Privacy Policy

Last updated: April 2026

1. What data we collect

When drivers use a ParkingDone-powered app, we collect:

• Name and email address
• Vehicle registration plates
• Parking session data (entry/exit times, facility, duration)
• Payment transaction records (amount, method, timestamp)
• Device push notification tokens

We collect only what is necessary to deliver the service.

2. How we use it

Session data is used to detect parking, send notifications, calculate fees, and process payments. Payment data is handled by the operator's chosen payment provider — we do not store card details. Email addresses are used for receipts, support communications, and account management only.

We do not sell personal data to third parties.

3. Data storage & security

Data is stored securely on cloud infrastructure within the European Union. We apply:

• Encryption at rest and in transit (TLS 1.2+)
• Role-based access control for admin users
• Firestore security rules restricting data access by user
• API key authentication for all external integrations

Data is retained for 3 years for accounting and dispute resolution purposes, after which it is automatically deleted.

4. ANPR & camera data

When parking operators use ANPR (Automatic Number Plate Recognition) cameras integrated with ParkingDone:

• Plate images may be stored on the operator's own servers — ParkingDone only stores a reference URL
• Plate text is used solely for matching parking sessions and enforcement
• ANPR data is not shared with third parties beyond the operating facility

5. Your rights

Under GDPR, you have the right to:

• Access — request a copy of your personal data
• Rectification — correct inaccurate data
• Erasure — request deletion of your data
• Portability — receive your data in a machine-readable format
• Restriction — limit how your data is processed

To exercise these rights, use the "Privacy & Data" section in the app, or contact us at sales@parkingdone.com. Requests are fulfilled within 30 days.

6. Cookies & analytics

The ParkingDone website uses minimal analytics to understand page visits. No third-party tracking cookies are used. The mobile app does not use cookies.

7. Data Processing Agreement

Parking operators (data controllers) receive a Data Processing Agreement (DPA) as part of onboarding. The DPA covers scope of processing, security measures, sub-processor details, and breach notification procedures. Request a copy at sales@parkingdone.com.

8. Sub-processors

We use the following categories of sub-processors:

• Cloud infrastructure (hosting, database, authentication)
• Payment processing (via operator's chosen provider)
• Email delivery (transactional emails and support replies)
• Push notification delivery

All sub-processors are GDPR-compliant and covered by Standard Contractual Clauses where applicable.

9. Changes to this policy

We may update this policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of the service after changes constitutes acceptance.

10. Contact

ParkingDone
Email: sales@parkingdone.com
Web: parkingdone.com