Privacy Policy Parkos
This privacy policy applies to the processing of personal data as a data controller in the sense of the General Data Protection Regulation ("GDPR") by Parkos B.V. (Chamber of Commerce number: 02095013), located at Boumaboulevard 77, 9723 ZS Groningen, hereinafter referred to as "Parkos". This privacy policy applies to the processing of personal data of:
- Website visitors
- Customers
- Applicants
- Suppliers
Parkos values the protection of your privacy. Therefore, Parkos has drafted this privacy policy. The purpose of this privacy policy is to be transparent about how Parkos collects, uses, and protects your personal data in accordance with Articles 13 and 14 GDPR.
What is personal data?
Under the GDPR, personal data refers to any information about an identified or identifiable natural person. This means that information either directly refers to someone or can be traced back to that person.
For what purposes do we process personal data?
We only process your personal data for specific, explicitly defined, and legitimate purposes. Below you will find more information per category of data subjects about the different purposes.
WEBSITE VISITORS
For answering your questions when you contact us, for example, through the contact form on the website
What does this purpose entail?
Our website provides our contact details and includes web forms. This allows you to contact us. When you contact us and/or fill out a web form, we process the personal data you provide to contact you and answer your question. The legal basis for this processing lies in our legitimate interest in contacting you in response to your inquiry (Article 6(1)(f) GDPR).
What personal data do we process for this purpose?
We only process the personal data you provide to us, for example, through a web form, chatbot, email, or phone contact. This may include: name, contact details, and information you provide to us during the contact.
For analysis and development of our website, products, and services (through functional and analytical cookies)
What does this purpose entail?
We also process personal data you indirectly provide to us. Our website uses cookies for functional, analytical, and marketing purposes. Functional cookies are necessary for the use of the website. The legal basis for analytical and marketing cookies is consent, which you give by agreeing to our cookie terms in the cookie banner on the website (Article 6(1)(a) GDPR) or, in the case of functional cookies, our legitimate interest in having a well-functioning and secure website (Article 6(1)(f) GDPR).
For more information about the cookies we use and the data we process, see our cookie statement.
What personal data do we process for this purpose?
We process your location data, IP address or app IDs, internet browser and device type, and website language.
CUSTOMERS
For performing our services/contract (daily business operations)
What does this purpose entail?
For the execution of our services, including sharing data with partners (parking service providers and insurers), making a reservation, financial administration (such as invoicing, calculating, and recording fees and expenses, making payments, collecting claims, and paying our invoices), we process customer personal data. This allows us to efficiently and effectively provide our services, maintain contact with you, and send service messages about your reservation.
The processing of personal data for this purpose is necessary for entering into or executing an agreement with you (Article 6(1)(b) GDPR), our legitimate interest in efficiently and effectively performing our services (Article 6(1)(f) GDPR), and compliance with our statutory administrative obligations (Article 6(1)(c) GDPR).
What personal data do we process for this purpose?
We process your name, phone number, Chamber of Commerce number (if applicable for business users), flight number, departure and arrival times, airport, email address, address details, account and VAT numbers, and other relevant information provided during the execution of the agreement. We also process the license plate number, car make/model, reason for the trip (business or private), whether a discount code was used (e.g., via Tell A Friend), and the current status of your parking credits, if applicable.
For publishing a review
What does this purpose entail?
Customer feedback is very important to us. Therefore, we may ask you to share your opinion about our service through a review. To inform potential customers, we may also publish these reviews. The legal basis for this processing is our legitimate interest in receiving and publishing customer reviews (Article 6(1)(f) GDPR).
What personal data do we process for this purpose?
We process your name (optional), the date, and the service used (airport, parking lot, and additional services), and the domain of the website from which you booked.
For communication purposes, including customer service
What does this purpose entail?
Our website provides our contact details and includes web forms. This allows you to contact us. When you contact us and/or fill out a web form, we process the personal data you provide to contact you and answer your question.
In addition, contact during our service provision may be necessary in other areas, for example, to handle questions about our agreement. The legal basis for this processing lies in our legitimate interest in contacting you in response to your inquiry (Article 6(1)(f) GDPR).
What personal data do we process for this purpose?
We process your name, phone number, email address, reservation number (and other reservation details), and other relevant information you provide during the contact.
Marketing
What does this purpose entail?
We may use your personal data for Parkos marketing activities. For example, we may send you our newsletter, or e-mails/text messages with upsell packages with options for discounts from partners providing additional services. Following a reservation, we may also send you an e-mail with any additional services from the parking partner chosen.
OPT-OUT: You can opt out of our marketing activities at any time by using the opt-out at the end of the ordering process, namely by means of the opt-out at the bottom of your reservation confirmation (you will then not receive any marketing e-mails from us at any time). You can also use the opt-out at the bottom of our other (marketing) e-mails. You will still receive service messages about your reservation after using the opt-out.
Our customers' experiences are also very important to us. Therefore, we may ask you to share your opinion about our service through a review, and may send you a reminder to do so. In case of a positive review, we may ask you to share your review via Trust Pilot or Google.
The legal basis for this processing is our legitimate interest to carry out marketing activities (Article 6(1)(f) GDPR).
What personal data do we process for this purpose?
We process your email address, name, phone number, and reservation history (airport and parking, reservation code, number of reservations, reservation date).
For analytics to improve platform functionalities and identify trends (forecasting)
What does this purpose entail?
We strive to continuously improve our platform and services. Therefore, we process your personal data for analytical purposes to improve our platform and identify trends. The legal basis for this processing is our legitimate interest in improving our platform and identifying trends (for our forecasting) through analytics to optimize our business operations (Article 6(1)(a) GDPR).
What personal data do we process for this purpose?
We process your email address, customer ID, booking history, and booking code.
APPLICANTS
For a responsible, effective, and efficient recruitment and selection process
What does this purpose entail?
For recruiting and selecting new employees or contractors (freelancers who perform temporary work under a contract for services), we process personal data. This is done to assess whether the applicant or contractor is suitable for the available position.
These personal data are typically stored for up to two months after the vacancy closes. This allows us to respond to any questions you may have about the outcome of your application during this period.
The legal basis is our legitimate interest in an efficient execution of the recruitment and selection procedure and to be able to respond to applicants' questions about the outcome of their application (Article 6(1)(f) GDPR).
What personal data do we process for this purpose?
We process your contact details (such as name, address, email, and phone number), the personal data from your resume and cover letter, information from your LinkedIn profile (public data such as work experience and education), whether the applicant has a BSN number, if relevant a salary proposal, results of an assessment (intelligence and personality), in some cases data following up on references you provided, and notes from the interview.
Retaining your resume for future job opportunities
What does this purpose entail?
To contact you in the future if we find a suitable job vacancy, we process your personal data for an additional period of 12 months. The legal basis for this is your consent (Article 6(1)(f) GDPR).
What personal data do we process for this purpose?
We process your contact details (such as name, address, email, and phone number), the personal data from your resume and cover letter.
SUPPLIERS
For fulfilling agreements, such as orders and contracts (daily business operations)
What does this purpose entail?
To fulfill and complete our orders and contracts with you as a supplier, we process personal data of (employees of) our suppliers. These personal data help us provide you with the correct information, for example, for reservations. The legal basis for processing personal data for this purpose is the conclusion or execution of an agreement (Article 6(1)(b) GDPR).
What personal data do we process for this purpose?
We process your name, title, position, phone number, Chamber of Commerce number, employer, email address, address, account, and VAT numbers, and other relevant information provided during the execution of the agreement.
For communication purposes
What does this purpose entail?
To communicate with you as a supplier or partner, we process your personal data. This is done to ensure smooth communication with you. The processing of personal data for this purpose is based on Parkos' legitimate interest in communicating with you (Article 6(1)(f) GDPR).
What personal data do we process for this purpose?
We process your name, address, phone number, email, and possibly your position.
Your rights
You have the right to be well informed about what we do with your data and why we need your data. We provide this information through this privacy statement. In addition to the right to transparent information, you have the following rights:
- Right of access (if you want to know what personal data we collect about you);
- Right to rectification (we are happy to correct any personal data that is no longer correct);
- Right to be forgotten (in certain cases, you can ask us to delete your personal data);
- Right to restrict processing (in certain cases, you may ask us to restrict the processing of your personal data);
- Under certain conditions, the right to data portability (if you wish, we can transfer your personal data to another party or provide you with a copy of your personal data);
- Right to object (in certain cases, you may object to the use of your personal data).
If you want to exercise any of your rights, you can contact us by emailing support@parkos.com. To prevent abuse, we may ask you to adequately identify yourself before processing your request. There may be circumstances where we cannot or cannot fully comply with your request. If such a circumstance arises, we will inform you. We will always respond to your request within a month.
With whom do we share personal data?
Parkos does not sell or trade your personal data to third parties. Parkos may be legally obliged to provide certain personal data to third parties, such as government authorities. In addition, we may share your personal data with third parties to protect our own or others' rights.
Internally, only our employees have access to personal data as far as relevant to their work (on a need-to-know basis), and all our employees have a confidentiality clause in their employment contracts.
We also engage processors who process personal data on our behalf. We enter into processor agreements with them that comply with the GDPR requirements. For example, regarding reporting data breaches and taking appropriate technical and organizational measures. In addition, personal data may be shared with:
- A dispute resolution body and/or competent judicial authority. This may apply to personal data of clients and/or third parties.
- Potential new shareholders and their advisors.
- ICT service providers. When maintaining, managing, and supporting our systems and applications, they may have limited access to various personal data.
- Other service providers involved in our services, such as parking partners and insurers (Allianz if a cancellation insurance policy has been taken out). This may apply to clients and/or third parties.
- Bailiffs, lawyers, and administrators. We provide them with your name and contact details, financial data, and employment data. This may apply to customers and/or suppliers.
- Our insurers. We provide them with your name, contact details, and financial data.
How long do we retain your personal data?
We retain your personal data for as long as necessary for the purpose for which we use your personal data and/or for as long as we are legally required to retain the personal data. How long this is exactly varies, from a few months to many years, for example, because it is necessary for our accounting. The retention periods are specified per processing activity in our retention policy. We retain applicants' personal data for up to 2 months after the recruitment and selection process. With your consent, we retain your data for an additional 12 months for potential future job vacancies.
Consent
If we process your data based on your consent, you always have the right to withdraw your consent. You can easily do this by sending an email to support@parkos.com. In that case, if we have no other legal basis for the processing, we will no longer use your data for this purpose.
How do we protect your data?
Under Article 32 GDPR, we are required to take appropriate technical and organizational measures to prevent the loss of personal data or unlawful processing. Therefore, we have taken physical, administrative, organizational, and technical measures. We periodically evaluate the technical and organizational measures and adjust them if necessary. Our organization is designed to do everything possible to prevent data breaches. In the event of a data breach, we will act according to the data breach protocol.
Contact and complaints
If you have any questions about this privacy statement or wish to exercise your rights as a data subject, you can contact us via support@parkos.com.
If you have complaints about, for example, how we use your data or how we respond to privacy-related questions, you can submit a complaint to the Dutch Data Protection Authority.
Groningen, 23 October 2024