement, the legal limitation period, and any other storage time required by applicable laws and regulations.
9. Your use of our websites and mobile apps
If you visit one of our websites, we use the browsing data generated as part of this visit through the use of cookies. To find out more, please read our General Terms and Condition of Use of the Website and our Cookie notice, which are available on our website.
10. How to keep up to date with changes to this general privacy notice?
In a rapidly changing world in which technologies are always evolving, this general privacy notice may be subject to modifications. Please read the most up-to-date version of this declaration online. We will inform you of any changes via the website or through the other usual channels of communication.